SECURITY

USN-3035-2: Linux kernel (Raspberry Pi 2) vulnerability Ubuntu Security Notice USN-3035-2 14th July, 2016 linux-raspi2 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Summary The system could be made to crash under certain conditions. Software description linux-raspi2 – Linux kernel for Raspberry Pi 2 Details Jan Stancek discovered that the Linux kernel's memory manager did notproperly handle moving pages mapped by the asynchronous I/O (AIO) ringbuffer to the other nodes. A local attacker could use this to cause adenial of service (system crash). Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: linux-image-4.2.0-1034-raspi2 4.2.0-1034.44 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your computer to makeall the necessary changes. ATTENTION: Due to an unavoidable ABI [ more… ]

USN-3035-1: Linux kernel vulnerability Ubuntu Security Notice USN-3035-1 14th July, 2016 linux vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Summary The system could be made to crash under certain conditions. Software description linux – Linux kernel Details Jan Stancek discovered that the Linux kernel's memory manager did notproperly handle moving pages mapped by the asynchronous I/O (AIO) ringbuffer to the other nodes. A local attacker could use this to cause adenial of service (system crash). Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: linux-image-4.2.0-42-powerpc64-smp 4.2.0-42.49 linux-image-4.2.0-42-generic 4.2.0-42.49 linux-image-4.2.0-42-generic-lpae 4.2.0-42.49 linux-image-4.2.0-42-powerpc64-emb 4.2.0-42.49 linux-image-4.2.0-42-powerpc-e500mc 4.2.0-42.49 linux-image-4.2.0-42-lowlatency 4.2.0-42.49 linux-image-4.2.0-42-powerpc-smp 4.2.0-42.49 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your computer to makeall the necessary changes. ATTENTION: [ more… ]

USN-3034-2: Linux kernel (Trusty HWE) vulnerability Ubuntu Security Notice USN-3034-2 14th July, 2016 linux-lts-trusty vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary The system could be made to crash under certain conditions. Software description linux-lts-trusty – Linux hardware enablement kernel from Trusty for Precise Details USN-3034-1 fixed a vulnerability in the Linux kernel for Ubuntu 14.04LTS. This update provides the corresponding updates for the LinuxHardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu12.04 LTS. Jan Stancek discovered that the Linux kernel's memory manager did notproperly handle moving pages mapped by the asynchronous I/O (AIO) ringbuffer to the other nodes. A local attacker could use this to cause adenial of service (system crash). Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 LTS: [ more… ]

USN-3034-1: Linux kernel vulnerability Ubuntu Security Notice USN-3034-1 14th July, 2016 linux vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary The system could be made to crash under certain conditions. Software description linux – Linux kernel Details Jan Stancek discovered that the Linux kernel's memory manager did notproperly handle moving pages mapped by the asynchronous I/O (AIO) ringbuffer to the other nodes. A local attacker could use this to cause adenial of service (system crash). Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 14.04 LTS: linux-image-3.13.0-92-powerpc-e500mc 3.13.0-92.139 linux-image-3.13.0-92-powerpc-e500 3.13.0-92.139 linux-image-3.13.0-92-powerpc64-smp 3.13.0-92.139 linux-image-3.13.0-92-generic-lpae 3.13.0-92.139 linux-image-3.13.0-92-powerpc-smp 3.13.0-92.139 linux-image-3.13.0-92-lowlatency 3.13.0-92.139 linux-image-3.13.0-92-generic 3.13.0-92.139 linux-image-3.13.0-92-powerpc64-emb 3.13.0-92.139 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your computer to makeall [ more… ]

USN-3033-1: libarchive vulnerabilities Ubuntu Security Notice USN-3033-1 14th July, 2016 libarchive vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary libarchive could be made to crash or run programs if it opened a specially crafted file. Software description libarchive – Library to read/write archive files Details Hanno Böck discovered that libarchive contained multiple security issueswhen processing certain malformed archive files. A remote attacker coulduse this issue to cause libarchive to crash, resulting in a denial ofservice, or possibly execute arbitrary code. (CVE-2015-8916, CVE-2015-8917CVE-2015-8919, CVE-2015-8920, CVE-2015-8921, CVE-2015-8922, CVE-2015-8923,CVE-2015-8924, CVE-2015-8925, CVE-2015-8926, CVE-2015-8928, CVE-2015-8930,CVE-2015-8931, CVE-2015-8932, CVE-2015-8933, CVE-2015-8934, CVE-2016-5844) Marcin "Icewall" Noga discovered that libarchive contained multiplesecurity issues when processing certain malformed archive files. A remoteattacker could use this issue to cause libarchive to crash, resulting in adenial of [ more… ]