Monthly Archives: March 2017

Ubuntu

USN-3234-1: Linux kernel vulnerabilities

Leave a comment

Ubuntu Security Notice USN-3234-1

15th March, 2017

linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

  • linux
    – Linux kernel

  • linux-aws
    – Linux kernel for Amazon Web Services (AWS) systems

  • linux-gke
    – Linux kernel for Google Container Engine (GKE) systems

  • linux-raspi2
    – Linux kernel for Raspberry Pi 2

  • linux-snapdragon
    – Linux kernel for Snapdragon Processors

Details

Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel
did not properly validate meta block groups. An attacker with physical
access could use this to specially craft an ext4 image that causes a denial
of service (system crash). (CVE-2016-10208)

It was discovered that the Linux kernel did not clear the setgid bit during
a setxattr call on a tmpfs filesystem. A local attacker could use this to
gain elevated group privileges. (CVE-2017-5551)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.04 LTS:
linux-image-powerpc-e500mc 4.4.0.67.72
linux-image-4.4.0-1009-aws

4.4.0-1009.18
linux-image-4.4.0-67-powerpc64-smp

4.4.0-67.88
linux-image-4.4.0-1051-snapdragon

4.4.0-1051.55
linux-image-4.4.0-67-powerpc64-emb

4.4.0-67.88
linux-image-4.4.0-67-generic

4.4.0-67.88
linux-image-snapdragon 4.4.0.1051.44
linux-image-powerpc64-emb 4.4.0.67.72
linux-image-gke 4.4.0.1006.7
linux-image-4.4.0-67-lowlatency

4.4.0-67.88
linux-image-4.4.0-1006-gke

4.4.0-1006.6
linux-image-generic 4.4.0.67.72
linux-image-aws 4.4.0.1009.11
linux-image-raspi2 4.4.0.1048.48
linux-image-4.4.0-67-powerpc-smp

4.4.0-67.88
linux-image-powerpc-smp 4.4.0.67.72
linux-image-generic-lpae 4.4.0.67.72
linux-image-4.4.0-67-generic-lpae

4.4.0-67.88
linux-image-4.4.0-1048-raspi2

4.4.0-1048.55
linux-image-powerpc64-smp 4.4.0.67.72
linux-image-4.4.0-67-powerpc-e500mc

4.4.0-67.88
linux-image-lowlatency 4.4.0.67.72

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2016-10208,

CVE-2017-5551

Ubuntu

USN-3234-2: Linux kernel (Xenial HWE) vulnerabilities

Leave a comment

Ubuntu Security Notice USN-3234-2

15th March, 2017

linux-lts-xenial vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

  • linux-lts-xenial
    – Linux hardware enablement kernel from Xenial for Trusty

Details

USN-3234-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.

Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel
did not properly validate meta block groups. An attacker with physical
access could use this to specially craft an ext4 image that causes a denial
of service (system crash). (CVE-2016-10208)

It was discovered that the Linux kernel did not clear the setgid bit during
a setxattr call on a tmpfs filesystem. A local attacker could use this to
gain elevated group privileges. (CVE-2017-5551)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
linux-image-powerpc-smp-lts-xenial

4.4.0.67.54
linux-image-generic-lpae-lts-xenial

4.4.0.67.54
linux-image-4.4.0-67-lowlatency

4.4.0-67.88~14.04.1
linux-image-4.4.0-67-generic-lpae

4.4.0-67.88~14.04.1
linux-image-lowlatency-lts-xenial

4.4.0.67.54
linux-image-generic-lts-xenial

4.4.0.67.54
linux-image-4.4.0-67-powerpc64-emb

4.4.0-67.88~14.04.1
linux-image-4.4.0-67-powerpc64-smp

4.4.0-67.88~14.04.1
linux-image-powerpc64-smp-lts-xenial

4.4.0.67.54
linux-image-4.4.0-67-generic

4.4.0-67.88~14.04.1
linux-image-4.4.0-67-powerpc-e500mc

4.4.0-67.88~14.04.1
linux-image-powerpc64-emb-lts-xenial

4.4.0.67.54
linux-image-powerpc-e500mc-lts-xenial

4.4.0.67.54
linux-image-4.4.0-67-powerpc-smp

4.4.0-67.88~14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2016-10208,

CVE-2017-5551

NVD

CVE-2017-6023

Leave a comment

An issue was discovered in Fatek Automation PLC Ethernet Module. The affected Ether_cfg software configuration tool runs on the following Fatek PLCs: CBEH versions prior to V3.6 Build 170215, CBE versions prior to V3.6 Build 170215, CM55E versions prior to V3.6 Build 170215, and CM25E versions prior to V3.6 Build 170215. A stack-based buffer overflow vulnerability has been identified, which may allow remote code execution or crash the affected device.

NVD

CVE-2017-6061

Leave a comment

Cross-site scripting (XSS) vulnerability in the help component of SAP BusinessObjects Financial Consolidation 10.0.0.1933 allows remote attackers to inject arbitrary web script or HTML via a GET request. /finance/help/en/frameset.htm is the URI for this component. The vendor response is SAP Security Note 2368106.

Security

Cisco Security Advisory 20170315-tes

Leave a comment

Cisco Security Advisory – A vulnerability in the Client Manager Server of Cisco Workload Automation and Cisco Tidal Enterprise Scheduler could allow an unauthenticated, remote attacker to retrieve any file from the Client Manager Server. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted URL to the Client Manager Server. An exploit could allow the attacker to retrieve any file from the Cisco Workload Automation or Cisco Tidal Enterprise Scheduler Client Manager Server. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.