Category Archives: Ubuntu

Ubuntu Security Notices

Ubuntu

USN-2905-1: Oxide vulnerability

Ubuntu Security Notice USN-2905-1

23rd February, 2016

oxide-qt vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.10
  • Ubuntu 14.04 LTS

Summary

Oxide could be made to bypass same-origin restrictions.

Software description

  • oxide-qt
    – Web browser engine library for Qt (QML plugin)

Details

A security issue was discovered in Chromium. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to bypass same-origin restrictions or a sandbox protection mechanism.
(CVE-2016-1629)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.10:
liboxideqtcore0

1.12.7-0ubuntu0.15.10.1
Ubuntu 14.04 LTS:
liboxideqtcore0

1.12.7-0ubuntu0.14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2016-1629

Ubuntu

USN-2903-2: NSS regression

Ubuntu Security Notice USN-2903-2

23rd February, 2016

nss regression

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 12.04 LTS

Summary

USN-2903-1 introduced a regression in NSS.

Software description

  • nss
    – Network Security Service library

Details

USN-2903-1 fixed a vulnerability in NSS. An incorrect package versioning
change in Ubuntu 12.04 LTS caused a regression when building software
against NSS. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Hanno Böck discovered that NSS incorrectly handled certain division
functions, possibly leading to cryptographic weaknesses. (CVE-2016-1938)

This update also refreshes the NSS package to version 3.21 which includes
the latest CA certificate bundle, and removes the SPI CA.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
libnss3-dev

2:3.21-0ubuntu0.12.04.2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

LP: 1547147

Ubuntu

USN-2906-1: GNU cpio vulnerabilities

Ubuntu Security Notice USN-2906-1

22nd February, 2016

cpio vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in GNU cpio.

Software description

  • cpio
    – a tool to manage archives of files

Details

Alexander Cherepanov discovered that GNU cpio incorrectly handled symbolic
links when used with the –no-absolute-filenames option. If a user or
automated system were tricked into extracting a specially-crafted cpio
archive, a remote attacker could possibly use this issue to write arbitrary
files. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS.
(CVE-2015-1197)

Gustavo Grieco discovered that GNU cpio incorrectly handled memory when
extracting archive files. If a user or automated system were tricked into
extracting a specially-crafted cpio archive, a remote attacker could use
this issue to cause GNU cpio to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2016-2037)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.10:
cpio

2.11+dfsg-4.1ubuntu1.1
Ubuntu 14.04 LTS:
cpio

2.11+dfsg-1ubuntu1.2
Ubuntu 12.04 LTS:
cpio

2.11-7ubuntu3.2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2015-1197,

CVE-2016-2037

Ubuntu

USN-2908-3: Linux kernel (Raspberry Pi 2) vulnerabilities

Ubuntu Security Notice USN-2908-3

22nd February, 2016

linux-raspi2 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.10

Summary

Several security issues were fixed in the kernel.

Software description

  • linux-raspi2
    – Linux kernel for Raspberry Pi 2

Details

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount,
incorrectly propagated file attributes, including setuid. A local
unprivileged attacker could use this to gain privileges. (CVE-2016-1576)

halfdog discovered that OverlayFS in the Linux kernel incorrectly
propagated security sensitive extended attributes, such as POSIX ACLs. A
local unprivileged attacker could use this to gain privileges.
(CVE-2016-1575)

It was discovered that the Linux kernel did not properly enforce rlimits
for file descriptors sent over UNIX domain sockets. A local attacker could
use this to cause a denial of service. (CVE-2013-4312)

It was discovered that the Linux kernel’s Filesystem in Userspace (FUSE)
implementation did not handle initial zero length segments properly. A
local attacker could use this to cause a denial of service (unkillable
task). (CVE-2015-8785)

Andy Lutomirski discovered a race condition in the Linux kernel’s
translation lookaside buffer (TLB) handling of flush events. A local
attacker could use this to cause a denial of service or possibly leak
sensitive information. (CVE-2016-2069)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.10:
linux-image-4.2.0-1025-raspi2

