You are here
Home > Preporuke > Sigurnosni nedostaci jezgre operacijskog sustava

Sigurnosni nedostaci jezgre operacijskog sustava

==========================================================================
Ubuntu Security Notice USN-3335-1
June 20, 2017

linux, linux-meta vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
– linux: Linux kernel

Details:

It was discovered that the stack guard page for processes in the Linux
kernel was not sufficiently large enough to prevent overlapping with the
heap. An attacker could leverage this with another vulnerability to execute
arbitrary code and gain administrative privileges (CVE-2017-1000364)

It was discovered that a use-after-free vulnerability in the core voltage
regulator driver of the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
(CVE-2014-9940)

It was discovered that a buffer overflow existed in the trace subsystem in
the Linux kernel. A privileged local attacker could use this to execute
arbitrary code. (CVE-2017-0605)

Roee Hay discovered that the parallel port printer driver in the Linux
kernel did not properly bounds check passed arguments. A local attacker
with write access to the kernel command line arguments could use this to
execute arbitrary code. (CVE-2017-1000363)

Li Qiang discovered that an integer overflow vulnerability existed in the
Direct Rendering Manager (DRM) driver for VMWare devices in the Linux
kernel. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2017-7294)

A double free bug was discovered in the IPv4 stack of the Linux kernel. An
attacker could use this to cause a denial of service (system crash).
(CVE-2017-8890)

Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux
kernel’s IPv6 stack. A local attacker could cause a denial of service or
potentially other unspecified problems. (CVE-2017-9074)

Andrey Konovalov discovered a flaw in the handling of inheritance in the
Linux kernel’s IPv6 stack. A local user could exploit this issue to cause a
denial of service or possibly other unspecified problems. (CVE-2017-9075)

It was discovered that dccp v6 in the Linux kernel mishandled inheritance.
A local attacker could exploit this issue to cause a denial of service or
potentially other unspecified problems. (CVE-2017-9076)

It was discovered that the transmission control protocol (tcp) v6 in the
Linux kernel mishandled inheritance. A local attacker could exploit this
issue to cause a denial of service or potentially other unspecified
problems. (CVE-2017-9077)

It was discovered that the IPv6 stack was doing over write consistency
check after the data was actually overwritten. A local attacker could
exploit this flaw to cause a denial of service (system crash).
(CVE-2017-9242)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
linux-image-3.13.0-121-generic 3.13.0-121.170
linux-image-3.13.0-121-generic-lpae 3.13.0-121.170
linux-image-3.13.0-121-lowlatency 3.13.0-121.170
linux-image-3.13.0-121-powerpc-e500 3.13.0-121.170
linux-image-3.13.0-121-powerpc-e500mc 3.13.0-121.170
linux-image-3.13.0-121-powerpc-smp 3.13.0-121.170
linux-image-3.13.0-121-powerpc64-emb 3.13.0-121.170
linux-image-3.13.0-121-powerpc64-smp 3.13.0-121.170
linux-image-generic 3.13.0.121.131
linux-image-generic-lpae 3.13.0.121.131
linux-image-generic-lpae-lts-saucy 3.13.0.121.131
linux-image-generic-lpae-lts-trusty 3.13.0.121.131
linux-image-generic-lts-quantal 3.13.0.121.131
linux-image-generic-lts-raring 3.13.0.121.131
linux-image-generic-lts-saucy 3.13.0.121.131
linux-image-generic-lts-trusty 3.13.0.121.131
linux-image-generic-pae 3.13.0.121.131
linux-image-highbank 3.13.0.121.131
linux-image-lowlatency 3.13.0.121.131
linux-image-lowlatency-pae 3.13.0.121.131
linux-image-omap 3.13.0.121.131
linux-image-powerpc-e500 3.13.0.121.131
linux-image-powerpc-e500mc 3.13.0.121.131
linux-image-powerpc-smp 3.13.0.121.131
linux-image-powerpc64-emb 3.13.0.121.131
linux-image-powerpc64-smp 3.13.0.121.131
linux-image-virtual 3.13.0.121.131

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://www.ubuntu.com/usn/usn-3335-1
CVE-2014-9940, CVE-2017-0605, CVE-2017-1000363, CVE-2017-1000364,
CVE-2017-7294, CVE-2017-8890, CVE-2017-9074, CVE-2017-9075,
CVE-2017-9076, CVE-2017-9077, CVE-2017-9242

