[월:] 2017년 06월

USN-3345-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-3345-1 29th June, 2017 linux, linux-raspi2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Summary Several security issues were fixed in the Linux kernel. Software description linux – Linux kernel linux-raspi2 – Linux kernel for Raspberry Pi 2 Details USN 3324-1 fixed a vulnerability in the Linux kernel. However, thatfix introduced regressions for some Java applications. This updateaddresses the issue. We apologize for the inconvenience. Roee Hay discovered that the parallel port printer driver in the Linuxkernel did not properly bounds check passed arguments. A local attackerwith write access to the kernel command line arguments could use this toexecute arbitrary code. (CVE-2017-1000363) It was discovered that a double-free vulnerability existed in the IPv4stack of the Linux kernel. An attacker could use this to cause a denial ofservice [ more… ]

USN-3344-2: Linux kernel (Xenial HWE) vulnerabilities Ubuntu Security Notice USN-3344-2 29th June, 2017 linux-lts-xenial vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the Linux kernel. Software description linux-lts-xenial – Linux hardware enablement kernel from Xenial for Trusty Details USN-3344-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04LTS. This update provides the corresponding updates for the LinuxHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu14.04 LTS. USN 3334-1 fixed a vulnerability in the Linux kernel. However, thatfix introduced regressions for some Java applications. This updateaddresses the issue. We apologize for the inconvenience. Roee Hay discovered that the parallel port printer driver in the Linuxkernel did not properly bounds check passed arguments. A local attackerwith write access to the kernel command line arguments could use this [ more… ]

USN-3344-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-3344-1 29th June, 2017 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the Linux kernel. Software description linux – Linux kernel linux-aws – Linux kernel for Amazon Web Services (AWS) systems linux-gke – Linux kernel for Google Container Engine (GKE) systems linux-raspi2 – Linux kernel for Raspberry Pi 2 linux-snapdragon – Linux kernel for Snapdragon processors Details USN 3328-1 fixed a vulnerability in the Linux kernel. However, thatfix introduced regressions for some Java applications. This updateaddresses the issue. We apologize for the inconvenience. Roee Hay discovered that the parallel port printer driver in the Linuxkernel did not properly bounds check passed arguments. A local attackerwith write access to the kernel command line arguments could [ more… ]

USN-3343-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-3343-1 29th June, 2017 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the Linux kernel. Software description linux – Linux kernel Details USN 3335-1 fixed a vulnerability in the Linux kernel. However, thatfix introduced regressions for some Java applications. This updateaddresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free vulnerability in the core voltageregulator driver of the Linux kernel. A local attacker could use this tocause a denial of service or possibly execute arbitrary code.(CVE-2014-9940) It was discovered that a buffer overflow existed in the trace subsystem inthe Linux kernel. A privileged local attacker could use this to executearbitrary code. (CVE-2017-0605) Roee Hay discovered that the parallel port printer driver in the Linuxkernel [ more… ]

USN-3342-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-3342-1 29th June, 2017 linux, linux-raspi2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Summary Several security issues were fixed in the Linux kernel. Software description linux – Linux kernel linux-raspi2 – Linux kernel for Raspberry Pi 2 Details USN 3326-1 fixed a vulnerability in the Linux kernel. However, thatfix introduced regressions for some Java applications. This updateaddresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free flaw existed in the filesystemencryption subsystem in the Linux kernel. A local attacker could use thisto cause a denial of service (system crash). (CVE-2017-7374) Roee Hay discovered that the parallel port printer driver in the Linuxkernel did not properly bounds check passed arguments. A local attackerwith write access to the kernel command line arguments could use [ more… ]