Ubuntu Security Notice USN-2775-1

19th October, 2015

linux-lts-trusty vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 12.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

• linux-lts-trusty
  – Linux hardware enablement kernel from Trusty

Details

It was discovered that the Linux kernel did not check if a new IPv6 MTU set
by a user space application was valid. A remote attacker could forge a
route advertisement with an invalid MTU that a user space daemon like
NetworkManager would honor and apply to the kernel, causing a denial of
service. (CVE-2015-0272)

It was discovered that virtio networking in the Linux kernel did not handle
fragments correctly, leading to kernel memory corruption. A remote attacker
could use this to cause a denial of service (system crash) or possibly
execute code with administrative privileges. (CVE-2015-5156)

It was discovered that the Reliable Datagram Sockets (RDS) implementation
in the Linux kernel did not verify sockets were properly bound before
attempting to send a message, which could cause a NULL pointer dereference.
An attacker could use this to cause a denial of service (system crash).
(CVE-2015-6937)

Ben Hutchings discovered that the Advanced Union Filesystem (aufs) for the
Linux kernel did not correctly handle references of memory mapped files
from an aufs mount. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code with
administrative privileges. (CVE-2015-7312)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:

linux-image-3.13.0-66-generic-lpae

3.13.0-66.108~precise1

linux-image-3.13.0-66-generic

3.13.0-66.108~precise1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-0272,

CVE-2015-5156,

CVE-2015-6937,

CVE-2015-7312

Ubuntu Security Notice USN-2774-1

19th October, 2015

linux-ti-omap4 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 12.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

• linux-ti-omap4
  – Linux kernel for OMAP4

Details

It was discovered that virtio networking in the Linux kernel did not handle
fragments correctly, leading to kernel memory corruption. A remote attacker
could use this to cause a denial of service (system crash) or possibly
execute code with administrative privileges. (CVE-2015-5156)

It was discovered that the Reliable Datagram Sockets (RDS) implementation
in the Linux kernel did not verify sockets were properly bound before
attempting to send a message, which could cause a NULL pointer dereference.
An attacker could use this to cause a denial of service (system crash).
(CVE-2015-6937)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:

linux-image-3.2.0-1472-omap4

3.2.0-1472.93

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-5156,

CVE-2015-6937

Ubuntu Security Notice USN-2773-1

19th October, 2015

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 12.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

• linux
  – Linux kernel

Details

It was discovered that virtio networking in the Linux kernel did not handle
fragments correctly, leading to kernel memory corruption. A remote attacker
could use this to cause a denial of service (system crash) or possibly
execute code with administrative privileges. (CVE-2015-5156)

It was discovered that the Reliable Datagram Sockets (RDS) implementation
in the Linux kernel did not verify sockets were properly bound before
attempting to send a message, which could cause a NULL pointer dereference.
An attacker could use this to cause a denial of service (system crash).
(CVE-2015-6937)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:

linux-image-3.2.0-92-virtual

3.2.0-92.130

linux-image-3.2.0-92-generic-pae

3.2.0-92.130

linux-image-3.2.0-92-powerpc-smp

3.2.0-92.130

linux-image-3.2.0-92-powerpc64-smp

3.2.0-92.130

linux-image-3.2.0-92-omap

3.2.0-92.130

linux-image-3.2.0-92-generic

3.2.0-92.130

linux-image-3.2.0-92-highbank

3.2.0-92.130

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-5156,

CVE-2015-6937

Ubuntu Security Notice USN-2777-1

19th October, 2015

linux-lts-utopic vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

• linux-lts-utopic
  – Linux hardware enablement kernel from Utopic

Details

It was discovered that virtio networking in the Linux kernel did not handle
fragments correctly, leading to kernel memory corruption. A remote attacker
could use this to cause a denial of service (system crash) or possibly
execute code with administrative privileges. (CVE-2015-5156)