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.13.0-121.170

—–BEGIN PGP SIGNATURE—–

iQIcBAEBCgAGBQJZSKdpAAoJEAUvNnAY1cPYwEUQALGA2yw6yOK1CgtbTNo6tCGF
D+2bsuiFz7Qp/jICAVm6cDHcq1tyfDUOA1CQafLiJ9f637CmsuLZw0UhkHk/uT1R
tA/920+tIIDQ16VC9jHtA1zD5kBGBVfoq9WtdW+Oyea9Te8yxU7e7W98R7aWBEgR
sCfISWhYHGQ5+0FMD2hP4XJEkyJ4AutuCkN8rYZbidaeNk0s3wQzSo4K5LtvFcst
ErSU1dA2sB0PMa7ONJbMZe5wci7mCrXfZgUfsZwv4PHRXJbHzkDr/pQUCSgviAmS
gglmX0Si5HBOfkP/+BEqpTQGPYKbPKjxoXT97nai2nqSynBDAYGqOZRmE1MoinIH
ycicRI+bboA5iWP9gXW5v60rbEzmNF1a0H1Ufyjf6Qws1g79Yz21PcP2tJXSZw9R
JZXUlZQwuOyLpPE0bYEol/nTHAOHN2a2bk03WAk0CYp8zAOhzlYAE5QtPVXrW7N9
76Aiu4ienz7NrxR24Z9YnxMMnCO+eKrCvowzugksYlaxTrsGZFNeb6n8JVR+86UT
yjkdFTdEwvkYKgAEkOPg9C8yDvQASrmiWOeBOMtjRDTiqGHyVaIKGldx4J1tT8U9
w3JOUdCNVMAB4xAxmhcTh73m06OCAvaWHgxP/8nXUh5JYBKFMBwmCv87BjSDk4Fa
N4QTcJL4XHVBbfZuZPlx
=UuVU
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3333-1
June 20, 2017

linux-hwe, linux-meta-hwe vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
– linux-hwe: Linux hardware enablement (HWE) kernel

Details:

It was discovered that a use-after-free flaw existed in the filesystem
encryption subsystem in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash). (CVE-2017-7374)

It was discovered that the stack guard page for processes in the Linux
kernel was not sufficiently large enough to prevent overlapping with the
heap. An attacker could leverage this with another vulnerability to execute
arbitrary code and gain administrative privileges (CVE-2017-1000364)

Roee Hay discovered that the parallel port printer driver in the Linux
kernel did not properly bounds check passed arguments. A local attacker
with write access to the kernel command line arguments could use this to
execute arbitrary code. (CVE-2017-1000363)

Ingo Molnar discovered that the VideoCore DRM driver in the Linux kernel
did not return an error after detecting certain overflows. A local attacker
could exploit this issue to cause a denial of service (OOPS).
(CVE-2017-5577)

A double free bug was discovered in the IPv4 stack of the Linux kernel. An
attacker could use this to cause a denial of service (system crash).
(CVE-2017-8890)

Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux
kernel’s IPv6 stack. A local attacker could cause a denial of service or
potentially other unspecified problems. (CVE-2017-9074)

Andrey Konovalov discovered a flaw in the handling of inheritance in the
Linux kernel’s IPv6 stack. A local user could exploit this issue to cause a
denial of service or possibly other unspecified problems. (CVE-2017-9075)

It was discovered that dccp v6 in the Linux kernel mishandled inheritance.
A local attacker could exploit this issue to cause a denial of service or
potentially other unspecified problems. (CVE-2017-9076)

It was discovered that the transmission control protocol (tcp) v6 in the
Linux kernel mishandled inheritance. A local attacker could exploit this
issue to cause a denial of service or potentially other unspecified
problems. (CVE-2017-9077)

It was discovered that the IPv6 stack was doing over write consistency
check after the data was actually overwritten. A local attacker could
exploit this flaw to cause a denial of service (system crash).
(CVE-2017-9242)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
linux-image-4.8.0-56-generic 4.8.0-56.61~16.04.1
linux-image-4.8.0-56-generic-lpae 4.8.0-56.61~16.04.1
linux-image-4.8.0-56-lowlatency 4.8.0-56.61~16.04.1
linux-image-4.8.0-56-powerpc-e500mc 4.8.0-56.61~16.04.1
linux-image-4.8.0-56-powerpc-smp 4.8.0-56.61~16.04.1
linux-image-4.8.0-56-powerpc64-emb 4.8.0-56.61~16.04.1
linux-image-generic-hwe-16.04 4.8.0.56.27
linux-image-generic-lpae-hwe-16.04 4.8.0.56.27
linux-image-lowlatency-hwe-16.04 4.8.0.56.27
linux-image-virtual-hwe-16.04 4.8.0.56.27

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://www.ubuntu.com/usn/usn-3333-1
CVE-2017-1000363, CVE-2017-1000364, CVE-2017-5577, CVE-2017-7374,
CVE-2017-8890, CVE-2017-9074, CVE-2017-9075, CVE-2017-9076,
CVE-2017-9077, CVE-2017-9242

Package Information:
https://launchpad.net/ubuntu/+source/linux-hwe/4.8.0-56.61~16.04.1

—–BEGIN PGP SIGNATURE—–

iQIcBAEBCgAGBQJZSKc0AAoJEAUvNnAY1cPYA+AP/3kgYK/+ov8gXFan3ez5Sar/
8TWV8bNEBIL04hnNyFWVb+HwLc7GL+oAvzjurzC2qujRvBHsqphNzA+GyZjgtYno
FinxLfEeOe0kTwyjCJtRx07QJXbwkW9YK4NwwtH+g1/JS3mfYX/+D8nRsgdkV92L
XsXMl7qo4vPNA6hNIOSwxmJt1FRDd7VwoHExnODUs2qg4fS74trVrlue6JAS1abZ
GivEB8SjnRD+EmC4FiSqsLoew52aRAC5kjA7ohTNR19fqKDJEClrrnXxdNP5ANp2
RfVc8GldC9TdpiKGHBXthFbEFUTXIirekOxKw6ByRZrPQngFJjMwDyR2jB4XtrBc
7bdA1uorHTewdOQbx7yM2dxy1p2wE6Tbxf/FiwmRfxMR09CAicAK58nZlrmE/2MY
Nk1yHEB5Y/BgkdHJfUbvk069eZas0Z+aLWrDY7DBGXgEnwSSsZU4ETFljVfwX9hF
nsS8clGOusgZFLOiaL3XNLedCnJQIJ0npoowoBFK2NQUIMBFFWQwp0RyVbw7PTi/
gu/+nUF+pO3mpMYniSLowGWL4faizUCCIRajYAQI6BJ9MpZgTXGz2n5FwfUSuGbf
VXsUYgX/fDQoaWUjsT88Z1KHOocswO/PXlVp52jewhc+gpEzA0DFgFFhkJMzqNei
f552ptn/izmb23l4SIvT
=Xqpo
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3334-1
June 20, 2017

