Ubuntu Security Notice USN-2938-1

21st March, 2016

git vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 15.10
• Ubuntu 14.04 LTS
• Ubuntu 12.04 LTS

Summary

Git could be made to crash or run programs as your login if it received
changes from a specially crafted remote repository.

Software description

• git
  – fast, scalable, distributed revision control system

Details

Laël Cellier discovered that Git incorrectly handled path strings in
crafted Git repositories. A remote attacker could use this issue to cause
a denial of service or possibly execute arbitrary code with the
privileges of the user invoking Git. (CVE-2016-2315, CVE-2016-2324)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.10:

git

1:2.5.0-1ubuntu0.2

Ubuntu 14.04 LTS:

git

1:1.9.1-1ubuntu0.3

Ubuntu 12.04 LTS:

git

1:1.7.9.5-1ubuntu0.3

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2016-2315,

CVE-2016-2324

Ubuntu Security Notice USN-2935-3

17th March, 2016

pam regression

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 12.04 LTS

Summary

USN-2935-1 introduced a regression in PAM.

Software description

• pam
  – Pluggable Authentication Modules

Details

USN-2935-1 fixed vulnerabilities in PAM. The updates contained a packaging
change that prevented upgrades in certain multiarch environments. USN-2935-2
intended to fix the problem but was incomplete for Ubuntu 12.04 LTS. This
update fixes the problem in Ubuntu 12.04 LTS.

We apologize for the inconvenience.

Original advisory details:

It was discovered that the PAM pam_userdb module incorrectly used a
case-insensitive method when comparing hashed passwords. A local attacker
could possibly use this issue to make brute force attacks easier. This
issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2013-7041)

Sebastian Krahmer discovered that the PAM pam_timestamp module incorrectly
performed filtering. A local attacker could use this issue to create
arbitrary files, or possibly bypass authentication. This issue only
affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-2583)

Sebastien Macke discovered that the PAM pam_unix module incorrectly handled
large passwords. A local attacker could possibly use this issue in certain
environments to enumerate usernames or cause a denial of service.
(CVE-2015-3238)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:

libpam-modules

1.1.3-7ubuntu2.3

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

LP: 1558597,

http://www.ubuntu.com/usn/usn-2935-2

Ubuntu Security Notice USN-2935-1

16th March, 2016

pam vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 15.10
• Ubuntu 14.04 LTS
• Ubuntu 12.04 LTS

Summary

Several security issues were fixed in PAM.

Software description

• pam
  – Pluggable Authentication Modules

Details

It was discovered that the PAM pam_userdb module incorrectly used a
case-insensitive method when comparing hashed passwords. A local attacker
could possibly use this issue to make brute force attacks easier. This
issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2013-7041)

Sebastian Krahmer discovered that the PAM pam_timestamp module incorrectly
performed filtering. A local attacker could use this issue to create
arbitrary files, or possibly bypass authentication. This issue only
affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-2583)

Sebastien Macke discovered that the PAM pam_unix module incorrectly handled
large passwords. A local attacker could possibly use this issue in certain
environments to enumerate usernames or cause a denial of service.
(CVE-2015-3238)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.10:

libpam-modules

1.1.8-3.1ubuntu3.1

Ubuntu 14.04 LTS:

libpam-modules

1.1.8-1ubuntu2.1

Ubuntu 12.04 LTS:

libpam-modules

1.1.3-7ubuntu2.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2013-7041,

CVE-2014-2583,

CVE-2015-3238

Ubuntu Security Notice USN-2935-2

16th March, 2016

pam regression

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 15.10
• Ubuntu 14.04 LTS
• Ubuntu 12.04 LTS

Summary

USN-2935-1 introduced a regression in PAM.

Software description

• pam
  – Pluggable Authentication Modules

Details

USN-2935-1 fixed vulnerabilities in PAM. The updates contained a packaging
change that prevented upgrades in certain multiarch environments. This
update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that the PAM pam_userdb module incorrectly used a
case-insensitive method when comparing hashed passwords. A local attacker
could possibly use this issue to make brute force attacks easier. This
issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2013-7041)

Sebastian Krahmer discovered that the PAM pam_timestamp module incorrectly
performed filtering. A local attacker could use this issue to create
arbitrary files, or possibly bypass authentication. This issue only
affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-2583)

Sebastien Macke discovered that the PAM pam_unix module incorrectly handled
large passwords. A local attacker could possibly use this issue in certain
environments to enumerate usernames or cause a denial of service.
(CVE-2015-3238)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.10:

libpam-modules

1.1.8-3.1ubuntu3.2

Ubuntu 14.04 LTS:

libpam-modules

1.1.8-1ubuntu2.2

Ubuntu 12.04 LTS:

libpam-modules

1.1.3-7ubuntu2.2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

LP: 1558114

Ubuntu Security Notice USN-2930-3

16th March, 2016

linux-raspi2 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 15.10

Summary

Several security issues were fixed in the kernel.