Benjamin Randazzo discovered an information leak in the md (multiple
device) driver when the bitmap_info.file is disabled. A local privileged
attacker could use this to obtain sensitive information from the kernel.
(CVE-2015-5697)

Marc-André Lureau discovered that the vhost driver did not properly
release the userspace provided log file descriptor. A privileged attacker
could use this to cause a denial of service (resource exhaustion).
(CVE-2015-6252)

It was discovered that the Reliable Datagram Sockets (RDS) implementation
in the Linux kernel did not verify sockets were properly bound before
attempting to send a message, which could cause a NULL pointer dereference.
An attacker could use this to cause a denial of service (system crash).
(CVE-2015-6937)

Ben Hutchings discovered that the Advanced Union Filesystem (aufs) for the
Linux kernel did not correctly handle references of memory mapped files
from an aufs mount. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code with
administrative privileges. (CVE-2015-7312)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:

linux-image-3.16.0-51-generic-lpae

3.16.0-51.69~14.04.1

linux-image-3.16.0-51-powerpc-smp

3.16.0-51.69~14.04.1

linux-image-3.16.0-51-generic

3.16.0-51.69~14.04.1

linux-image-3.16.0-51-powerpc-e500mc

3.16.0-51.69~14.04.1

linux-image-3.16.0-51-powerpc64-emb

3.16.0-51.69~14.04.1

linux-image-3.16.0-51-lowlatency

3.16.0-51.69~14.04.1

linux-image-3.16.0-51-powerpc64-smp

3.16.0-51.69~14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-5156,

CVE-2015-5697,

CVE-2015-6252,

CVE-2015-6937,

CVE-2015-7312

Ubuntu Security Notice USN-2776-1

19th October, 2015

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

• linux
  – Linux kernel

Details

It was discovered that the Linux kernel did not check if a new IPv6 MTU set
by a user space application was valid. A remote attacker could forge a
route advertisement with an invalid MTU that a user space daemon like
NetworkManager would honor and apply to the kernel, causing a denial of
service. (CVE-2015-0272)

It was discovered that virtio networking in the Linux kernel did not handle
fragments correctly, leading to kernel memory corruption. A remote attacker
could use this to cause a denial of service (system crash) or possibly
execute code with administrative privileges. (CVE-2015-5156)

It was discovered that the Reliable Datagram Sockets (RDS) implementation
in the Linux kernel did not verify sockets were properly bound before
attempting to send a message, which could cause a NULL pointer dereference.
An attacker could use this to cause a denial of service (system crash).
(CVE-2015-6937)

Ben Hutchings discovered that the Advanced Union Filesystem (aufs) for the
Linux kernel did not correctly handle references of memory mapped files
from an aufs mount. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code with
administrative privileges. (CVE-2015-7312)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:

linux-image-3.13.0-66-powerpc64-smp

3.13.0-66.108

linux-image-3.13.0-66-powerpc-e500

3.13.0-66.108

linux-image-3.13.0-66-generic

3.13.0-66.108

linux-image-3.13.0-66-lowlatency

3.13.0-66.108

linux-image-3.13.0-66-powerpc64-emb

3.13.0-66.108

linux-image-3.13.0-66-powerpc-smp

3.13.0-66.108

linux-image-3.13.0-66-powerpc-e500mc

3.13.0-66.108

linux-image-3.13.0-66-generic-lpae

3.13.0-66.108

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-0272,

CVE-2015-5156,

CVE-2015-6937,

CVE-2015-7312

Ubuntu Security Notice USN-2778-1

20th October, 2015

linux-lts-vivid vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

• linux-lts-vivid
  – Linux hardware enablement kernel from Vivid

Details

It was discovered that the Linux kernel did not check if a new IPv6 MTU set
by a user space application was valid. A remote attacker could forge a
route advertisement with an invalid MTU that a user space daemon like
NetworkManager would honor and apply to the kernel, causing a denial of
service. (CVE-2015-0272)

