Monthly Archives: April 2015

Ubuntu

USN-2585-1: Linux kernel vulnerability

Leave a comment

Ubuntu Security Notice USN-2585-1

30th April, 2015

linux vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 12.04 LTS

Summary

The system could be made to run programs as an administrator.

Software description

  • linux
    – Linux kernel

Details

It was discovered that the Linux kernel’s IPv6 networking stack has a flaw
that allows using route advertisement (RA) messages to set the ‘hop_limit’
to values that are too low. An unprivileged attacker on a local network
could exploit this flaw to cause a denial of service (IPv6 messages
dropped).

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
linux-image-3.2.0-82-generic

3.2.0-82.119
linux-image-3.2.0-82-virtual

3.2.0-82.119
linux-image-3.2.0-82-generic-pae

3.2.0-82.119
linux-image-3.2.0-82-highbank

3.2.0-82.119
linux-image-3.2.0-82-powerpc64-smp

3.2.0-82.119
linux-image-3.2.0-82-omap

3.2.0-82.119
linux-image-3.2.0-82-powerpc-smp

3.2.0-82.119

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-2922

Ubuntu

USN-2586-1: Linux kernel (OMAP4) vulnerability

Leave a comment

Ubuntu Security Notice USN-2586-1

30th April, 2015

linux-ti-omap4 vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 12.04 LTS

Summary

The system could be made to run programs as an administrator.

Software description

  • linux-ti-omap4
    – Linux kernel for OMAP4

Details

It was discovered that the Linux kernel’s IPv6 networking stack has a flaw
that allows using route advertisement (RA) messages to set the ‘hop_limit’
to values that are too low. An unprivileged attacker on a local network
could exploit this flaw to cause a denial of service (IPv6 messages
dropped).

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
linux-image-3.2.0-1463-omap4

3.2.0-1463.83

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-2922

Ubuntu

USN-2587-1: Linux kernel (Trusty HWE) vulnerabilities

Leave a comment

Ubuntu Security Notice USN-2587-1

30th April, 2015

linux-lts-trusty vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

  • linux-lts-trusty
    – Linux hardware enablement kernel from Trusty

Details

A stack overflow was discovered in the the microcode loader for the intel
x86 platform. A local attacker could exploit this flaw to cause a denial of
service (kernel crash) or to potentially execute code with kernel
privileges. (CVE-2015-2666)

It was discovered that the Linux kernel’s IPv6 networking stack has a flaw
that allows using route advertisement (RA) messages to set the ‘hop_limit’
to values that are too low. An unprivileged attacker on a local network
could exploit this flaw to cause a denial of service (IPv6 messages
dropped). (CVE-2015-2922)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
linux-image-3.13.0-51-generic

3.13.0-51.84~precise1
linux-image-3.13.0-51-generic-lpae

3.13.0-51.84~precise1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-2666,

CVE-2015-2922

Ubuntu

USN-2588-1: Linux kernel vulnerabilities

Leave a comment

Ubuntu Security Notice USN-2588-1

30th April, 2015

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

  • linux
    – Linux kernel

Details

A stack overflow was discovered in the the microcode loader for the intel
x86 platform. A local attacker could exploit this flaw to cause a denial of
service (kernel crash) or to potentially execute code with kernel
privileges. (CVE-2015-2666)

It was discovered that the Linux kernel’s IPv6 networking stack has a flaw
that allows using route advertisement (RA) messages to set the ‘hop_limit’
to values that are too low. An unprivileged attacker on a local network
could exploit this flaw to cause a denial of service (IPv6 messages
dropped). (CVE-2015-2922)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
linux-image-3.13.0-51-powerpc64-emb

3.13.0-51.84
linux-image-3.13.0-51-powerpc64-smp

3.13.0-51.84
linux-image-3.13.0-51-generic

3.13.0-51.84
linux-image-3.13.0-51-powerpc-smp

3.13.0-51.84
linux-image-3.13.0-51-powerpc-e500

3.13.0-51.84
linux-image-3.13.0-51-generic-lpae

3.13.0-51.84
linux-image-3.13.0-51-powerpc-e500mc

3.13.0-51.84
linux-image-3.13.0-51-lowlatency

3.13.0-51.84

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-2666,

CVE-2015-2922

Ubuntu

USN-2589-1: Linux kernel (Utopic HWE) vulnerabilities

Leave a comment

Ubuntu Security Notice USN-2589-1

30th April, 2015

linux-lts-utopic vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

  • linux-lts-utopic
    – Linux hardware enablement kernel from Utopic

Details

Jan Beulich discovered the Xen virtual machine subsystem of the Linux
kernel did not properly restrict access to PCI command registers. A local
guest user could exploit this flaw to cause a denial of service (host
crash). (CVE-2015-2150)

