[월:] 2018년 11월

USN-3819-1: Linux kernel vulnerability linux, linux-aws, linux-gcp, linux-kvm, linux-raspi2 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.10 Summary The system could be made to crash or run programs as an administrator. Software Description linux – Linux kernel linux-aws – Linux kernel for Amazon Web Services (AWS) systems linux-gcp – Linux kernel for Google Cloud Platform (GCP) systems linux-kvm – Linux kernel for cloud environments linux-raspi2 – Linux kernel for Raspberry Pi 2 Details Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10 linux-image-4.18.0-1003-gcp – 4.18.0-1003.4 linux-image-4.18.0-1004-aws [ more… ]

USN-3820-1: Linux kernel vulnerabilities linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Summary Several security issues were fixed in the Linux kernel. Software Description linux – Linux kernel linux-aws – Linux kernel for Amazon Web Services (AWS) systems linux-azure – Linux kernel for Microsoft Azure Cloud systems linux-gcp – Linux kernel for Google Cloud Platform (GCP) systems linux-kvm – Linux kernel for cloud environments linux-oem – Linux kernel for OEM processors linux-raspi2 – Linux kernel for Raspberry Pi 2 Details Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-15471) It was discovered that the generic [ more… ]