4.2.0-1025.32

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2013-4312,

CVE-2015-8785,

CVE-2016-1575,

CVE-2016-1576,

CVE-2016-2069

Ubuntu

USN-2907-2: Linux kernel (Trusty HWE) vulnerabilities

Ubuntu Security Notice USN-2907-2

22nd February, 2016

linux-lts-trusty vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

  • linux-lts-trusty
    – Linux hardware enablement kernel from Trusty

Details

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount,
incorrectly propagated file attributes, including setuid. A local
unprivileged attacker could use this to gain privileges. (CVE-2016-1576)

halfdog discovered that OverlayFS in the Linux kernel incorrectly
propagated security sensitive extended attributes, such as
POSIX ACLs. A local unprivileged attacker could use this to gain
privileges. (CVE-2016-1575)

It was discovered that the Linux kernel keyring subsystem contained a race
between read and revoke operations. A local attacker could use this to
cause a denial of service (system crash). (CVE-2015-7550)

郭永刚 discovered that the Linux kernel networking implementation did
not validate protocol identifiers for certain protocol families, A local
attacker could use this to cause a denial of service (system crash) or
possibly gain administrative privileges. (CVE-2015-8543)

Dmitry Vyukov discovered that the pptp implementation in the Linux kernel
did not verify an address length when setting up a socket. A local attacker
could use this to craft an application that exposed sensitive information
from kernel memory. (CVE-2015-8569)

David Miller discovered that the Bluetooth implementation in the Linux
kernel did not properly validate the socket address length for Synchronous
Connection-Oriented (SCO) sockets. A local attacker could use this to
expose sensitive information. (CVE-2015-8575)

It was discovered that the Linux kernel’s Filesystem in Userspace (FUSE)
implementation did not handle initial zero length segments properly. A
local attacker could use this to cause a denial of service (unkillable
task). (CVE-2015-8785)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
linux-image-3.13.0-79-generic-lpae

3.13.0-79.123~precise1
linux-image-3.13.0-79-generic

3.13.0-79.123~precise1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2015-7550,

CVE-2015-8543,

CVE-2015-8569,

CVE-2015-8575,

CVE-2015-8785,

CVE-2016-1575,

CVE-2016-1576

Ubuntu

USN-2907-1: Linux kernel vulnerabilities

Ubuntu Security Notice USN-2907-1

22nd February, 2016

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

  • linux
    – Linux kernel

Details

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount,
incorrectly propagated file attributes, including setuid. A local
unprivileged attacker could use this to gain privileges. (CVE-2016-1576)

halfdog discovered that OverlayFS in the Linux kernel incorrectly
propagated security sensitive extended attributes, such as
POSIX ACLs. A local unprivileged attacker could use this to gain
privileges. (CVE-2016-1575)

It was discovered that the Linux kernel keyring subsystem contained a race
between read and revoke operations. A local attacker could use this to
cause a denial of service (system crash). (CVE-2015-7550)

郭永刚 discovered that the Linux kernel networking implementation did
not validate protocol identifiers for certain protocol families, A local
attacker could use this to cause a denial of service (system crash) or
possibly gain administrative privileges. (CVE-2015-8543)

Dmitry Vyukov discovered that the pptp implementation in the Linux kernel
did not verify an address length when setting up a socket. A local attacker
could use this to craft an application that exposed sensitive information
from kernel memory. (CVE-2015-8569)

David Miller discovered that the Bluetooth implementation in the Linux
kernel did not properly validate the socket address length for Synchronous
Connection-Oriented (SCO) sockets. A local attacker could use this to
expose sensitive information. (CVE-2015-8575)

It was discovered that the Linux kernel’s Filesystem in Userspace (FUSE)
implementation did not handle initial zero length segments properly. A
local attacker could use this to cause a denial of service (unkillable
task). (CVE-2015-8785)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
linux-image-3.13.0-79-lowlatency

3.13.0-79.123
linux-image-3.13.0-79-powerpc-e500mc

3.13.0-79.123
linux-image-3.13.0-79-powerpc64-emb

3.13.0-79.123
linux-image-3.13.0-79-powerpc-e500

3.13.0-79.123
linux-image-3.13.0-79-generic

3.13.0-79.123
linux-image-3.13.0-79-powerpc-smp

3.13.0-79.123
linux-image-3.13.0-79-generic-lpae

3.13.0-79.123
linux-image-3.13.0-79-powerpc64-smp

3.13.0-79.123

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2015-7550,

CVE-2015-8543,

CVE-2015-8569,

CVE-2015-8575,

CVE-2015-8785,

CVE-2016-1575,

CVE-2016-1576

Ubuntu

USN-2908-1: Linux kernel vulnerabilities

Ubuntu Security Notice USN-2908-1

22nd February, 2016

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 15.10

Summary

Several security issues were fixed in the kernel.

