지락문화예술공작단

USN-4189-1: DPDK vulnerability dpdk vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.10 Ubuntu 19.04 Ubuntu 18.04 LTS Summary DPDK could be made to consume resources if it received specially crafted input. Software Description dpdk – set of libraries for fast packet processing Details Jason Wang discovered that DPDK incorrectly handled certain messages. An attacker in a malicious container could possibly use this issue to cause DPDK to leak resources, resulting in a denial of service. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10 dpdk – 18.11.4-1ubuntu0.19.10.1 Ubuntu 19.04 dpdk – 18.11.4-1ubuntu0.19.04.1 Ubuntu 18.04 LTS dpdk – 17.11.8-0~ubuntu18.04.2 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update [ more… ]

USN-4188-1: Linux kernel vulnerability linux, linux-lts-trusty vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 ESM Summary The system could be made to expose sensitive information. Software Description linux – Linux kernel linux-lts-trusty – Linux hardware enablement kernel from Trusty for Precise ESM Details Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM linux-image-3.13.0-175-generic – 3.13.0-175.226~12.04.1 linux-image-3.13.0-175-generic-lpae – [ more… ]

USN-4185-2: Linux kernel (Azure) vulnerabilities linux-azure vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 ESM Summary Several security issues were fixed in the Linux kernel. Software Description linux-azure – Linux kernel for Microsoft Azure Cloud systems Details Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135) Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in [ more… ]

USN-4187-1: Linux kernel vulnerability linux vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 ESM Summary The system could be made to expose sensitive information. Software Description linux – Linux kernel Details Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM linux-image-3.13.0-175-generic – 3.13.0-175.226 linux-image-3.13.0-175-generic-lpae – 3.13.0-175.226 linux-image-3.13.0-175-lowlatency – 3.13.0-175.226 linux-image-generic – 3.13.0.175.186 linux-image-generic-lpae – 3.13.0.175.186 linux-image-lowlatency – [ more… ]