Software description

• linux-raspi2
  – Linux kernel for Raspberry Pi 2

Details

Ben Hawkes discovered that the Linux netfilter implementation did not
correctly perform validation when handling IPT_SO_SET_REPLACE events. A
local unprivileged attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code with administrative
privileges. (CVE-2016-3134)

Ben Hawkes discovered an integer overflow in the Linux netfilter
implementation. On systems running 32 bit kernels, a local unprivileged
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code with administrative privileges.
(CVE-2016-3135)

Ralf Spenneberg discovered that the USB driver for Clie devices in the
Linux kernel did not properly sanity check the endpoints reported by the
device. An attacker with physical access could cause a denial of service
(system crash). (CVE-2015-7566)

It was discovered that a race condition existed when handling heartbeat-
timeout events in the SCTP implementation of the Linux kernel. A remote
attacker could use this to cause a denial of service. (CVE-2015-8767)

It was discovered that a race condition existed in the ioctl handler for
the TTY driver in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or expose sensitive information.
(CVE-2016-0723)

Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectly
performed a double-free. A local attacker with physical access could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code with administrative privileges. (CVE-2016-2384)

Ralf Spenneberg discovered that the USB driver for Treo devices in the
Linux kernel did not properly sanity check the endpoints reported by the
device. An attacker with physical access could cause a denial of service
(system crash). (CVE-2016-2782)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.10:

linux-image-4.2.0-1027-raspi2

4.2.0-1027.35

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2015-7566,

CVE-2015-8767,

CVE-2016-0723,

CVE-2016-2384,

CVE-2016-2782,

CVE-2016-3134,

CVE-2016-3135

Ubuntu Security Notice USN-2927-1

14th March, 2016

graphite2 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 15.10
• Ubuntu 14.04 LTS

Summary

graphite2 could be made to crash or run programs as your login if it opened
a specially crafted font.

Software description

• graphite2
  – Font rendering engine for Complex Scripts

Details

It was discovered that graphite2 incorrectly handled certain malformed
fonts. If a user or automated system were tricked into opening a specially-
crafted font file, a remote attacker could use this issue to cause
graphite2 to crash, resulting in a denial of service, or possibly execute
arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.10:

libgraphite2-3

1.3.6-1ubuntu0.15.10.1

Ubuntu 14.04 LTS:

libgraphite2-3

1.3.6-1ubuntu0.14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart applications
using graphite2, such as LibreOffice, to make all the necessary changes.

References

CVE-2016-1977,

CVE-2016-2790,

CVE-2016-2791,

CVE-2016-2792,

CVE-2016-2793,

CVE-2016-2794,

CVE-2016-2795,

CVE-2016-2796,

CVE-2016-2797,

CVE-2016-2798,

CVE-2016-2799,

CVE-2016-2800,

CVE-2016-2801,

CVE-2016-2802

Ubuntu Security Notice USN-2928-2

14th March, 2016

linux-ti-omap4 vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 12.04 LTS

Summary

The system could be made to crash or run programs as an administrator
by someone with physical access.

Software description

• linux-ti-omap4
  – Linux kernel for OMAP4

Details

Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectly
performed a double-free. A local attacker with physical access could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code with administrative privileges.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:

linux-image-3.2.0-1479-omap4

3.2.0-1479.105

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2016-2384

Ubuntu Security Notice USN-2928-1

14th March, 2016

linux vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 12.04 LTS

Summary

The system could be made to crash or run programs as an administrator by
someone with physical access.

