Overview
This week we cover security updates for Django, runC and SQLite, plus Alex
and Joe discuss the AMD speculative execution Take A Way attack and we
look at some recent blog posts by the team too.
This week in Ubuntu Security Updates
16 unique CVEs addressed
[USN-4296-1] Django vulnerability [00:49]
- 1 CVEs addressed in Xenial, Bionic, Eoan
- Possible SQL injection in the GIS functions when using an Oracle DB as
the backend - Oracle provides a tolerance parameter which can be used
when doing GIS queries and this was not properly sanitised before use so
could allow SQL injection
[USN-4297-1] runC vulnerabilities [01:30]
- 2 CVEs addressed in Bionic, Eoan
- Race condition on mounting of shared volume mounts between two
containers - can replace /proc on one container with a symlink inside of
the shared mount - when this gets cleaned up other parts of /proc can end
mounted within the shared mount and this could be used for privilege
escalation since if outside of /proc then regular users might be able to
write to sensitive parts of /proc - fixed by having runc validate that
the target for mounting /proc or /sys must either not exist or must be a
directory to avoid symlink attacks etc
- Possible bypass of AppArmor restrictions since would not properly check
the target of a mount and so could end up mounting a malicious image over
/proc - instead add more explicit checks on whether the dest of a mount
is /proc and only allow this if the source is also a procfs
[USN-4298-1] SQLite vulnerabilities [03:09]
- 13 CVEs addressed in Xenial, Bionic, Eoan
- Many different memory safety issues resolved in SQLite - across various
parts of SQLite including handling of shadow tables, corrupt records,
parsing, ZIP archives and column optimisations. Most of these were
detected by fuzzing and so are unlikely to be an issue unless handling
untrusted SQLite databases or untrusted query inputs.
Goings on in Ubuntu Security Community
Alex and Joe discuss AMD Take A Way attack [04:10]
Blog posts [19:08]
Hiring [20:21]
Robotics Security Engineer
Security Engineer - Certifications (FIPS, Common Criteria)
Ubuntu Security Engineer
Get in contact