[월:] 2017년 04월

No Image

USN-3268-1: QEMU vulnerabilities

2017-04-25 KENNETH 0

USN-3268-1: QEMU vulnerabilities Ubuntu Security Notice USN-3268-1 25th April, 2017 qemu vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Summary Several security issues were fixed in QEMU. Software description qemu – Machine emulator and virtualizer Details Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPUdevice. An attacker inside the guest could use this issue to cause QEMU tocrash, resulting in a denial of service. (CVE-2016-10028) It was discovered that QEMU incorrectly handled the JAZZ RC4030 device. Aprivileged attacker inside the guest could use this issue to cause QEMU tocrash, resulting in a denial of service. (CVE-2016-8667) Jann Horn discovered that QEMU incorrectly handled VirtFS directorysharing. A privileged attacker inside the guest could use this issue toaccess files on the host file system outside of the shared directory andpossibly escalate their privileges. In the [ more… ]

No Image

RHSA-2017:1126-1: Important: kernel security update

2017-04-25 KENNETH 0

RHSA-2017:1126-1: Important: kernel security update Red Hat Enterprise Linux: An update for kernel is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-2636 Source: RHSA-2017:1126-1: Important: kernel security update

No Image

RHSA-2017:1125-1: Important: kernel security and bug fix update

2017-04-25 KENNETH 0

RHSA-2017:1125-1: Important: kernel security and bug fix update Red Hat Enterprise Linux: An update for kernel is now available for Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-2636 Source: RHSA-2017:1125-1: Important: kernel security and bug fix update

No Image

RHSA-2017:1124-1: Important: chromium-browser security update

2017-04-25 KENNETH 0

RHSA-2017:1124-1: Important: chromium-browser security update Red Hat Enterprise Linux: An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. CVE-2017-5057, CVE-2017-5058, CVE-2017-5059, CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064, CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069 Source: RHSA-2017:1124-1: Important: chromium-browser security update

No Image

USN-3264-1: Linux kernel vulnerability

2017-04-25 KENNETH 0

USN-3264-1: Linux kernel vulnerability Ubuntu Security Notice USN-3264-1 24th April, 2017 linux vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary The system could be made to crash under certain conditions. Software description linux – Linux kernel Details Alexander Popov discovered that a race condition existed in the StreamControl Transmission Protocol (SCTP) implementation in the Linux kernel. Alocal attacker could use this to cause a denial of service (system crash). Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 14.04 LTS: linux-image-powerpc-smp 3.13.0.117.127 linux-image-powerpc-e500mc 3.13.0.117.127 linux-image-3.13.0-117-generic-lpae 3.13.0-117.164 linux-image-3.13.0-117-lowlatency 3.13.0-117.164 linux-image-generic 3.13.0.117.127 linux-image-3.13.0-117-powerpc-e500mc 3.13.0-117.164 linux-image-3.13.0-117-powerpc64-smp 3.13.0-117.164 linux-image-powerpc-e500 3.13.0.117.127 linux-image-powerpc64-smp 3.13.0.117.127 linux-image-generic-lpae 3.13.0.117.127 linux-image-3.13.0-117-powerpc-e500 3.13.0-117.164 linux-image-3.13.0-117-generic 3.13.0-117.164 linux-image-lowlatency 3.13.0.117.127 linux-image-3.13.0-117-powerpc-smp 3.13.0-117.164 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need [ more… ]