Ubuntu 14.04 LTS: 0041-1 Moderate: Kernel DoS and Escalation Threats
Aug 10, 2018
•
LinuxSecurity Advisories
2 - 4 min read
Topics Covered
Several security issues were fixed in the kernel.
=========================================================================Kernel Live Patch Security Notice 0041-1 August 06, 2018 linux vulnerability ========================================================================= A security issue affects these releases of Ubuntu: | Series | Base kernel | Arch | flavors | |------------------+--------------+----------+------------------| | Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | generic | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | lowlatency | Summary: Several security issues were fixed in the kernel. Software Description: - linux: Linux kernel Details: The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as demonstrated by a CDROMREADMODE2 ioctl call. (CVE-2018-11506) Wen Xu discovered that the ext4 file system implementation in the Linux kernel did not properly initialize the crc32c checksum driver. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-1094) The inode_init_owner function in fs/inode.c in the Linux kernel through 4.17.4 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID. (CVE-2018-13405) An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp. (CVE-2018-13094) Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packets. A remote attacker could use this to cause a denial of service. (CVE-2018-5390) Update instructions: The problem can be corrected by updating your livepatches to the following versions: | Kernel | Version | flavors | |--------------------------+----------+--------------------------| | 4.4.0-124.148 | 41.2 | lowlatency, generic | | 4.4.0-124.148~14.04.1 | 41.2 | generic, lowlatency | | 4.4.0-127.153 | 41.2 | lowlatency, generic | | 4.4.0-127.153~14.04.1 | 41.2 | lowlatency, generic | | 4.4.0-128.154 | 41.2 | generic, lowlatency | | 4.4.0-128.154~14.04.1 | 41.2 | generic, lowlatency | | 4.4.0-130.156 | 41.2 | generic, lowlatency | | 4.4.0-130.156~14.04.1 | 41.2 | lowlatency, generic | | 4.4.0-131.157 | 41.2 | lowlatency, generic | | 4.4.0-131.157~14.04.1 | 41.2 | lowlatency, generic | | 4.15.0-20.21 | 41.2 | generic, lowlatency | | 4.15.0-22.24 | 41.2 | lowlatency, generic | | 4.15.0-23.25 | 41.2 | lowlatency, generic | | 4.15.0-24.26 | 41.2 | lowlatency, generic | | 4.15.0-29.31 | 41.2 | generic, lowlatency | References: CVE-2018-11506, CVE-2018-1094, CVE-2018-13405, CVE-2018-13094, CVE-2018-5390 -- ubuntu-security-announce mailing listThis email address is being protected from spambots. You need JavaScript enabled to view it. Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
PREVIOUS
NEXT
Ubuntu 14.04 LTS: 0041-1 Moderate: Kernel DoS and Escalation Threats
ubuntu
August 10, 2018
Several security issues were fixed in the kernel.
Summary
Topics Covered
Update Instructions
The problem can be corrected by updating your livepatches to the following versions: | Kernel | Version | flavors | |--------------------------+----------+--------------------------| | 4.4.0-124.148 | 41.2 | lowlatency, generic | | 4.4.0-124.148~14.04.1 | 41.2 | generic, lowlatency | | 4.4.0-127.153 | 41.2 | lowlatency, generic | | 4.4.0-127.153~14.04.1 | 41.2 | lowlatency, generic | | 4.4.0-128.154 | 41.2 | generic, lowlatency | | 4.4.0-128.154~14.04.1 | 41.2 | generic, lowlatency | | 4.4.0-130.156 | 41.2 | generic, lowlatency | | 4.4.0-130.156~14.04.1 | 41.2 | lowlatency, generic | | 4.4.0-131.157 | 41.2 | lowlatency, generic | | 4.4.0-131.157~14.04.1 | 41.2 | lowlatency, generic | | 4.15.0-20.21 | 41.2 | generic, lowlatency | | 4.15.0-22.24 | 41.2 | lowlatency, generic | | 4.15.0-23.25 | 41.2 | lowlatency, generic | | 4.15.0-24.26 | 41.2 | lowlatency, generic | | 4.15.0-29.31 | 41.2 | generic, lowlatency |
References
CVE-2018-11506, CVE-2018-1094, CVE-2018-13405, CVE-2018-13094,
CVE-2018-5390
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
August 06, 2018
Topics Covered
Package Information
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!