Overview
This week we look at security updates for the X server, the Linux kernel
and GnuTLS plus we preview the upcoming AppArmor3 release that is slated
for Ubuntu 20.10 (Groovy Gorilla).
This week in Ubuntu Security Updates
20 unique CVEs addressed
- 2 CVEs addressed in Precise ESM (12.04 ESM), Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
- 2 privilege escalation attacks
- integer overflow -> double free -> memory corruption
- integer overflow -> heap buffer overflow
- privilege escalation may be possible since in both cases could cause
arbitrary code exec with a binary that is using libX11 and running with
root privileges (setuid / sudo etc) - this is why we often advise don’t
run graphical applications via sudo etc
[USN-4488-1, USN-4490-1] X.Org X Server vulnerabilities [02:29]
- 4 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
- Various memory corruption vulnerabilities all discovered by Jan-Niklas
Sohn - on some older releases (xenial and earlier) X server runs as root
[USN-4449-2] Apport vulnerabilities [03:28]
- 3 CVEs addressed in Trusty ESM (14.04 ESM)
- Episode 85
[USN-4474-2] Firefox regressions [03:38]
- 8 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
- Episode 89
- 80.0.1 - upstream release to fix regressions in 80.0 release -> crashes
on GPU resets, WebGL rendering issues, performance issue in processing CA
certs &c
[USN-4489-1] Linux kernel vulnerability [04:09]
- 1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
- AF_PACKET (layer 2) socket did not perform bounds checks in some places -
requires CAP_NET_RAW or root - BUT can be root in a user namespace and
these are enabled by default in Ubuntu and other Linux distros -> can
disable by sysctl `kernel.unprivileged_userns_clone=0`
[USN-4491-1] GnuTLS vulnerability [06:01]
- 1 CVEs addressed in Focal (20.04 LTS)
- Malicious server can trigger a NULL ptr deref in client during TLS 1.3
negotiation - DoS
Goings on in Ubuntu Security Community
AppArmor3 slated for Ubuntu 20.10 [06:32]
- Beta version of AppArmor3 is being prepared for Ubuntu 20.10 Groovy
Gorilla - should land in -proposed next week and then main soon after
- Provides ABI feature pinning - so upgrading to kernels with newer
additional features will not break existing profiles
- Rewrites of a number of tools into different languages to make their use
and packaging easier
- Support for new kernel features such as v8 ABI network socket rules,
xattr attachment conditionals, PERFMON and BPF capabilities
- Improved compilar warnings and semantic checks
- Improved support for kernels that support LSM stacking
- Profile modes - enforce (default), kill and unconfined
Get in contact