You are here
Home > Preporuke > Sigurnosni nedostaci jezgre operacijskog sustava

Sigurnosni nedostaci jezgre operacijskog sustava

==========================================================================
Ubuntu Security Notice USN-3823-1
November 15, 2018

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.04 ESM

Summary:

Several security issues were mitigated in the Linux kernel.

Software Description:
– linux: Linux kernel

Details:

It was discovered that memory present in the L1 data cache of an Intel CPU
core may be exposed to a malicious process that is executing on the CPU
core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local
attacker in a guest virtual machine could use this to expose sensitive
information (memory from other guests or the host OS). (CVE-2018-3646)

It was discovered that memory present in the L1 data cache of an Intel CPU
core may be exposed to a malicious process that is executing on the CPU
core. This vulnerability is also known as L1 Terminal Fault (L1TF). A local
attacker could use this to expose sensitive information (memory from the
kernel or other processes). (CVE-2018-3620)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
linux-image-3.2.0-137-generic 3.2.0-137.183
linux-image-3.2.0-137-generic-pae 3.2.0-137.183
linux-image-3.2.0-137-highbank 3.2.0-137.183
linux-image-3.2.0-137-omap 3.2.0-137.183
linux-image-3.2.0-137-powerpc-smp 3.2.0-137.183
linux-image-3.2.0-137-powerpc64-smp 3.2.0-137.183
linux-image-3.2.0-137-virtual 3.2.0-137.183
linux-image-generic 3.2.0.137.152
linux-image-generic-pae 3.2.0.137.152
linux-image-highbank 3.2.0.137.152
linux-image-omap 3.2.0.137.152
linux-image-powerpc 3.2.0.137.152
linux-image-powerpc-smp 3.2.0.137.152
linux-image-powerpc64-smp 3.2.0.137.152
linux-image-virtual 3.2.0.137.152

Please note that the recommended mitigation for CVE-2018-3646 involves
updating processor microcode in addition to updating the kernel;
however, the kernel includes a fallback for processors that have not
received microcode updates.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://usn.ubuntu.com/usn/usn-3823-1
CVE-2018-3620, CVE-2018-3646,
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/L1TF

—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAlvs/ocACgkQLwmejQBe
gfQ41g//fUR6NljOILPMdFvHPtSu37me3SmLST3z8pyKruU52b6JJTJOI15hnVrM
FcAjkf4qRrk7p3u0JcsbPlCF+8q+0YXemacNcN+S55PJNTaAPpfhFWFVSQyPeByY
TXrgwnVM8TuuWeRNfA5SZSSNw28nKnQscIg6zMyTD9sOFBJbUS0aA8AqCmdLNYhb
PVbio4hHCt5VCuPC5Di5k9Ay5SwgHuBIdPtWtYLEG77U27QJI7gGgR78755ZvDzp
jz5lZLQgKaCoGNBrTe7AWrg7yaR794413idyFv7UX7sMnmVOBXO2p/WBK0Rj7EGB
YK88pCWbb24zGgFWcFXos6pwVW+cMNk8laNpAWIckqZBzTJbYcIdQzjH6OSeA+M/
YPA1ga4T1v3Vgzo8ER+k7kaJtiMdkdCHFSX/FfyjsHCIIy5Y3e1Wlui/21sVc/FB
LNbUVnIZam0TiAR4DJGXLzjQ/pvjP1PwdvkQ4cnCH57BMBEIdjN7TefqUUKc9eEe
Qhw5/JWAXJqYWQcNaTQ69gY02NLgPAHVcbFdIh5cl2kw5vzzxlqY+E8+kHuZHaQP
Gj6FgXnAAEsKvrQl1WzvXd62bBbcQ5Hkhkx8rrYpCMPZnFPGeq3/k1DwOiuufYWD
XEQYsJD5YKxUHSOHLomNir3tINZrRIMr3ahZWDz4FLvt7zSjvZA=
=mZJ9
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci jezgre operacijskog sustava

Otkriveni su sigurnosni nedostaci jezgre operacijskog sustava Ubuntu. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja, izvršavanje proizvoljnog programskog koda...

Close