Ubuntu security

Ubuntu security notices

No Image

USN-3344-1: Linux kernel vulnerabilities

2017-06-29 KENNETH 0

USN-3344-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-3344-1 29th June, 2017 linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the Linux kernel. Software description linux – Linux kernel linux-aws – Linux kernel for Amazon Web Services (AWS) systems linux-gke – Linux kernel for Google Container Engine (GKE) systems linux-raspi2 – Linux kernel for Raspberry Pi 2 linux-snapdragon – Linux kernel for Snapdragon processors Details USN 3328-1 fixed a vulnerability in the Linux kernel. However, thatfix introduced regressions for some Java applications. This updateaddresses the issue. We apologize for the inconvenience. Roee Hay discovered that the parallel port printer driver in the Linuxkernel did not properly bounds check passed arguments. A local attackerwith write access to the kernel command line arguments could [ more… ]

No Image

USN-3344-2: Linux kernel (Xenial HWE) vulnerabilities

2017-06-29 KENNETH 0

USN-3344-2: Linux kernel (Xenial HWE) vulnerabilities Ubuntu Security Notice USN-3344-2 29th June, 2017 linux-lts-xenial vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the Linux kernel. Software description linux-lts-xenial – Linux hardware enablement kernel from Xenial for Trusty Details USN-3344-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04LTS. This update provides the corresponding updates for the LinuxHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu14.04 LTS. USN 3334-1 fixed a vulnerability in the Linux kernel. However, thatfix introduced regressions for some Java applications. This updateaddresses the issue. We apologize for the inconvenience. Roee Hay discovered that the parallel port printer driver in the Linuxkernel did not properly bounds check passed arguments. A local attackerwith write access to the kernel command line arguments could use this [ more… ]

No Image

USN-3342-1: Linux kernel vulnerabilities

2017-06-29 KENNETH 0

USN-3342-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-3342-1 29th June, 2017 linux, linux-raspi2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Summary Several security issues were fixed in the Linux kernel. Software description linux – Linux kernel linux-raspi2 – Linux kernel for Raspberry Pi 2 Details USN 3326-1 fixed a vulnerability in the Linux kernel. However, thatfix introduced regressions for some Java applications. This updateaddresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free flaw existed in the filesystemencryption subsystem in the Linux kernel. A local attacker could use thisto cause a denial of service (system crash). (CVE-2017-7374) Roee Hay discovered that the parallel port printer driver in the Linuxkernel did not properly bounds check passed arguments. A local attackerwith write access to the kernel command line arguments could use [ more… ]

No Image

USN-3343-1: Linux kernel vulnerabilities

2017-06-29 KENNETH 0

USN-3343-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-3343-1 29th June, 2017 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the Linux kernel. Software description linux – Linux kernel Details USN 3335-1 fixed a vulnerability in the Linux kernel. However, thatfix introduced regressions for some Java applications. This updateaddresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free vulnerability in the core voltageregulator driver of the Linux kernel. A local attacker could use this tocause a denial of service or possibly execute arbitrary code.(CVE-2014-9940) It was discovered that a buffer overflow existed in the trace subsystem inthe Linux kernel. A privileged local attacker could use this to executearbitrary code. (CVE-2017-0605) Roee Hay discovered that the parallel port printer driver in the Linuxkernel [ more… ]

No Image

USN-3341-1: Systemd vulnerability

2017-06-28 KENNETH 0

USN-3341-1: Systemd vulnerability Ubuntu Security Notice USN-3341-1 27th June, 2017 systemd vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.04 Ubuntu 16.10 Summary systemd-resolved could be made to crash or run programs if it received a specially crafted DNS response. Software description systemd – system and service manager Details An out-of-bounds write was discovered in systemd-resolved when handlingspecially crafted DNS responses. A remote attacker could potentiallyexploit this to cause a denial of service (daemon crash) or executearbitrary code. (CVE-2017-9445) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 17.04: systemd 232-21ubuntu5 Ubuntu 16.10: systemd 231-9ubuntu5 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2017-9445, LP: 1695546 Source: USN-3341-1: Systemd vulnerability