지락문화예술공작단

USN-3522-2: Linux (Xenial HWE) vulnerability Ubuntu Security Notice USN-3522-2 9th January, 2018 linux-lts-xenial, linux-aws vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the Linux kernel. Software description linux-aws – Linux kernel for Amazon Web Services (AWS) systems linux-lts-xenial – Linux hardware enablement kernel from Xenial for Trusty Details USN-3522-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04LTS. This update provides the corresponding updates for the LinuxHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu14.04 LTS. Jann Horn discovered that microprocessors utilizing speculative executionand indirect branch prediction may allow unauthorized memory reads viasidechannel attacks. This flaw is known as Meltdown. A local attacker coulduse this to expose sensitive information, including kernel memory.(CVE-2017-5754) Update instructions The problem can be corrected by updating your system to the [ more… ]

USN-3523-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-3523-1 9th January, 2018 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 17.10 Summary Several security issues were fixed in the Linux kernel. Software description linux – Linux kernel Details Jann Horn discovered that microprocessors utilizing speculative executionand indirect branch prediction may allow unauthorized memory reads viasidechannel attacks. This flaw is known as Meltdown. A local attacker coulduse this to expose sensitive information, including kernel memory.(CVE-2017-5754) Jann Horn discovered that the Berkeley Packet Filter (BPF) implementationin the Linux kernel did not properly check the relationship between pointervalues and the BPF stack. A local attacker could use this to cause a denialof service (system crash) or possibly execute arbitrary code.(CVE-2017-17863) Jann Horn discovered that the Berkeley Packet Filter (BPF) implementationin the Linux kernel improperly performed sign extension in [ more… ]

USN-3522-1: Linux kernel vulnerability Ubuntu Security Notice USN-3522-1 9th January, 2018 linux, linux-aws, linux-euclid, linux-kvm vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in the Linux kernel. Software description linux – Linux kernel linux-aws – Linux kernel for Amazon Web Services (AWS) systems linux-euclid – Linux kernel for Intel Euclid systems linux-kvm – Linux kernel for cloud environments Details Jann Horn discovered that microprocessors utilizing speculative executionand indirect branch prediction may allow unauthorized memory reads viasidechannel attacks. This flaw is known as Meltdown. A local attacker coulduse this to expose sensitive information, including kernel memory.(CVE-2017-5754) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.04 LTS: linux-image-4.4.0-108-lowlatency 4.4.0-108.131 linux-image-euclid 4.4.0.9021.21 linux-image-4.4.0-108-generic 4.4.0-108.131 linux-image-4.4.0-9021-euclid 4.4.0-9021.22 linux-image-generic 4.4.0.108.113 linux-image-aws 4.4.0.1047.49 linux-image-kvm [ more… ]

USN-3524-1: Linux kernel vulnerability Ubuntu Security Notice USN-3524-1 9th January, 2018 linux vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the Linux kernel. Software description linux – Linux kernel Details Jann Horn discovered that microprocessors utilizing speculative executionand indirect branch prediction may allow unauthorized memory reads viasidechannel attacks. This flaw is known as Meltdown. A local attacker coulduse this to expose sensitive information, including kernel memory.(CVE-2017-5754) Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 14.04 LTS: linux-image-generic 3.13.0.139.148 linux-image-3.13.0-139-lowlatency 3.13.0-139.188 linux-image-lowlatency 3.13.0.139.148 linux-image-3.13.0-139-generic 3.13.0-139.188 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to reboot your computer to makeall the necessary changes. ATTENTION: Due to an unavoidable ABI change the [ more… ]