It was discovered that virtio networking in the Linux kernel did not handle
fragments correctly, leading to kernel memory corruption. A remote attacker
could use this to cause a denial of service (system crash) or possibly
execute code with administrative privileges. (CVE-2015-5156)

It was discovered that the Reliable Datagram Sockets (RDS) implementation
in the Linux kernel did not verify sockets were properly bound before
attempting to send a message, which could cause a NULL pointer dereference.
An attacker could use this to cause a denial of service (system crash).
(CVE-2015-6937)

Ben Hutchings discovered that the Advanced Union Filesystem (aufs) for the
Linux kernel did not correctly handle references of memory mapped files
from an aufs mount. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code with
administrative privileges. (CVE-2015-7312)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:

linux-image-3.19.0-31-generic

3.19.0-31.36~14.04.1

linux-image-3.19.0-31-powerpc-e500mc

3.19.0-31.36~14.04.1

linux-image-3.19.0-31-lowlatency

3.19.0-31.36~14.04.1

linux-image-3.19.0-31-powerpc-smp

3.19.0-31.36~14.04.1

linux-image-3.19.0-31-generic-lpae

3.19.0-31.36~14.04.1

linux-image-3.19.0-31-powerpc64-smp

3.19.0-31.36~14.04.1

linux-image-3.19.0-31-powerpc64-emb

3.19.0-31.36~14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-0272,

CVE-2015-5156,

CVE-2015-6937,

CVE-2015-7312

Ubuntu Security Notice USN-2779-1

20th October, 2015

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 15.04

Summary

Several security issues were fixed in the kernel.

Software description

• linux
  – Linux kernel

Details

It was discovered that the Linux kernel did not check if a new IPv6 MTU set
by a user space application was valid. A remote attacker could forge a
route advertisement with an invalid MTU that a user space daemon like
NetworkManager would honor and apply to the kernel, causing a denial of
service. (CVE-2015-0272)

It was discovered that virtio networking in the Linux kernel did not handle
fragments correctly, leading to kernel memory corruption. A remote attacker
could use this to cause a denial of service (system crash) or possibly
execute code with administrative privileges. (CVE-2015-5156)

It was discovered that the Reliable Datagram Sockets (RDS) implementation
in the Linux kernel did not verify sockets were properly bound before
attempting to send a message, which could cause a NULL pointer dereference.
An attacker could use this to cause a denial of service (system crash).
(CVE-2015-6937)

Ben Hutchings discovered that the Advanced Union Filesystem (aufs) for the
Linux kernel did not correctly handle references of memory mapped files
from an aufs mount. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code with
administrative privileges. (CVE-2015-7312)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:

linux-image-3.19.0-31-generic

3.19.0-31.36

linux-image-3.19.0-31-powerpc-e500mc

3.19.0-31.36

linux-image-3.19.0-31-lowlatency

3.19.0-31.36

linux-image-3.19.0-31-powerpc-smp

3.19.0-31.36

linux-image-3.19.0-31-generic-lpae

3.19.0-31.36

linux-image-3.19.0-31-powerpc64-emb

3.19.0-31.36

linux-image-3.19.0-31-powerpc64-smp

3.19.0-31.36

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-0272,

CVE-2015-5156,

CVE-2015-6937,

CVE-2015-7312

Ubuntu Security Notice USN-2780-1

20th October, 2015

miniupnpc vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 15.04
• Ubuntu 14.04 LTS
• Ubuntu 12.04 LTS

Summary

An application using the MiniUPnP library could be made to crash or
run programs as your login if it received specially crafted network
traffic.