Software description

• linux
  – Linux kernel

Details

Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectly
performed a double-free. A local attacker with physical access could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code with administrative privileges.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:

linux-image-3.2.0-101-omap

3.2.0-101.141

linux-image-3.2.0-101-powerpc64-smp

3.2.0-101.141

linux-image-3.2.0-101-highbank

3.2.0-101.141

linux-image-3.2.0-101-powerpc-smp

3.2.0-101.141

linux-image-3.2.0-101-generic

3.2.0-101.141

linux-image-3.2.0-101-virtual

3.2.0-101.141

linux-image-3.2.0-101-generic-pae

3.2.0-101.141

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2016-2384

Ubuntu Security Notice USN-2930-2

14th March, 2016

linux-lts-wily vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

• linux-lts-wily
  – Linux hardware enablement kernel from Wily for Trusty

Details

Ben Hawkes discovered that the Linux netfilter implementation did not
correctly perform validation when handling IPT_SO_SET_REPLACE events. A
local unprivileged attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code with administrative
privileges. (CVE-2016-3134)

Ben Hawkes discovered an integer overflow in the Linux netfilter
implementation. On systems running 32 bit kernels, a local unprivileged
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code with administrative privileges.
(CVE-2016-3135)

Ralf Spenneberg discovered that the USB driver for Clie devices in the
Linux kernel did not properly sanity check the endpoints reported by the
device. An attacker with physical access could cause a denial of service
(system crash). (CVE-2015-7566)

It was discovered that a race condition existed when handling heartbeat-
timeout events in the SCTP implementation of the Linux kernel. A remote
attacker could use this to cause a denial of service. (CVE-2015-8767)

It was discovered that a race condition existed in the ioctl handler for
the TTY driver in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or expose sensitive information.
(CVE-2016-0723)

Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectly
performed a double-free. A local attacker with physical access could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code with administrative privileges. (CVE-2016-2384)

Ralf Spenneberg discovered that the USB driver for Treo devices in the
Linux kernel did not properly sanity check the endpoints reported by the
device. An attacker with physical access could cause a denial of service
(system crash). (CVE-2016-2782)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:

linux-image-4.2.0-34-powerpc64-emb

4.2.0-34.39~14.04.1

linux-image-4.2.0-34-lowlatency

4.2.0-34.39~14.04.1

linux-image-4.2.0-34-generic

4.2.0-34.39~14.04.1

linux-image-4.2.0-34-powerpc-smp

4.2.0-34.39~14.04.1

linux-image-4.2.0-34-powerpc-e500mc

4.2.0-34.39~14.04.1

linux-image-4.2.0-34-powerpc64-smp

4.2.0-34.39~14.04.1

linux-image-4.2.0-34-generic-lpae

4.2.0-34.39~14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2015-7566,

CVE-2015-8767,

CVE-2016-0723,

CVE-2016-2384,

CVE-2016-2782,

CVE-2016-3134,

CVE-2016-3135

Ubuntu Security Notice USN-2930-1

14th March, 2016

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 15.10

Summary

Several security issues were fixed in the kernel.

Software description

• linux
  – Linux kernel

Details

Ben Hawkes discovered that the Linux netfilter implementation did not
correctly perform validation when handling IPT_SO_SET_REPLACE events. A
local unprivileged attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code with administrative
privileges. (CVE-2016-3134)

Ben Hawkes discovered an integer overflow in the Linux netfilter
implementation. On systems running 32 bit kernels, a local unprivileged
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code with administrative privileges.
(CVE-2016-3135)

Ralf Spenneberg discovered that the USB driver for Clie devices in the
Linux kernel did not properly sanity check the endpoints reported by the
device. An attacker with physical access could cause a denial of service
(system crash). (CVE-2015-7566)

It was discovered that a race condition existed when handling heartbeat-
timeout events in the SCTP implementation of the Linux kernel. A remote
attacker could use this to cause a denial of service. (CVE-2015-8767)

It was discovered that a race condition existed in the ioctl handler for
the TTY driver in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash) or expose sensitive information.
(CVE-2016-0723)

Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectly
performed a double-free. A local attacker with physical access could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code with administrative privileges. (CVE-2016-2384)

Ralf Spenneberg discovered that the USB driver for Treo devices in the
Linux kernel did not properly sanity check the endpoints reported by the
device. An attacker with physical access could cause a denial of service
(system crash). (CVE-2016-2782)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.10:

linux-image-4.2.0-34-powerpc64-emb

4.2.0-34.39

linux-image-4.2.0-34-lowlatency

4.2.0-34.39

linux-image-4.2.0-34-generic

4.2.0-34.39

linux-image-4.2.0-34-powerpc-smp

4.2.0-34.39

linux-image-4.2.0-34-powerpc-e500mc

4.2.0-34.39

linux-image-4.2.0-34-powerpc64-smp

4.2.0-34.39

linux-image-4.2.0-34-generic-lpae

4.2.0-34.39

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2015-7566,

CVE-2015-8767,

CVE-2016-0723,

CVE-2016-2384,

CVE-2016-2782,

CVE-2016-3134,

CVE-2016-3135