Software description

  • linux
    – Linux kernel

Details

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount,
incorrectly propagated file attributes, including setuid. A local
unprivileged attacker could use this to gain privileges. (CVE-2016-1576)

halfdog discovered that OverlayFS in the Linux kernel incorrectly
propagated security sensitive extended attributes, such as POSIX ACLs. A
local unprivileged attacker could use this to gain privileges.
(CVE-2016-1575)

It was discovered that the Linux kernel did not properly enforce rlimits
for file descriptors sent over UNIX domain sockets. A local attacker could
use this to cause a denial of service. (CVE-2013-4312)

It was discovered that the Linux kernel’s Filesystem in Userspace (FUSE)
implementation did not handle initial zero length segments properly. A
local attacker could use this to cause a denial of service (unkillable
task). (CVE-2015-8785)

Andy Lutomirski discovered a race condition in the Linux kernel’s
translation lookaside buffer (TLB) handling of flush events. A local
attacker could use this to cause a denial of service or possibly leak
sensitive information. (CVE-2016-2069)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.10:
linux-image-4.2.0-30-powerpc-smp

4.2.0-30.35
linux-image-4.2.0-30-powerpc64-smp

4.2.0-30.35
linux-image-4.2.0-30-lowlatency

4.2.0-30.35
linux-image-4.2.0-30-powerpc-e500mc

4.2.0-30.35
linux-image-4.2.0-30-powerpc64-emb

4.2.0-30.35
linux-image-4.2.0-30-generic-lpae

4.2.0-30.35
linux-image-4.2.0-30-generic

4.2.0-30.35

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2013-4312,

CVE-2015-8785,

CVE-2016-1575,

CVE-2016-1576,

CVE-2016-2069

Ubuntu

USN-2908-2: Linux kernel (Wily HWE) vulnerabilities

Ubuntu Security Notice USN-2908-2

22nd February, 2016

linux-lts-wily vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

  • linux-lts-wily
    – Linux hardware enablement kernel from Wily

Details

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount,
incorrectly propagated file attributes, including setuid. A local
unprivileged attacker could use this to gain privileges. (CVE-2016-1576)

halfdog discovered that OverlayFS in the Linux kernel incorrectly
propagated security sensitive extended attributes, such as POSIX ACLs. A
local unprivileged attacker could use this to gain privileges.
(CVE-2016-1575)

It was discovered that the Linux kernel did not properly enforce rlimits
for file descriptors sent over UNIX domain sockets. A local attacker could
use this to cause a denial of service. (CVE-2013-4312)

It was discovered that the Linux kernel’s Filesystem in Userspace (FUSE)
implementation did not handle initial zero length segments properly. A
local attacker could use this to cause a denial of service (unkillable
task). (CVE-2015-8785)

Andy Lutomirski discovered a race condition in the Linux kernel’s
translation lookaside buffer (TLB) handling of flush events. A local
attacker could use this to cause a denial of service or possibly leak
sensitive information. (CVE-2016-2069)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
linux-image-4.2.0-30-powerpc-smp

