Category Archives: Ubuntu

Ubuntu Security Notices

Ubuntu

USN-2404-1: libvirt vulnerabilities

Ubuntu Security Notice USN-2404-1

11th November, 2014

libvirt vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.10
  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in libvirt.

Software description

  • libvirt
    – Libvirt virtualization toolkit

Details

Pavel Hrdina discovered that libvirt incorrectly handled locking when
processing the virConnectListAllDomains command. An attacker could use this
issue to cause libvirtd to hang, resulting in a denial of service.
(CVE-2014-3657)

Eric Blake discovered that libvirt incorrectly handled permissions when
processing the qemuDomainFormatXML command. An attacker with read-only
privileges could possibly use this to gain access to certain information
from the domain xml file. (CVE-2014-7823)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:
libvirt0

1.2.8-0ubuntu11.1
libvirt-bin

1.2.8-0ubuntu11.1
Ubuntu 14.04 LTS:
libvirt0

1.2.2-0ubuntu13.1.7
libvirt-bin

1.2.2-0ubuntu13.1.7

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2014-3657,

CVE-2014-7823

Ubuntu

USN-2400-1: LibreOffice vulnerability

Ubuntu Security Notice USN-2400-1

10th November, 2014

libreoffice vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 12.04 LTS

Summary

LibreOffice could be made to embed sensitive information into documents.

Software description

  • libreoffice
    – Office productivity suite

Details

It was discovered that LibreOffice incorrectly handled OLE preview
generation. If a user were tricked into opening a crafted document, an
attacker could possibly exploit this to embed arbitrary data into
documents.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
libreoffice-core

1:3.5.7-0ubuntu7

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart LibreOffice to make all
the necessary changes.

References

CVE-2014-3575

Ubuntu

USN-2399-1: curl vulnerability

Ubuntu Security Notice USN-2399-1

10th November, 2014

curl vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS
  • Ubuntu 10.04 LTS

Summary

curl could expose sensitive information over the network.

Software description

  • curl
    – HTTP, HTTPS, and FTP client and client libraries

Details

Symeon Paraschoudis discovered that curl incorrectly handled memory when
being used with CURLOPT_COPYPOSTFIELDS and curl_easy_duphandle(). This may
result in sensitive data being incorrectly sent to the remote server.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:
libcurl3-nss

7.37.1-1ubuntu3.1
libcurl3-gnutls

7.37.1-1ubuntu3.1
libcurl3

7.37.1-1ubuntu3.1
Ubuntu 14.04 LTS:
libcurl3-nss

7.35.0-1ubuntu2.2
libcurl3-gnutls

7.35.0-1ubuntu2.2
libcurl3

7.35.0-1ubuntu2.2
Ubuntu 12.04 LTS:
libcurl3-nss

7.22.0-3ubuntu4.11
libcurl3-gnutls

7.22.0-3ubuntu4.11
libcurl3

7.22.0-3ubuntu4.11
Ubuntu 10.04 LTS:
libcurl3-gnutls

7.19.7-1ubuntu1.10
libcurl3

7.19.7-1ubuntu1.10

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2014-3707

Ubuntu

USN-2398-1: LibreOffice vulnerability

Ubuntu Security Notice USN-2398-1

5th November, 2014

libreoffice vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.10
  • Ubuntu 14.04 LTS

Summary

LibreOffice could be made to crash or run programs if it received specially
crafted network traffic.

Software description

  • libreoffice
    – Office productivity suite

Details

It was discovered that LibreOffice incorrectly handled the Impress remote
control port. An attacker could possibly use this issue to cause Impress to
crash, resulting in a denial of service, or possibly execute arbitrary
code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:
libreoffice-core

1:4.3.3-0ubuntu1
Ubuntu 14.04 LTS:
libreoffice-core

1:4.2.7-0ubuntu1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart LibreOffice to
make all the necessary changes.

References

CVE-2014-3693

Ubuntu

USN-2397-1: Ruby vulnerabilities

Ubuntu Security Notice USN-2397-1

4th November, 2014

ruby1.8, ruby1.9.1, ruby2.0, ruby2.1 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in Ruby.

Software description

  • ruby1.8
    – Object-oriented scripting language

  • ruby1.9.1
    – Object-oriented scripting language

  • ruby2.0
    – Object-oriented scripting language

  • ruby2.1
    – Object-oriented scripting language

Details

Will Wood discovered that Ruby incorrectly handled the encodes() function.
An attacker could possibly use this issue to cause Ruby to crash, resulting
in a denial of service, or possibly execute arbitrary code. The default
compiler options for affected releases should reduce the vulnerability to a
denial of service. (CVE-2014-4975)

Willis Vandevanter discovered that Ruby incorrectly handled XML entity
expansion. An attacker could use this flaw to cause Ruby to consume large
amounts of resources, resulting in a denial of service. (CVE-2014-8080)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:
libruby2.1