linux-lts-xenial, linux-meta-lts-xenial vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
– linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty

Details:

It was discovered that the stack guard page for processes in the Linux
kernel was not sufficiently large enough to prevent overlapping with the
heap. An attacker could leverage this with another vulnerability to execute
arbitrary code and gain administrative privileges (CVE-2017-1000364)

Roee Hay discovered that the parallel port printer driver in the Linux
kernel did not properly bounds check passed arguments. A local attacker
with write access to the kernel command line arguments could use this to
execute arbitrary code. (CVE-2017-1000363)

A reference count bug was discovered in the Linux kernel ipx protocol
stack. A local attacker could exploit this flaw to cause a denial of
service or possibly other unspecified problems. (CVE-2017-7487)

A double free bug was discovered in the IPv4 stack of the Linux kernel. An
attacker could use this to cause a denial of service (system crash).
(CVE-2017-8890)

Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux
kernel’s IPv6 stack. A local attacker could cause a denial of service or
potentially other unspecified problems. (CVE-2017-9074)

Andrey Konovalov discovered a flaw in the handling of inheritance in the
Linux kernel’s IPv6 stack. A local user could exploit this issue to cause a
denial of service or possibly other unspecified problems. (CVE-2017-9075)

It was discovered that dccp v6 in the Linux kernel mishandled inheritance.
A local attacker could exploit this issue to cause a denial of service or
potentially other unspecified problems. (CVE-2017-9076)

It was discovered that the transmission control protocol (tcp) v6 in the
Linux kernel mishandled inheritance. A local attacker could exploit this
issue to cause a denial of service or potentially other unspecified
problems. (CVE-2017-9077)

It was discovered that the IPv6 stack was doing over write consistency
check after the data was actually overwritten. A local attacker could
exploit this flaw to cause a denial of service (system crash).
(CVE-2017-9242)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
linux-image-4.4.0-81-generic 4.4.0-81.104~14.04.1
linux-image-4.4.0-81-generic-lpae 4.4.0-81.104~14.04.1
linux-image-4.4.0-81-lowlatency 4.4.0-81.104~14.04.1
linux-image-4.4.0-81-powerpc-e500mc 4.4.0-81.104~14.04.1
linux-image-4.4.0-81-powerpc-smp 4.4.0-81.104~14.04.1
linux-image-4.4.0-81-powerpc64-emb 4.4.0-81.104~14.04.1
linux-image-4.4.0-81-powerpc64-smp 4.4.0-81.104~14.04.1
linux-image-generic-lpae-lts-xenial 4.4.0.81.66
linux-image-generic-lts-xenial 4.4.0.81.66
linux-image-lowlatency-lts-xenial 4.4.0.81.66
linux-image-powerpc-e500mc-lts-xenial 4.4.0.81.66
linux-image-powerpc-smp-lts-xenial 4.4.0.81.66
linux-image-powerpc64-emb-lts-xenial 4.4.0.81.66
linux-image-powerpc64-smp-lts-xenial 4.4.0.81.66
linux-image-virtual-lts-xenial 4.4.0.81.66

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://www.ubuntu.com/usn/usn-3334-1
CVE-2017-1000363, CVE-2017-1000364, CVE-2017-7487, CVE-2017-8890,
CVE-2017-9074, CVE-2017-9075, CVE-2017-9076, CVE-2017-9077,
CVE-2017-9242

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-81.104~14.04.1

—–BEGIN PGP SIGNATURE—–

iQIcBAEBCgAGBQJZSKdQAAoJEAUvNnAY1cPYqXUP/1erFe/2oirnJzgnUktJKtoQ
lXSRmaGiJzmr+xjLfi60i5mI/PCV9HCY+pu7WPUY4yPWKaTBnZrN/qvM6C/o0qkG
toJo66BclKL73gleC9/TBU9JnDKoduKhXvzmReVXPyCU1+HzdWoAcSTXdUpLOxAU
qYyUtUlvYxll62lq97+JfS5lXbu7TTUBRyGGEiirNNDbPGAgzCTmJVauUV9uvxVF
lrdSNW1BnQHMR/7IwVFkWRQCKPxsjaqO+gpJzoRSSHV9MY16eKMunNsZIz72FBsn
34orCkHHQW+LnYNlGZiAEB1eznplD3zNd+rKw4g/EhEr5s11iiqn5Kh91elR8lxK
ork2yh6yiphQ2qGvnWKeHJuHEZDEl88coOFsxb9RK6U039xtsL+EC3klN/UixAgG
cF0OJsNfEEo7D1j1Rmqn9qgB0LVfn98PxarkrV71TYe7w0aq0vFqvutfGIPwgb4i
snlpyp32bckzpvTHE29cI+h/jIrStODpX5wyun5xkISXqANVl33c5WRJMK+J/nq1
Dq5cbThgnzsR8pJgNzI34F71+4w7rSukHMa4OikQ+IORPX4bt8vgOTbAEpa0ARFi
bDZrmbQ7NUsX1GLc4trtEHoElJOdqy1KX1ohqa5yvYDPNCahaCAKlp65yNXxq6Jd
dJazXc6tCwDCOT5ZEv63
=nBlO
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3331-1
June 19, 2017