4.2.0-30.35~14.04.1
linux-image-4.2.0-30-powerpc64-smp

4.2.0-30.35~14.04.1
linux-image-4.2.0-30-lowlatency

4.2.0-30.35~14.04.1
linux-image-4.2.0-30-powerpc-e500mc

4.2.0-30.35~14.04.1
linux-image-4.2.0-30-generic

4.2.0-30.35~14.04.1
linux-image-4.2.0-30-generic-lpae

4.2.0-30.35~14.04.1
linux-image-4.2.0-30-powerpc64-emb

4.2.0-30.35~14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2013-4312,

CVE-2015-8785,

CVE-2016-1575,

CVE-2016-1576,

CVE-2016-2069

Ubuntu

USN-2910-1: Linux kernel (Vivid HWE) vulnerabilities

Ubuntu Security Notice USN-2910-1

22nd February, 2016

linux-lts-vivid vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

  • linux-lts-vivid
    – Linux hardware enablement kernel from Vivid

Details

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount,
incorrectly propagated file attributes, including setuid. A local
unprivileged attacker could use this to gain privileges. (CVE-2016-1576)

halfdog discovered that OverlayFS in the Linux kernel incorrectly
propagated security sensitive extended attributes, such as POSIX ACLs. A
local unprivileged attacker could use this to gain privileges.
(CVE-2016-1575)

It was discovered that the Linux kernel keyring subsystem contained a race
between read and revoke operations. A local attacker could use this to
cause a denial of service (system crash). (CVE-2015-7550)

郭永刚 discovered that the Linux kernel networking implementation did
not validate protocol identifiers for certain protocol families, A local
attacker could use this to cause a denial of service (system crash) or
possibly gain administrative privileges. (CVE-2015-8543)

Dmitry Vyukov discovered that the pptp implementation in the Linux kernel
did not verify an address length when setting up a socket. A local attacker
could use this to craft an application that exposed sensitive information
from kernel memory. (CVE-2015-8569)

David Miller discovered that the Bluetooth implementation in the Linux
kernel did not properly validate the socket address length for Synchronous
Connection-Oriented (SCO) sockets. A local attacker could use this to
expose sensitive information. (CVE-2015-8575)

It was discovered that the Linux kernel’s Filesystem in Userspace (FUSE)
implementation did not handle initial zero length segments properly. A
local attacker could use this to cause a denial of service (unkillable
task). (CVE-2015-8785)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
linux-image-3.19.0-51-generic-lpae

3.19.0-51.57~14.04.1
linux-image-3.19.0-51-lowlatency

3.19.0-51.57~14.04.1
linux-image-3.19.0-51-generic

3.19.0-51.57~14.04.1
linux-image-3.19.0-51-powerpc-e500mc

3.19.0-51.57~14.04.1
linux-image-3.19.0-51-powerpc64-smp

3.19.0-51.57~14.04.1
linux-image-3.19.0-51-powerpc64-emb

3.19.0-51.57~14.04.1
linux-image-3.19.0-51-powerpc-smp

3.19.0-51.57~14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2015-7550,

CVE-2015-8543,

CVE-2015-8569,

CVE-2015-8575,

CVE-2015-8785,

CVE-2016-1575,

CVE-2016-1576

Ubuntu

USN-2909-1: Linux kernel (Utopic HWE) vulnerabilities

Ubuntu Security Notice USN-2909-1

22nd February, 2016

linux-lts-utopic vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

  • linux-lts-utopic
    – Linux hardware enablement kernel from Utopic

Details

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount,
incorrectly propagated file attributes, including setuid. A local
unprivileged attacker could use this to gain privileges. (CVE-2016-1576)

halfdog discovered that OverlayFS in the Linux kernel incorrectly
propagated security sensitive extended attributes, such as POSIX ACLs. A
local unprivileged attacker could use this to gain privileges.
(CVE-2016-1575)

It was discovered that the Linux kernel’s Filesystem in Userspace (FUSE)
implementation did not handle initial zero length segments properly. A
local attacker could use this to cause a denial of service (unkillable
task). (CVE-2015-8785)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
linux-image-3.16.0-62-generic-lpae

3.16.0-62.82~14.04.1
linux-image-3.16.0-62-lowlatency

3.16.0-62.82~14.04.1
linux-image-3.16.0-62-powerpc-e500mc

3.16.0-62.82~14.04.1
linux-image-3.16.0-62-powerpc-smp

3.16.0-62.82~14.04.1
linux-image-3.16.0-62-powerpc64-smp

3.16.0-62.82~14.04.1
linux-image-3.16.0-62-generic

3.16.0-62.82~14.04.1
linux-image-3.16.0-62-powerpc64-emb

3.16.0-62.82~14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2015-8785,

CVE-2016-1575,

CVE-2016-1576