A stack overflow was discovered in the the microcode loader for the intel
x86 platform. A local attacker could exploit this flaw to cause a denial of
service (kernel crash) or to potentially execute code with kernel
privileges. (CVE-2015-2666)

A privilege escalation was discovered in the fork syscal vi the int80 entry
on 64 bit kernels with 32 bit emulation support. An unprivileged local
attacker could exploit this flaw to increase their privileges on the
system. (CVE-2015-2830)

It was discovered that the Linux kernel’s IPv6 networking stack has a flaw
that allows using route advertisement (RA) messages to set the ‘hop_limit’
to values that are too low. An unprivileged attacker on a local network
could exploit this flaw to cause a denial of service (IPv6 messages
dropped). (CVE-2015-2922)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
linux-image-3.16.0-36-generic-lpae

3.16.0-36.48~14.04.1
linux-image-3.16.0-36-powerpc64-emb

3.16.0-36.48~14.04.1
linux-image-3.16.0-36-powerpc64-smp

3.16.0-36.48~14.04.1
linux-image-3.16.0-36-generic

3.16.0-36.48~14.04.1
linux-image-3.16.0-36-lowlatency

3.16.0-36.48~14.04.1
linux-image-3.16.0-36-powerpc-smp

3.16.0-36.48~14.04.1
linux-image-3.16.0-36-powerpc-e500mc

3.16.0-36.48~14.04.1

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-2150,

CVE-2015-2666,

CVE-2015-2830,

CVE-2015-2922

Ubuntu

USN-2590-1: Linux kernel vulnerabilities

Leave a comment

Ubuntu Security Notice USN-2590-1

30th April, 2015

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.10

Summary

Several security issues were fixed in the kernel.

Software description

  • linux
    – Linux kernel

Details

Jan Beulich discovered the Xen virtual machine subsystem of the Linux
kernel did not properly restrict access to PCI command registers. A local
guest user could exploit this flaw to cause a denial of service (host
crash). (CVE-2015-2150)

A stack overflow was discovered in the the microcode loader for the intel
x86 platform. A local attacker could exploit this flaw to cause a denial of
service (kernel crash) or to potentially execute code with kernel
privileges. (CVE-2015-2666)

A privilege escalation was discovered in the fork syscal vi the int80 entry
on 64 bit kernels with 32 bit emulation support. An unprivileged local
attacker could exploit this flaw to increase their privileges on the
system. (CVE-2015-2830)

It was discovered that the Linux kernel’s IPv6 networking stack has a flaw
that allows using route advertisement (RA) messages to set the ‘hop_limit’
to values that are too low. An unprivileged attacker on a local network
could exploit this flaw to cause a denial of service (IPv6 messages
dropped). (CVE-2015-2922)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.10:
linux-image-3.16.0-36-generic-lpae

3.16.0-36.48
linux-image-3.16.0-36-powerpc64-smp

3.16.0-36.48
linux-image-3.16.0-36-powerpc64-emb

3.16.0-36.48
linux-image-3.16.0-36-generic

3.16.0-36.48
linux-image-3.16.0-36-lowlatency

3.16.0-36.48
linux-image-3.16.0-36-powerpc-smp

3.16.0-36.48
linux-image-3.16.0-36-powerpc-e500mc

3.16.0-36.48

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-2150,

CVE-2015-2666,

CVE-2015-2830,

CVE-2015-2922

Ubuntu

USN-2591-1: curl vulnerabilities

Leave a comment

Ubuntu Security Notice USN-2591-1

30th April, 2015

curl vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu (vivid)
  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in curl.

