Sveriges mest populära poddar

Ubuntu Security Podcast

Episode 132

17 min • 24 september 2021

Overview

Extended Security Maintenance gets an extension, Linux disk encryption and authentication goes under the microscope and we cover security updates for libgcrypt, the Linux kernel, Python, and more.

This week in Ubuntu Security Updates

20 unique CVEs addressed

[USN-5078-2] Squashfs-Tools vulnerabilities [01:02]

[USN-5080-1, USN-5080-2] Libgcrypt vulnerabilities [01:43]

  • 2 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)
  • Side-channel attacks against the various ElGamal implementations in OpenPGP - https://eprint.iacr.org/2021/923 - researchers from IBM Research Europe
    • Patent free public key encryption scheme - popular in OpenPGP - 1 in 6 registered OpenPGP keys have an ElGamal subkey
  • Various implementations of ElGamal are used in different OpenPGP implementations - Go stdlib, Crypto++ and gcrypt
  • libgcrypt has previously had other side-channel vulns found and was used in the development of FLUSH+RELOAD attack against GnuPG
  • This attack exploits the different configurations used in the various implementations to use timing differences to be able to recover plaintext
  • Fixed to remove support for smaller key lengths and add exponent blinding (combining the exponent with randomness to avoid it being inferred by timing analysis)

[USN-5071-2] Linux kernel (HWE) vulnerabilities [04:11]

[USN-5071-3] Linux kernel (Raspberry Pi) vulnerabilities

[USN-5082-1] Linux kernel (OEM) vulnerabilities

[USN-5073-2] Linux kernel (GCP) vulnerabilities

[USN-5073-3] Linux kernel (Raspberry Pi) vulnerabilities

[USN-5079-3] curl vulnerabilities [06:34]

[USN-5081-1] Qt vulnerabilities [06:49]

  • 2 CVEs addressed in Bionic (18.04 LTS)
  • 2 issues in graphics / image handling
    • crafted XBM trigger OOB read -> crash
    • OOB write when rendering SVG or other crafted vector content

[USN-5083-1] Python vulnerabilities [07:22]

  • 2 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM)
  • ReDOS - a malicious HTTP server which would send a crafted response for BasicAuth which would cause high CPU usage in trying to match the header value via a regex - fixed to use a simpler regex
  • Malicious server could cause a client to hang even if the client had set a timeout - server sends a ‘100 Continue’ response and the client would sit there waiting to receive more input which would never arrive (since server is malicious)

[USN-5084-1] LibTIFF vulnerability [08:32]

  • 1 CVEs addressed in Focal (20.04 LTS)
  • Buffer overflow via crafted TIFF file

[USN-5079-4] curl regression [08:42]

Goings on in Ubuntu Security Community

Authenticated boot and disk encryption on Linux [09:28]

Ubuntu 14.04 and 16.04 ESM extended [14:16]

RELEASE RELEASE DATE END OF LIFE*
Ubuntu 14.04 (Trusty Tahr) April 2014 April 2024(from April 2022)
Ubuntu 16.04 (Xenial Xerus) April 2016 April 2026(from April 2024)
Ubuntu 18.04 (Bionic Beaver) April 2018 April 2028(unchanged)
Ubuntu 20.04 (Focal Fossa) April 2020 April 2030(unchanged)
  • Use extra time to plan upgrades

Hiring [15:48]

Linux Cryptography and Security Engineer

Security Engineer - Ubuntu

Security Product Manager

Get in contact

Kategorier
Förekommer på
00:00 -00:00