Sveriges mest populära poddar

Ubuntu Security Podcast

Episode 7

11 min • 16 oktober 2018

Overview

This week we look at some details of the 78 unique CVEs addressed across the supported Ubuntu releases including more GhostScript, ImageMagick, WebKitGTK, Linux kernel and more.

This week in Ubuntu Security Updates

78 unique CVEs addressed

[USN-3773-1] Ghostscript vulnerabilities

[USN-3769-2] Bind vulnerability

[USN-3774-1] strongSwan vulnerability

  • 1 CVEs addressed in Trusty, Xenial, Bionic
  • [USN-3771-1] incorporated fixes for multiple CVEs - but these fixes themselves introduced this new vulnerability
  • Heap buffer overflow found by Google’s OSS-Fuzz leading to DoS for gmp plugin

[USN-3775-1, USN-3775-2, USN-3776-1, USN-3776-2, USN-3777-1, USN-3777-2] Linux kernel vulnerabilities

  • 11 CVEs addressed across Precise ESM, Trusty, Xenial and Bionic including HWE kernels
  • Not all CVEs affect all releases
  • Includes:
    • UAF and memory leak -> DoS in IRDA
    • Stack buffer overwrite in iSCSI - low chance of privilege escalation
    • Integer overflow leading to possible privilege escalation but only on machines with >32GB RAM
    • Insufficiencies discovered in various Spectre variant mitigations previously deployed
    • Incorrect bounds checking in yurex USB driver from userspace -> crash / privilege escalation for local user
    • Race condition in midi driver - double free -> privilege escalation
    • KVM hypervisor instruction emulation fail to check privileges - privilege escalation inside guest
    • OCFS2 file-system driver NULL pointer dereference -> BUG (mutex logic bug)
    • Memory management sequence number overflow leading to UAF -> possible privilege escalation - Jann Horn (GPZ)

[USN-3780-1] HAProxy vulnerability

  • 1 CVEs addressed in Bionic
  • Out of bounds read leading to remote crash -> DoS

[USN-3781-1] WebKitGTK+ vulnerabilities

[USN-3782-1] Liblouis vulnerabilities

[USN-3778-1] Firefox vulnerabilities

[USN-3783-1] Apache HTTP Server vulnerabilities

[USN-3785-1] ImageMagick vulnerabilities

[USN-3784-1] AppArmor update

  • Hardening of various AppArmor profiles (mentioned in Episode 5)

[LSN-0044-1] Linux kernel vulnerability

  • Livepatch incorporating L1TF, Spectrev2 and other fixes as well

[USN-3786-1] libxkbcommon vulnerabilities

[USN-3787-1] Tomcat vulnerability

  • 1 CVEs addressed in Trusty, Xenial
  • Redirect handling allowed attacker to redirect to any URI of their choice
  • Can be avoided if had manually enabled both mapperDirectoryRedirectEnabled and mapperContextRootRedirectEnabled

[USN-3789-1] ClamAV vulnerability

  • 1 CVEs addressed in Trusty, Xenial, Bionic
  • Crash in handling of unpacked MEW executable files

[USN-3788-1] Tex Live vulnerabilities

  • 2 CVEs addressed in Trusty, Xenial, Bionic
  • File overwrite via insecure symlink handling
  • Code execution via buffer overflow in Type1 font handler

[USN-3791-1] Git vulnerability

  • 1 CVEs addressed in Trusty, Xenial, Bionic
  • RCE when cloning a malicious repository - due to insufficient validation of git submodule URLs and paths.

Goings on in Ubuntu Security Community

Hiring

Ubuntu Security Engineer

Get in contact

Kategorier
Förekommer på
00:00 -00:00