[월:] 2020년 04월

USN-4342-1: Linux kernel vulnerabilities linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.3, linux-hwe, linux-kvm, linux-raspi2, linux-raspi2-5.3 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Ubuntu 18.04 LTS Summary Several security issues were fixed in the Linux kernel. Software Description linux – Linux kernel linux-aws – Linux kernel for Amazon Web Services (AWS) systems linux-azure – Linux kernel for Microsoft Azure Cloud systems linux-gcp – Linux kernel for Google Cloud Platform (GCP) systems linux-kvm – Linux kernel for cloud environments linux-raspi2 – Linux kernel for Raspberry Pi 2 linux-gke-5.3 – Linux kernel for Google Container Engine (GKE) systems linux-hwe – Linux hardware enablement (HWE) kernel linux-raspi2-5.3 – Linux kernel for Raspberry Pi 2 Details Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address [ more… ]

USN-4341-1: Samba vulnerabilities samba vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 20.04 LTS Ubuntu 19.10 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Several security issues were fixed in Samba. Software Description samba – SMB/CIFS file, print, and login server for Unix Details Andrei Popa discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-10700) It was discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could possibly use this issue to cause Samba to consume resources, resulting in a denial of service. (CVE-2020-10704) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu [ more… ]