Software description

  • curl
    – HTTP, HTTPS, and FTP client and client libraries

Details

Paras Sethia discovered that curl could incorrectly re-use NTLM HTTP
credentials when subsequently connecting to the same host over HTTP.
(CVE-2015-3143)

Hanno Böck discovered that curl incorrectly handled zero-length host names.
If a user or automated system were tricked into using a specially crafted
host name, an attacker could possibly use this issue to cause curl to
crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 14.10 and Ubuntu 15.04.
(CVE-2015-3144)

Hanno Böck discovered that curl incorrectly handled cookie path elements.
If a user or automated system were tricked into parsing a specially crafted
cookie, an attacker could possibly use this issue to cause curl to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 14.04 LTS, Ubuntu 14.10 and Ubuntu 15.04.
(CVE-2015-3145)

Isaac Boukris discovered that when using Negotiate authenticated
connections, curl could incorrectly authenticate the entire connection and
not just specific HTTP requests. (CVE-2015-3148)

Yehezkel Horowitz and Oren Souroujon discovered that curl sent HTTP headers
both to servers and proxies by default, contrary to expectations. This
issue only affected Ubuntu 14.10 and Ubuntu 15.04. (CVE-2015-3153)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu (vivid):
libcurl3-nss

7.38.0-3ubuntu2.2
libcurl3-gnutls

7.38.0-3ubuntu2.2
libcurl3

7.38.0-3ubuntu2.2
Ubuntu 14.10:
libcurl3-nss

7.37.1-1ubuntu3.4
libcurl3-gnutls

7.37.1-1ubuntu3.4
libcurl3

7.37.1-1ubuntu3.4
Ubuntu 14.04 LTS:
libcurl3-nss

7.35.0-1ubuntu2.5
libcurl3-gnutls

7.35.0-1ubuntu2.5
libcurl3

7.35.0-1ubuntu2.5
Ubuntu 12.04 LTS:
libcurl3-nss

7.22.0-3ubuntu4.14
libcurl3-gnutls

7.22.0-3ubuntu4.14
libcurl3

7.22.0-3ubuntu4.14

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2015-3143,

CVE-2015-3144,

CVE-2015-3145,

CVE-2015-3148,

CVE-2015-3153

Avast

PCs require antivirus. Smartphones don’t. Right?

Leave a comment
Woman using smartphone

That smartphone means a lot to her. Protect it from hackers and thieves with Avast Mobile Security.

It’s very common to find people concerned about Windows viruses and malware that say, “Oh, my PC is protected by Avast Antivirus, but we don’t need it for our smartphones and tablets.”

With more than 230 million Avast Antivirus customers, we see “only” 60 million or so Android users of Avast Mobile Security. Many more mobile devices are sold every second than desktops and notebooks together. Why are people not as concerned about the security of their smartphone as their desktop?

The AV-Comparatives survey that we wrote about yesterday  in Avast Mobile Security is the #1 choice for Android users says that Android users in North America protect their phones more than anywhere else in the world with 31 percent of respondents reporting they have protection. South America, Asia, and Europe are much lower at 17 percent.

What about the rest of the Android users?

– Do you realize that mobile malware is increasing?

– Do you realize that you (most probably) have much more personal info in your smartphone than your PC? Like photos, selfies, contacts, videos, and also banking and financial information.

– What if one of your apps is using your personal info against you like the Dubsmash 2 app we just discovered?

Your Android device needs protection

Avast Mobile Security is a complete suite for Android protection. It is completely focused on security and privacy features.

Maybe you have a friend or your girlfriend that should be reading this… Take this opportunity to introduce them to Avast Mobile Security and teach them some tips about mobile security. Maybe we’ll see a better protected world if we reduce the number of unprotected devices and the cybercrooks have more work to steal from innocents. Download Avast Mobile Security for free on Google Play.

Earn free Avast Mobile Premium

In the latest update of Avast Mobile Security, we added a referral program, so you can recommend Avast Mobile Security to your friends and family. Not only can you recommend the best mobile security app available on Google Play, but you will be rewarded for doing so; you can earn up to three months of Avast Mobile Premium for free!

Here is how it works: For every five friends you send an SMS to recommending Avast, you get one free month of Avast Mobile Premium. Cool, huh?

Do your good action today: Tell someone you care about that smartphones and tablets need to have a security app installed and updated..