2.1.2-2ubuntu1.1
libruby2.0

2.0.0.484+really457-3ubuntu1.1
ruby2.1

2.1.2-2ubuntu1.1
ruby2.0

2.0.0.484+really457-3ubuntu1.1
Ubuntu 14.04 LTS:
libruby2.0

2.0.0.484-1ubuntu2.1
ruby1.9.1

1.9.3.484-2ubuntu1.1
libruby1.9.1

1.9.3.484-2ubuntu1.1
ruby2.0

2.0.0.484-1ubuntu2.1
Ubuntu 12.04 LTS:
ruby1.8

1.8.7.352-2ubuntu1.5
ruby1.9.1

1.9.3.0-1ubuntu2.9
libruby1.8

1.8.7.352-2ubuntu1.5
libruby1.9.1

1.9.3.0-1ubuntu2.9

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2014-4975,

CVE-2014-8080

Ubuntu

USN-2396-1: Linux kernel vulnerabilities

Ubuntu Security Notice USN-2396-1

31st October, 2014

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.10

Summary

Several security issues were fixed in the kernel.

Software description

  • linux
    – Linux kernel

Details

Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles
noncanonical addresses when emulating instructions that change the rip
(Instruction Pointer). A guest user with access to I/O or the MMIO can use
this flaw to cause a denial of service (system crash) of the guest.
(CVE-2014-3647)

A flaw was discovered with the handling of the invept instruction in the
KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged
guest user could exploit this flaw to cause a denial of service (system
crash) on the guest. (CVE-2014-3646)

Lars Bull reported a race condition in the PIT (programmable interrupt
timer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linux
kernel. A local guest user with access to PIT i/o ports could exploit this
flaw to cause a denial of service (crash) on the host. (CVE-2014-3611)

Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel Virtual
Machine) handles noncanonical writes to certain MSR registers. A privileged
guest user can exploit this flaw to cause a denial of service (kernel
panic) on the host. (CVE-2014-3610)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:
linux-image-3.16.0-24-powerpc-e500mc

3.16.0-24.32
linux-image-3.16.0-24-powerpc64-smp

3.16.0-24.32
linux-image-3.16.0-24-powerpc-smp

3.16.0-24.32
linux-image-3.16.0-24-powerpc64-emb

3.16.0-24.32
linux-image-3.16.0-24-lowlatency

3.16.0-24.32
linux-image-3.16.0-24-generic

3.16.0-24.32
linux-image-3.16.0-24-generic-lpae

3.16.0-24.32

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2014-3610,

CVE-2014-3611,

CVE-2014-3646,

CVE-2014-3647

Ubuntu

USN-2395-1: Linux kernel vulnerabilities

Ubuntu Security Notice USN-2395-1

30th October, 2014

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

  • linux
    – Linux kernel

Details

Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles
noncanonical addresses when emulating instructions that change the rip
(Instruction Pointer). A guest user with access to I/O or the MMIO can use
this flaw to cause a denial of service (system crash) of the guest.
(CVE-2014-3647)

A flaw was discovered with the handling of the invept instruction in the
KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged
guest user could exploit this flaw to cause a denial of service (system
crash) on the guest. (CVE-2014-3646)

Lars Bull reported a race condition in the PIT (programmable interrupt
timer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linux
kernel. A local guest user with access to PIT i/o ports could exploit this
flaw to cause a denial of service (crash) on the host. (CVE-2014-3611)

Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel Virtual
Machine) handles noncanonical writes to certain MSR registers. A privileged
guest user can exploit this flaw to cause a denial of service (kernel
panic) on the host. (CVE-2014-3610)

Raphael Geissert reported a NULL pointer dereference in the Linux kernel’s
CIFS client. A remote CIFS server could cause a denial of service (system
crash) or possibly have other unspecified impact by deleting IPC$ share
during resolution of DFS referrals. (CVE-2014-7145)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
linux-image-3.13.0-39-generic-lpae

3.13.0-39.66
linux-image-3.13.0-39-powerpc64-emb

3.13.0-39.66
linux-image-3.13.0-39-powerpc-smp

3.13.0-39.66
linux-image-3.13.0-39-lowlatency

3.13.0-39.66
linux-image-3.13.0-39-powerpc-e500

3.13.0-39.66
linux-image-3.13.0-39-generic

3.13.0-39.66
linux-image-3.13.0-39-powerpc-e500mc

3.13.0-39.66
linux-image-3.13.0-39-powerpc64-smp

3.13.0-39.66

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2014-3610,

CVE-2014-3611,

CVE-2014-3646,

CVE-2014-3647,

CVE-2014-7145

Ubuntu

USN-2394-1: Linux kernel (Trusty HWE) vulnerabilities

Ubuntu Security Notice USN-2394-1

30th October, 2014

linux-lts-trusty vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

  • linux-lts-trusty
    – Linux hardware enablement kernel from Trusty

Details

Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles
noncanonical addresses when emulating instructions that change the rip
(Instruction Pointer). A guest user with access to I/O or the MMIO can use
this flaw to cause a denial of service (system crash) of the guest.
(CVE-2014-3647)

A flaw was discovered with the handling of the invept instruction in the
KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged
guest user could exploit this flaw to cause a denial of service (system
crash) on the guest. (CVE-2014-3646)