linux-aws, linux-meta-aws vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
– linux-aws: Linux kernel for Amazon Web Services (AWS) systems

Details:

It was discovered that the stack guard page for processes in the Linux
kernel was not sufficiently large enough to prevent overlapping with the
heap. An attacker could leverage this with another vulnerability to execute
arbitrary code and gain administrative privileges (CVE-2017-1000364)

Roee Hay discovered that the parallel port printer driver in the Linux
kernel did not properly bounds check passed arguments. A local attacker
with write access to the kernel command line arguments could use this to
execute arbitrary code. (CVE-2017-1000363)

A reference count bug was discovered in the Linux kernel ipx protocol
stack. A local attacker could exploit this flaw to cause a denial of
service or possibly other unspecified problems. (CVE-2017-7487)

A double free bug was discovered in the IPv4 stack of the Linux kernel. An
attacker could use this to cause a denial of service (system crash).
(CVE-2017-8890)

Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux
kernel’s IPv6 stack. A local attacker could cause a denial of service or
potentially other unspecified problems. (CVE-2017-9074)

Andrey Konovalov discovered a flaw in the handling of inheritance in the
Linux kernel’s IPv6 stack. A local user could exploit this issue to cause a
denial of service or possibly other unspecified problems. (CVE-2017-9075)

It was discovered that dccp v6 in the Linux kernel mishandled inheritance.
A local attacker could exploit this issue to cause a denial of service or
potentially other unspecified problems. (CVE-2017-9076)

It was discovered that the transmission control protocol (tcp) v6 in the
Linux kernel mishandled inheritance. A local attacker could exploit this
issue to cause a denial of service or potentially other unspecified
problems. (CVE-2017-9077)

It was discovered that the IPv6 stack was doing over write consistency
check after the data was actually overwritten. A local attacker could
exploit this flaw to cause a denial of service (system crash).
(CVE-2017-9242)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
linux-image-4.4.0-1020-aws 4.4.0-1020.29

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://www.ubuntu.com/usn/usn-3331-1
CVE-2017-1000363, CVE-2017-1000364, CVE-2017-7487, CVE-2017-8890,
CVE-2017-9074, CVE-2017-9075, CVE-2017-9076, CVE-2017-9077,
CVE-2017-9242

Package Information:
https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1020.29

—–BEGIN PGP SIGNATURE—–

iQIcBAEBCgAGBQJZSKcBAAoJEAUvNnAY1cPYXIoP/1zky4ylmc7Lve2jrEpmK5rD
vjbccyry73JC76Owv6YvhmBVviYBqVUPbU+fcFJqR0a4MmNyFsCE5Vxnnc3pvsZB
CCyOqCpC+3Z/o2Ixs/HhV2YtesDzyCfOXxmkU5vovz8ptt09Mr0QtfeY5dUNUH7I
jF27VWL5qHJg/p4eP0OiVmfCKG6Lob4+4S3kj/ThX99rN77TB+BKtE2l2IOe8EYD
6kyi07LfBmublu4Ld4Cq6xCvknPckyjLqPMP4E8ZT+euFTo+QKxwF/XcF19BNKle
V1L0VuG7SyhrzKBhhPKZSL0rIbdRSLjK3DXVnRPk2RkiiRKX+TWsTEKtxmMWGdWB
BqiFDumNOviqPqYqLo15g3NDjQ6DAuq18HoSqbC1cVzitSKgUv2VU+qGMBsGyFqk
V4Nj71dv7jk4ACjzdGev4WClt6vdpae5Gcz7Z5WnPLA0DJJ8ez0EDKqKXgN3C1XT
uZ8PXx+HqAodQ2xOgs43NZQ0f+I1Jt8Pf+df0X86c5PVn7MeIx9ZomD9XklM+oDN
yiopoMHMa2utClH4PDUURINcNtNBq2j99mmW9yb1ZifH38OkX6i57GRr8wWFfu10
8pFjfXqwtgxmfMIRrt4SNro+QVxWkiUwwm8sSu48ZZruG9a6i+LO5JjbiXQNR9wI
TyU9aD5kPzdEYuIaocx4
=u/1x
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3329-1
June 19, 2017

linux-gke, linux-meta-gke vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
– linux-gke: Linux kernel for Google Container Engine (GKE) systems

Details:

It was discovered that the stack guard page for processes in the Linux
kernel was not sufficiently large enough to prevent overlapping with the
heap. An attacker could leverage this with another vulnerability to execute
arbitrary code and gain administrative privileges (CVE-2017-1000364)

Roee Hay discovered that the parallel port printer driver in the Linux
kernel did not properly bounds check passed arguments. A local attacker
with write access to the kernel command line arguments could use this to
execute arbitrary code. (CVE-2017-1000363)

