ubuntu-usn

USN-4341-3: Samba regression samba regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary USN-4341-1 introduced a regression in Samba. Software Description samba – SMB/CIFS file, print, and login server for Unix Details USN-4341-1 fixed vulnerabilities in Samba. The updated packages for Ubuntu 16.04 LTS introduced a regression when using LDAP. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could possibly use this issue to cause Samba to consume resources, resulting in a denial of service. (CVE-2020-10704) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS samba – 2:4.3.11+dfsg-0ubuntu0.16.04.27 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make [ more… ]

USN-4346-1: Linux kernel vulnerabilities linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 14.04 ESM Summary Several security issues were fixed in the Linux kernel. Software Description linux – Linux kernel linux-aws – Linux kernel for Amazon Web Services (AWS) systems linux-kvm – Linux kernel for cloud environments linux-raspi2 – Linux kernel for Raspberry Pi 2 linux-snapdragon – Linux kernel for Snapdragon processors linux-lts-xenial – Linux hardware enablement kernel from Xenial for Trusty Details It was discovered that the QLogic Fibre Channel driver in the Linux kernel did not properly check for error, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16233) It was discovered that the Intel Wi-Fi driver in the Linux kernel [ more… ]

USN-4345-1: Linux kernel vulnerabilities linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary Several security issues were fixed in the Linux kernel. Software Description linux – Linux kernel linux-aws – Linux kernel for Amazon Web Services (AWS) systems linux-gke-4.15 – Linux kernel for Google Container Engine (GKE) systems linux-kvm – Linux kernel for cloud environments linux-oem – Linux kernel for OEM processors linux-oracle – Linux kernel for Oracle Cloud systems linux-raspi2 – Linux kernel for Raspberry Pi 2 linux-snapdragon – Linux kernel for Snapdragon processors linux-aws-hwe – Linux kernel for Amazon Web Services (AWS-HWE) systems linux-azure – Linux kernel for Microsoft Azure Cloud systems linux-gcp – Linux kernel for Google Cloud Platform (GCP) systems linux-hwe – Linux hardware [ more… ]

USN-4344-1: Linux kernel vulnerabilities linux-gke-5.0, linux-oem-osp11 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS Summary Several security issues were fixed in the Linux kernel. Software Description linux-gke-5.0 – Linux kernel for Google Container Engine (GKE) systems linux-oem-osp1 – Linux kernel for OEM processors Details It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16234) It was discovered that the Intel WiMAX 2400 driver in the Linux kernel did not properly deallocate memory in certain situations. A local attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19051) Tristan Madani discovered that the block I/O tracing implementation in the Linux kernel contained a [ more… ]

USN-4343-1: Linux kernel vulnerability linux vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 20.04 LTS Summary Systems running on s390x architecture could be made to crash or run programs as an administrator under certain conditions. Software Description linux – Linux kernel Details Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS linux-image-5.4.0-28-generic – 5.4.0-28.32 linux-image-5.4.0-28-generic-lpae – 5.4.0-28.32 linux-image-5.4.0-28-lowlatency – 5.4.0-28.32 linux-image-generic – 5.4.0.28.33 linux-image-generic-lpae – 5.4.0.28.33 linux-image-lowlatency – 5.4.0.28.33 linux-image-oem – 5.4.0.28.33 linux-image-oem-osp1 – 5.4.0.28.33 linux-image-virtual – 5.4.0.28.33 To update your system, [ more… ]