Monthly Archives: June 2016

Ubuntu

USN-2989-1: Linux kernel vulnerabilities

Ubuntu Security Notice USN-2989-1

1st June, 2016

linux vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the kernel.

Software description

  • linux
    – Linux kernel

Details

Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux
kernel incorrectly enables scatter/gather I/O. A remote attacker could use
this to obtain potentially sensitive information from kernel memory.
(CVE-2016-2117)

Jason A. Donenfeld discovered multiple out-of-bounds reads in the OZMO USB
over wifi device drivers in the Linux kernel. A remote attacker could use
this to cause a denial of service (system crash) or obtain potentially
sensitive information from kernel memory. (CVE-2015-4004)

Andy Lutomirski discovered a race condition in the Linux kernel’s
translation lookaside buffer (TLB) handling of flush events. A local
attacker could use this to cause a denial of service or possibly leak
sensitive information. (CVE-2016-2069)

Ralf Spenneberg discovered that the Linux kernel’s GTCO digitizer USB
device driver did not properly validate endpoint descriptors. An attacker
with physical access could use this to cause a denial of service (system
crash). (CVE-2016-2187)

Hector Marco and Ismael Ripoll discovered that the Linux kernel would
improperly disable Address Space Layout Randomization (ASLR) for x86
processes running in 32 bit mode if stack-consumption resource limits were
disabled. A local attacker could use this to make it easier to exploit an
existing vulnerability in a setuid/setgid program. (CVE-2016-3672)

Andrey Konovalov discovered that the CDC Network Control Model USB driver
in the Linux kernel did not cancel work events queued if a later error
occurred, resulting in a use-after-free. An attacker with physical access
could use this to cause a denial of service (system crash). (CVE-2016-3951)

It was discovered that an out-of-bounds write could occur when handling
incoming packets in the USB/IP implementation in the Linux kernel. A remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2016-3955)

Kangjie Lu discovered an information leak in the ANSI/IEEE 802.2 LLC type 2
Support implementations in the Linux kernel. A local attacker could use
this to obtain potentially sensitive information from kernel memory.
(CVE-2016-4485)

Kangjie Lu discovered an information leak in the routing netlink socket
interface (rtnetlink) implementation in the Linux kernel. A local attacker
could use this to obtain potentially sensitive information from kernel
memory. (CVE-2016-4486)

It was discovered that in some situations the Linux kernel did not handle
propagated mounts correctly. A local unprivileged attacker could use this
to cause a denial of service (system crash). (CVE-2016-4581)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
linux-image-3.13.0-87-powerpc-e500

3.13.0-87.133
linux-image-3.13.0-87-generic

3.13.0-87.133
linux-image-3.13.0-87-powerpc-smp

3.13.0-87.133
linux-image-3.13.0-87-powerpc-e500mc

3.13.0-87.133
linux-image-3.13.0-87-lowlatency

3.13.0-87.133
linux-image-3.13.0-87-generic-lpae

3.13.0-87.133
linux-image-3.13.0-87-powerpc64-smp

3.13.0-87.133
linux-image-3.13.0-87-powerpc64-emb

3.13.0-87.133

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2015-4004,

CVE-2016-2069,

CVE-2016-2117,

CVE-2016-2187,

CVE-2016-3672,

CVE-2016-3951,

CVE-2016-3955,

CVE-2016-4485,

CVE-2016-4486,

CVE-2016-4581

US-CERT

IC3 Warns of Extortion Email Schemes

Original release date: June 01, 2016

The Internet Crime Complaint Center (IC3) has issued an alert on extortion schemes that relate to recent high-profile data thefts. Fraudsters often use the news release of high-profile data breaches to scare victims into clicking on a link or paying a ransom.

US-CERT encourages users and administrators to review the IC3 Alert for details and refer to US-CERT Tip ST04-014 for information on social engineering and phishing attacks.

This product is provided subject to this Notification and this Privacy & Use policy.

US-CERT

Cisco Releases Security Updates

Original release date: June 01, 2016

Cisco has released security updates to address vulnerabilities in its Prime Network Analysis Module software. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Debian

DSA-3593 libxml2 – security update

Several vulnerabilities were discovered in libxml2, a library providing
support to read, modify and write XML and HTML files. A remote attacker
could provide a specially crafted XML or HTML file that, when processed
by an application using libxml2, would cause a denial-of-service against
the application, or potentially the execution of arbitrary code with the
privileges of the user running the application.