No Image

USN-2928-1: Linux kernel vulnerability

2016-03-15 KENNETH 0

USN-2928-1: Linux kernel vulnerability Ubuntu Security Notice USN-2928-1 14th March, 2016 linux vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary The system could be made to crash or run programs as an administrator by someone with physical access. Software description linux – Linux kernel Details Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectlyperformed a double-free. A local attacker with physical access could usethis to cause a denial of service (system crash) or possibly executearbitrary code with administrative privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 LTS: linux-image-3.2.0-101-omap 3.2.0-101.141 linux-image-3.2.0-101-powerpc64-smp 3.2.0-101.141 linux-image-3.2.0-101-highbank 3.2.0-101.141 linux-image-3.2.0-101-powerpc-smp 3.2.0-101.141 linux-image-3.2.0-101-generic 3.2.0-101.141 linux-image-3.2.0-101-virtual 3.2.0-101.141 linux-image-3.2.0-101-generic-pae 3.2.0-101.141 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your [ more… ]

No Image

USN-2928-2: Linux kernel (OMAP4) vulnerability

2016-03-15 KENNETH 0

USN-2928-2: Linux kernel (OMAP4) vulnerability Ubuntu Security Notice USN-2928-2 14th March, 2016 linux-ti-omap4 vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary The system could be made to crash or run programs as an administrator by someone with physical access. Software description linux-ti-omap4 – Linux kernel for OMAP4 Details Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectlyperformed a double-free. A local attacker with physical access could usethis to cause a denial of service (system crash) or possibly executearbitrary code with administrative privileges. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 LTS: linux-image-3.2.0-1479-omap4 3.2.0-1479.105 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your computer to makeall the necessary changes. ATTENTION: Due to [ more… ]

No Image

USN-2929-1: Linux kernel vulnerabilities

2016-03-15 KENNETH 0

USN-2929-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-2929-1 14th March, 2016 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details Ben Hawkes discovered that the Linux netfilter implementation did notcorrectly perform validation when handling IPT_SO_SET_REPLACE events. Alocal unprivileged attacker could use this to cause a denial of service(system crash) or possibly execute arbitrary code with administrativeprivileges. (CVE-2016-3134) It was discovered that the Linux kernel did not properly enforce rlimitsfor file descriptors sent over UNIX domain sockets. A local attacker coulduse this to cause a denial of service. (CVE-2013-4312) Ralf Spenneberg discovered that the USB driver for Clie devices in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could [ more… ]

No Image

USN-2927-1: graphite2 vulnerabilities

2016-03-14 KENNETH 0

USN-2927-1: graphite2 vulnerabilities Ubuntu Security Notice USN-2927-1 14th March, 2016 graphite2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Summary graphite2 could be made to crash or run programs as your login if it opened a specially crafted font. Software description graphite2 – Font rendering engine for Complex Scripts Details It was discovered that graphite2 incorrectly handled certain malformedfonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote attacker could use this issue to causegraphite2 to crash, resulting in a denial of service, or possibly executearbitrary code. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 15.10: libgraphite2-3 1.3.6-1ubuntu0.15.10.1 Ubuntu 14.04 LTS: libgraphite2-3 1.3.6-1ubuntu0.14.04.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. This update uses [ more… ]

No Image

RHSA-2016:0442-1: Moderate: openstack-heat security advisory

2016-03-14 KENNETH 0

RHSA-2016:0442-1: Moderate: openstack-heat security advisory Red Hat Enterprise Linux: Updated OpenStack Orchestration packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. CVE-2015-5295 Source: RHSA-2016:0442-1: Moderate: openstack-heat security advisory