A reference count bug was discovered in the Linux kernel ipx protocol
stack. A local attacker could exploit this flaw to cause a denial of
service or possibly other unspecified problems. (CVE-2017-7487)

A double free bug was discovered in the IPv4 stack of the Linux kernel. An
attacker could use this to cause a denial of service (system crash).
(CVE-2017-8890)

Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux
kernel’s IPv6 stack. A local attacker could cause a denial of service or
potentially other unspecified problems. (CVE-2017-9074)

Andrey Konovalov discovered a flaw in the handling of inheritance in the
Linux kernel’s IPv6 stack. A local user could exploit this issue to cause a
denial of service or possibly other unspecified problems. (CVE-2017-9075)

It was discovered that dccp v6 in the Linux kernel mishandled inheritance.
A local attacker could exploit this issue to cause a denial of service or
potentially other unspecified problems. (CVE-2017-9076)

It was discovered that the transmission control protocol (tcp) v6 in the
Linux kernel mishandled inheritance. A local attacker could exploit this
issue to cause a denial of service or potentially other unspecified
problems. (CVE-2017-9077)

It was discovered that the IPv6 stack was doing over write consistency
check after the data was actually overwritten. A local attacker could
exploit this flaw to cause a denial of service (system crash).
(CVE-2017-9242)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
linux-image-4.4.0-1016-gke 4.4.0-1016.16

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://www.ubuntu.com/usn/usn-3329-1
CVE-2017-1000363, CVE-2017-1000364, CVE-2017-7487, CVE-2017-8890,
CVE-2017-9074, CVE-2017-9075, CVE-2017-9076, CVE-2017-9077,
CVE-2017-9242

Package Information:
https://launchpad.net/ubuntu/+source/linux-gke/4.4.0-1016.16

—–BEGIN PGP SIGNATURE—–

iQIcBAEBCgAGBQJZSKbFAAoJEAUvNnAY1cPYaA4P/iaauXkl+KXtKNMlibtUHdWk
8c5qZxF9KZ+Kokl4Fcyi23IyWYylSt/8szDv6emsIea6yMu2yWs+NH61BJfHXDXs
injj+4ibOHmr2M1IfyH9rMc+SNCyuGS2/NiJDz5Yhk1B5JLhz/GOdSjfU7kUZ9rA
YxWfbz5vBcmkkCzmWx6uBk2NJuJc2idrffJ8eTmO4uaD4EiiAUgc2MZrZHeb0R1F
Dhor8OkKPAkQ+km/c8iNF2jzNyuw/UROR/4WYcU6vA9rTGT2D3ikv42f6u1wVh8n
Obp55JV9HysDOyeT83h4O4HC5qEdF7M5hyC8VtwIQyLKd/yWR1OacubLvkgu/TGf
AkvJiT18H+9N0vEB4FqdZNEpjsp+SzESj3KNHs0HR+RRaHlK3qbjaoFe8fc/rpXG
S+kmdkosTf0Qaz819gboF329X2ky1cGKxHcC+/0ual5RIda6r5DV6jyC+FgEaScp
2M/bTIq6WdHEWRKTdPJEA3CH62e3TscT5IAHT1Eujdu3iMR/ZcFH3cN0TRLzu2H1
SJO6MmpK1YWGkM4uiIpZWxalwX1OTAmEUcnNjt+pJgAZjQSp31GQ/Q1QbhLWXbDA
0NNFymFkt0pyM1+LMlM6ILTrRqjmYi0dB+um2Ek+CE+S3apL01EcewwZLr31jONC
Nxt81d14r10fp4p07xQR
=kuAM
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3328-1
June 19, 2017

linux, linux-meta vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
– linux: Linux kernel

Details:

It was discovered that the stack guard page for processes in the Linux
kernel was not sufficiently large enough to prevent overlapping with the
heap. An attacker could leverage this with another vulnerability to execute
arbitrary code and gain administrative privileges (CVE-2017-1000364)

Roee Hay discovered that the parallel port printer driver in the Linux
kernel did not properly bounds check passed arguments. A local attacker
with write access to the kernel command line arguments could use this to
execute arbitrary code. (CVE-2017-1000363)

A reference count bug was discovered in the Linux kernel ipx protocol
stack. A local attacker could exploit this flaw to cause a denial of
service or possibly other unspecified problems. (CVE-2017-7487)

A double free bug was discovered in the IPv4 stack of the Linux kernel. An
attacker could use this to cause a denial of service (system crash).
(CVE-2017-8890)

Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux
kernel’s IPv6 stack. A local attacker could cause a denial of service or
potentially other unspecified problems. (CVE-2017-9074)

Andrey Konovalov discovered a flaw in the handling of inheritance in the
Linux kernel’s IPv6 stack. A local user could exploit this issue to cause a
denial of service or possibly other unspecified problems. (CVE-2017-9075)

It was discovered that dccp v6 in the Linux kernel mishandled inheritance.
A local attacker could exploit this issue to cause a denial of service or
potentially other unspecified problems. (CVE-2017-9076)

It was discovered that the transmission control protocol (tcp) v6 in the
Linux kernel mishandled inheritance. A local attacker could exploit this
issue to cause a denial of service or potentially other unspecified
problems. (CVE-2017-9077)