Software description

• miniupnpc
  – UPnP IGD client lightweight library

Details

Aleksandar Nikolic discovered a buffer overflow vulnerability in the
XML parser functionality of the MiniUPnP library. A remote attacker
could use this to cause a denial of service (application crash) or
possibly execute arbitrary code with privileges of the user running
an application that uses the MiniUPnP library.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:

libminiupnpc10

1.9.20140610-2ubuntu1.1

Ubuntu 14.04 LTS:

libminiupnpc8

1.6-3ubuntu2.14.04.2

Ubuntu 12.04 LTS:

libminiupnpc8

1.6-3ubuntu1.2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart applications using
the MiniUPnP library to make all the necessary changes.

References

CVE-2015-6031

Ubuntu Security Notice USN-2770-1

20th October, 2015

oxide-qt vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 15.04
• Ubuntu 14.04 LTS

Summary

Several security issues were fixed in Oxide.

Software description

• oxide-qt
  – Web browser engine library for Qt (QML plugin)

Details

It was discovered that ContainerNode::parserInsertBefore in Blink would
incorrectly proceed with a DOM tree insertion in some circumstances. If a
user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to bypass same origin restrictions.
(CVE-2015-6755)

A use-after-free was discovered in the service worker implementation in
Chromium. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service via application crash, or execute arbitrary code with the
privileges of the user invoking the program. (CVE-2015-6757)

It was discovered that Blink did not ensure that the origin of
LocalStorage resources are considered unique. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to obtain sensitive information. (CVE-2015-6759)

A race condition and memory corruption was discovered in FFmpeg. If a user
were tricked in to opening a specially crafted website, an attacker could
potentially exploit this to cause a denial of service via renderer crash,
or execute arbitrary code with the privileges of the sandboxed render
process. (CVE-2015-6761)

It was discovered that CSSFontFaceSrcValue::fetch in Blink did not use
CORS in some circumstances. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this to
bypass same origin restrictions. (CVE-2015-6762)

Multiple security issues were discovered in Chromium. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to read uninitialized memory, cause a denial
of service via application crash or execute arbitrary code with the
privileges of the user invoking the program. (CVE-2015-6763)

Multiple security issues were discovered in V8. If a user were tricked
in to opening a specially crafted website, an attacker could potentially
exploit these to read uninitialized memory, cause a denial of service via
renderer crash or execute arbitrary code with the privileges of the
sandboxed render process. (CVE-2015-7834)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:

liboxideqtcore0

1.10.3-0ubuntu0.15.04.1

Ubuntu 14.04 LTS:

liboxideqtcore0

1.10.3-0ubuntu0.14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2015-6755,

CVE-2015-6757,

CVE-2015-6759,

CVE-2015-6761,

CVE-2015-6762,

CVE-2015-6763,

CVE-2015-7834

Ubuntu Security Notice USN-2772-1

16th October, 2015

postgresql-9.1, postgresql-9.3, postgresql-9.4 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

• Ubuntu 15.04
• Ubuntu 14.04 LTS
• Ubuntu 12.04 LTS

Summary

PostgreSQL could be made to crash or expose private information if it
handled specially crafted data.

Software description

• postgresql-9.1
  – Object-relational SQL database

• postgresql-9.3
  – Object-relational SQL database

• postgresql-9.4
  – Object-relational SQL database

Details

Josh Kupershmidt discovered the pgCrypto extension could expose
several bytes of server memory if the crypt() function was provided a
too-short salt. An attacker could use this flaw to read private data.
(CVE-2015-5288)

Oskari Saarenmaa discovered that the json and jsonb handlers could exhaust
available stack space. An attacker could use this flaw to perform a denial
of service attack. This issue only affected Ubuntu 14.04 LTS and Ubuntu
15.04. (CVE-2015-5289)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 15.04:

postgresql-9.4

9.4.5-0ubuntu0.15.04

Ubuntu 14.04 LTS:

postgresql-9.3

9.3.10-0ubuntu0.14.04

Ubuntu 12.04 LTS:

postgresql-9.1

9.1.19-0ubuntu0.12.04

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart PostgreSQL to
make all the necessary changes.

References

CVE-2015-5288,

CVE-2015-5289