Lars Bull reported a race condition in the PIT (programmable interrupt
timer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linux
kernel. A local guest user with access to PIT i/o ports could exploit this
flaw to cause a denial of service (crash) on the host. (CVE-2014-3611)

Lars Bull and Nadav Amit reported a flaw in how KVM (the Kernel Virtual
Machine) handles noncanonical writes to certain MSR registers. A privileged
guest user can exploit this flaw to cause a denial of service (kernel
panic) on the host. (CVE-2014-3610)

Raphael Geissert reported a NULL pointer dereference in the Linux kernel’s
CIFS client. A remote CIFS server could cause a denial of service (system
crash) or possibly have other unspecified impact by deleting IPC$ share
during resolution of DFS referrals. (CVE-2014-7145)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
linux-image-3.13.0-39-generic-lpae

3.13.0-39.66~precise1
linux-image-3.13.0-39-generic

3.13.0-39.66~precise1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2014-3610,

CVE-2014-3611,

CVE-2014-3646,

CVE-2014-3647,

CVE-2014-7145

Ubuntu

USN-2393-1: Wget vulnerability

Ubuntu Security Notice USN-2393-1

30th October, 2014

wget vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS
  • Ubuntu 10.04 LTS

Summary

Wget could be made to overwrite files.

Software description

  • wget
    – retrieves files from the web

Details

HD Moore discovered that Wget contained a path traversal vulnerability
when downloading symlinks using FTP. A malicious remote FTP server or a man
in the middle could use this issue to cause Wget to overwrite arbitrary
files, possibly leading to arbitrary code execution.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:
wget

1.15-1ubuntu1.14.10.1
Ubuntu 14.04 LTS:
wget

1.15-1ubuntu1.14.04.1
Ubuntu 12.04 LTS:
wget

1.13.4-2ubuntu1.2
Ubuntu 10.04 LTS:
wget

1.12-1.1ubuntu2.2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2014-4877

Ubuntu

USN-2391-1: php5 vulnerabilities

Ubuntu Security Notice USN-2391-1

30th October, 2014

php5 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS
  • Ubuntu 10.04 LTS

Summary

Several security issues were fixed in PHP.

Software description

  • php5
    – HTML-embedded scripting language interpreter

Details

Symeon Paraschoudis discovered that PHP incorrectly handled the mkgmtime
function. A remote attacker could possibly use this issue to cause PHP to
crash, resulting in a denial of service. (CVE-2014-3668)

Symeon Paraschoudis discovered that PHP incorrectly handled unserializing
objects. A remote attacker could possibly use this issue to cause PHP to
crash, resulting in a denial of service. (CVE-2014-3669)

Otto Ebeling discovered that PHP incorrectly handled the exif_thumbnail
function. A remote attacker could use this issue to cause PHP to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2014-3670)

Francisco Alonso that PHP incorrectly handled ELF files in the fileinfo
extension. A remote attacker could possibly use this issue to cause PHP to
crash, resulting in a denial of service. (CVE-2014-3710)

It was discovered that PHP incorrectly handled NULL bytes when processing
certain URLs with the curl functions. A remote attacker could possibly use
this issue to bypass filename restrictions and obtain access to sensitive
files. (No CVE number)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:
php5-cli

5.5.12+dfsg-2ubuntu4.1
php5-cgi

5.5.12+dfsg-2ubuntu4.1
php5-xmlrpc

5.5.12+dfsg-2ubuntu4.1
php5-curl

5.5.12+dfsg-2ubuntu4.1
libapache2-mod-php5

5.5.12+dfsg-2ubuntu4.1
php5-fpm

5.5.12+dfsg-2ubuntu4.1
Ubuntu 14.04 LTS:
php5-cli

5.5.9+dfsg-1ubuntu4.5
php5-cgi

5.5.9+dfsg-1ubuntu4.5
php5-xmlrpc

5.5.9+dfsg-1ubuntu4.5
php5-curl

5.5.9+dfsg-1ubuntu4.5
libapache2-mod-php5

5.5.9+dfsg-1ubuntu4.5
php5-fpm

5.5.9+dfsg-1ubuntu4.5
Ubuntu 12.04 LTS:
php5-cli

5.3.10-1ubuntu3.15
php5-cgi

5.3.10-1ubuntu3.15
php5-xmlrpc

5.3.10-1ubuntu3.15
php5-curl

5.3.10-1ubuntu3.15
libapache2-mod-php5

5.3.10-1ubuntu3.15
php5-fpm

5.3.10-1ubuntu3.15
Ubuntu 10.04 LTS:
php5-cli

5.3.2-1ubuntu4.28
php5-cgi

5.3.2-1ubuntu4.28
libapache2-mod-php5

5.3.2-1ubuntu4.28
php5-curl

5.3.2-1ubuntu4.28
php5-xmlrpc

5.3.2-1ubuntu4.28

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2014-3668,

CVE-2014-3669,

CVE-2014-3670,

CVE-2014-3710