It was discovered that the IPv6 stack was doing over write consistency
check after the data was actually overwritten. A local attacker could
exploit this flaw to cause a denial of service (system crash).
(CVE-2017-9242)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
linux-image-4.4.0-81-generic 4.4.0-81.104
linux-image-4.4.0-81-generic-lpae 4.4.0-81.104
linux-image-4.4.0-81-lowlatency 4.4.0-81.104
linux-image-4.4.0-81-powerpc-e500mc 4.4.0-81.104
linux-image-4.4.0-81-powerpc-smp 4.4.0-81.104
linux-image-4.4.0-81-powerpc64-emb 4.4.0-81.104
linux-image-4.4.0-81-powerpc64-smp 4.4.0-81.104
linux-image-generic 4.4.0.81.87
linux-image-generic-lpae 4.4.0.81.87
linux-image-generic-lpae-lts-utopic 4.4.0.81.87
linux-image-generic-lpae-lts-vivid 4.4.0.81.87
linux-image-generic-lpae-lts-wily 4.4.0.81.87
linux-image-generic-lpae-lts-xenial 4.4.0.81.87
linux-image-generic-lts-utopic 4.4.0.81.87
linux-image-generic-lts-vivid 4.4.0.81.87
linux-image-generic-lts-wily 4.4.0.81.87
linux-image-generic-lts-xenial 4.4.0.81.87
linux-image-lowlatency 4.4.0.81.87
linux-image-lowlatency-lts-utopic 4.4.0.81.87
linux-image-lowlatency-lts-vivid 4.4.0.81.87
linux-image-lowlatency-lts-wily 4.4.0.81.87
linux-image-lowlatency-lts-xenial 4.4.0.81.87
linux-image-powerpc-e500mc 4.4.0.81.87
linux-image-powerpc-e500mc-lts-utopic 4.4.0.81.87
linux-image-powerpc-e500mc-lts-vivid 4.4.0.81.87
linux-image-powerpc-e500mc-lts-wily 4.4.0.81.87
linux-image-powerpc-e500mc-lts-xenial 4.4.0.81.87
linux-image-powerpc-smp 4.4.0.81.87
linux-image-powerpc-smp-lts-utopic 4.4.0.81.87
linux-image-powerpc-smp-lts-vivid 4.4.0.81.87
linux-image-powerpc-smp-lts-wily 4.4.0.81.87
linux-image-powerpc-smp-lts-xenial 4.4.0.81.87
linux-image-powerpc64-emb 4.4.0.81.87
linux-image-powerpc64-emb-lts-utopic 4.4.0.81.87
linux-image-powerpc64-emb-lts-vivid 4.4.0.81.87
linux-image-powerpc64-emb-lts-wily 4.4.0.81.87
linux-image-powerpc64-emb-lts-xenial 4.4.0.81.87
linux-image-powerpc64-smp 4.4.0.81.87
linux-image-powerpc64-smp-lts-utopic 4.4.0.81.87
linux-image-powerpc64-smp-lts-vivid 4.4.0.81.87
linux-image-powerpc64-smp-lts-wily 4.4.0.81.87
linux-image-powerpc64-smp-lts-xenial 4.4.0.81.87
linux-image-virtual 4.4.0.81.87
linux-image-virtual-lts-utopic 4.4.0.81.87
linux-image-virtual-lts-vivid 4.4.0.81.87
linux-image-virtual-lts-wily 4.4.0.81.87
linux-image-virtual-lts-xenial 4.4.0.81.87

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://www.ubuntu.com/usn/usn-3328-1
CVE-2017-1000363, CVE-2017-1000364, CVE-2017-7487, CVE-2017-8890,
CVE-2017-9074, CVE-2017-9075, CVE-2017-9076, CVE-2017-9077,
CVE-2017-9242

Package Information:
https://launchpad.net/ubuntu/+source/linux/4.4.0-81.104

—–BEGIN PGP SIGNATURE—–

iQIcBAEBCgAGBQJZSKanAAoJEAUvNnAY1cPYHdUQAJsqKWATw3YoKencBJDyxQu0
jCoGC7kN6WBuAVItJYEXUyjS8JzUKGnusgjxzucEmcDk/hkdcK5hHjVKQOGucBUz
Ru8vx9HElNYeA7JR0b7LS1du0MzNUw4gPJj3fruzi8wL3GN8W+FppW9jYUJPbPYd
8bOAKmkI0YZMym4NABOXWqKNP6V29ZHK2q720fnCWvh9F2df4gewxcYfe04pEiGD
Jc6EZ5rASuvqRMNjO15fWLqin67eVa4VKGNwXoEbiZttaYhEcBt635avHT8nWUlE
NqCLHsIr0Z6bsWFLYlT1VSo3te67WUOjaqyTu2hd9K6WkrOq+T1xgrQJ9/WZ5Q5E
8S36x7pdoU39yMqJhTbDFy2yTJXZ8SuHR3IMBhoeeLihCULTSJwxu9FRBiY/qeZp
AaYLZMUuhfIEKlbeEklFE38K9SmEB0H7R1ltg3BKy1iUp6l3MANExVA5Gb843iIx
5K7qECBTRZWkqs0vUwFNjFY6FtmbenfXJdPy8mO8JPuQtaAO2HHSMEhL+8nfU1yz
RH6rFF29umTm6YB0VkX+pPLmcqZhfHp9V1vEVQExJUBV5Z7nw8zmMVPYDKhxOj8z
Oe70fOt0CqF4/1qStfrBs0EVABBEQ102YJQFyXifG5EGThX7AsqYJb36EUp4/MCk
idtnj4uYXjQWa19tfGmo
=w5Pg
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3326-1
June 19, 2017

linux, linux-meta vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.10

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
– linux: Linux kernel

Details:

It was discovered that a use-after-free flaw existed in the filesystem
encryption subsystem in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash). (CVE-2017-7374)

It was discovered that the stack guard page for processes in the Linux
kernel was not sufficiently large enough to prevent overlapping with the
heap. An attacker could leverage this with another vulnerability to execute
arbitrary code and gain administrative privileges (CVE-2017-1000364)

Roee Hay discovered that the parallel port printer driver in the Linux
kernel did not properly bounds check passed arguments. A local attacker
with write access to the kernel command line arguments could use this to
execute arbitrary code. (CVE-2017-1000363)

Ingo Molnar discovered that the VideoCore DRM driver in the Linux kernel
did not return an error after detecting certain overflows. A local attacker
could exploit this issue to cause a denial of service (OOPS).
(CVE-2017-5577)

A double free bug was discovered in the IPv4 stack of the Linux kernel. An
attacker could use this to cause a denial of service (system crash).
(CVE-2017-8890)

Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux
kernel’s IPv6 stack. A local attacker could cause a denial of service or
potentially other unspecified problems. (CVE-2017-9074)

Andrey Konovalov discovered a flaw in the handling of inheritance in the
Linux kernel’s IPv6 stack. A local user could exploit this issue to cause a
denial of service or possibly other unspecified problems. (CVE-2017-9075)

It was discovered that dccp v6 in the Linux kernel mishandled inheritance.
A local attacker could exploit this issue to cause a denial of service or
potentially other unspecified problems. (CVE-2017-9076)

It was discovered that the transmission control protocol (tcp) v6 in the
Linux kernel mishandled inheritance. A local attacker could exploit this
issue to cause a denial of service or potentially other unspecified
problems. (CVE-2017-9077)

It was discovered that the IPv6 stack was doing over write consistency
check after the data was actually overwritten. A local attacker could
exploit this flaw to cause a denial of service (system crash).
(CVE-2017-9242)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
linux-image-4.8.0-56-generic 4.8.0-56.61
linux-image-4.8.0-56-generic-lpae 4.8.0-56.61
linux-image-4.8.0-56-lowlatency 4.8.0-56.61
linux-image-4.8.0-56-powerpc-e500mc 4.8.0-56.61
linux-image-4.8.0-56-powerpc-smp 4.8.0-56.61
linux-image-4.8.0-56-powerpc64-emb 4.8.0-56.61
linux-image-generic 4.8.0.56.69
linux-image-generic-lpae 4.8.0.56.69
linux-image-lowlatency 4.8.0.56.69
linux-image-powerpc-e500mc 4.8.0.56.69
linux-image-powerpc-smp 4.8.0.56.69
linux-image-powerpc64-emb 4.8.0.56.69
linux-image-powerpc64-smp 4.8.0.56.69
linux-image-virtual 4.8.0.56.69

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://www.ubuntu.com/usn/usn-3326-1
CVE-2017-1000363, CVE-2017-1000364, CVE-2017-5577, CVE-2017-7374,
CVE-2017-8890, CVE-2017-9074, CVE-2017-9075, CVE-2017-9076,
CVE-2017-9077, CVE-2017-9242

Package Information:
https://launchpad.net/ubuntu/+source/linux/4.8.0-56.61

—–BEGIN PGP SIGNATURE—–

iQIcBAEBCgAGBQJZSKZqAAoJEAUvNnAY1cPYoGIQAJM3jDa4LbzQROfL4UdSsQ5z
Q56Z+NZRo5nbvgXNSg9xjesc3vVu6/jTtrmEYeRV7yDcgGp6yxOEjAoON3NTegor
6Ms+JSj44GWyJykoYTTvZUMh35be8mO9aniuQdf5mVLB4Ta4nGETWf2qL0zoaXzb
J51QzWDE0jYM1SvZzWT4TaYNtUrOeba0sANthz5hXE4z375/zcrzVlyQ8VciRyfl
dTwq9xO+rpTLhABVVrjFeQsqp8w/S5RiE5ssrBi8RUXxorgloGX8I2fU9/mRgT9z
MHvfD23IepN+Po67fAhG+pKQlnFpFE8U5fuBJhuxFz9It0Nivvyw9mehScG0Pqh+
N5rYztdmnBAz5dk8totQ1SN1xwq/H56hqhP41ZnZIriQ6L217MwKi9Pdj3U+DZ/G
4cNHDbPsWWSYIzTEe6j+p+7AiDAl8WZ3FkmAQxLdNzXxXheKpcX6ynGJX++sro94
kj0jlXrh0Z8eMM1IaRLtSI5mfGPzcYyKu8XiYi37zherVn+M647Use0EO9w27ZyB
r4TWFlJUzYFPbJ257gDC/RjsqgIuhSBoNUOFMi6yx5OswROiasBESj39IUEcZFov
wyc/pfjvMWwF2APKEIVtMzdNbMKbjapPgNWtNADIa0KY8KzmUBI3BiXFSCuJzkwk
s2cHsv2+jsL9K2j6dOwB
=UT/+
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3324-1
June 19, 2017

linux, linux-meta vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 17.04

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
– linux: Linux kernel

Details:

It was discovered that the stack guard page for processes in the Linux
kernel was not sufficiently large enough to prevent overlapping with the
heap. An attacker could leverage this with another vulnerability to execute
arbitrary code and gain administrative privileges (CVE-2017-1000364)

Roee Hay discovered that the parallel port printer driver in the Linux
kernel did not properly bounds check passed arguments. A local attacker
with write access to the kernel command line arguments could use this to
execute arbitrary code. (CVE-2017-1000363)

A double free bug was discovered in the IPv4 stack of the Linux kernel. An
attacker could use this to cause a denial of service (system crash).
(CVE-2017-8890)

Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux
kernel’s IPv6 stack. A local attacker could cause a denial of service or
potentially other unspecified problems. (CVE-2017-9074)

Andrey Konovalov discovered a flaw in the handling of inheritance in the
Linux kernel’s IPv6 stack. A local user could exploit this issue to cause a
denial of service or possibly other unspecified problems. (CVE-2017-9075)

It was discovered that dccp v6 in the Linux kernel mishandled inheritance.
A local attacker could exploit this issue to cause a denial of service or
potentially other unspecified problems. (CVE-2017-9076)

It was discovered that the transmission control protocol (tcp) v6 in the
Linux kernel mishandled inheritance. A local attacker could exploit this
issue to cause a denial of service or potentially other unspecified
problems. (CVE-2017-9077)

Jann Horn discovered that bpf in Linux kernel does not restrict the output
of the print_bpf_insn function. A local attacker could use this to obtain
sensitive address information. (CVE-2017-9150)

It was discovered that the IPv6 stack was doing over write consistency
check after the data was actually overwritten. A local attacker could
exploit this flaw to cause a denial of service (system crash).
(CVE-2017-9242)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.04:
linux-image-4.10.0-24-generic 4.10.0-24.28
linux-image-4.10.0-24-generic-lpae 4.10.0-24.28
linux-image-4.10.0-24-lowlatency 4.10.0-24.28
linux-image-generic 4.10.0.24.26
linux-image-generic-lpae 4.10.0.24.26
linux-image-lowlatency 4.10.0.24.26
linux-image-powerpc-e500mc 4.10.0.24.26
linux-image-powerpc-smp 4.10.0.24.26
linux-image-powerpc64-emb 4.10.0.24.26
linux-image-powerpc64-smp 4.10.0.24.26
linux-image-virtual 4.10.0.24.26

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://www.ubuntu.com/usn/usn-3324-1
CVE-2017-1000363, CVE-2017-1000364, CVE-2017-8890, CVE-2017-9074,
CVE-2017-9075, CVE-2017-9076, CVE-2017-9077, CVE-2017-9150,
CVE-2017-9242

Package Information:
https://launchpad.net/ubuntu/+source/linux/4.10.0-24.28

—–BEGIN PGP SIGNATURE—–

iQIcBAEBCgAGBQJZSKYRAAoJEAUvNnAY1cPYmyIP/0ovSm9vdrfbd6cjD0qcmKqM
0eFy1yfofI+CxHkusFXPk/VcfqxIZTvLk1ffVjy3YsBMCxhuaREYAPAS+ROARsuX
PtOBcwW4nBWIAZRaeSQIsrTuO43UJ7ps8T/l7tZc/uHMw8C6Q5w8n9dQWrZwrDPW
R1jQfQ/brKVe0bFlYvVfdq7WjMAZP52yJ4xojwSWlPXD9DkUa++YdOprL8jK8ko2
UYLqlm5a+3MJ8HPSZQxnf3URnoUN3MEka+QM39MQ2L+b3AwZ/cCzgGd2g7nT+uQP
QLvnV7eC/IYVjlTxJrJ9TkiXRbxPhCM2ldZBSlqX7G63TbKDJW9o6Xd7Ulyt5LnJ
dzG3wd+ertA5cfRP89sCru1WCokwA23sEI0EHcBPZ8YCYAdYPOrr5Q6/lxt6IlhJ
HbZsU1CKWx1Lmtbem4SbIjfL7AG/GdWgv47yeAeM3FYY2O8iY/PvA5sSpKKnV9jG
IovuZ/yL9V0V7y8B1Fhki+3ecxQsrA5Cb6m/1crmC47M9g3IsmCVavojD8a42lBK
pfzZ2z2M1aRWj+ihNaQEEC6OUTgoSAJDDG7ng9R3rvdOhxlQoD96ILUGdmq+mec9
R6CID2XiG+dpSg2TxGDNFOGHKa2J/YBhG+ghdBtRxbfCxDxV4DzTeRA3tHOu0uSK
uPCnLSh31n4PqAby/O9w
=bU0t
—–END PGP SIGNATURE—–

Top
More in Preporuke
Ranjivost jezgre operacijskog sustava

Otkrivena je kritična ranjivost jezgre operacijskog sustava SUSE. Otkrivena ranjivost uzrokovana je načinom na koji se memorija dodjeljuje stogu, a...

Close