Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 529
Alerts This Week
Warning Icon 1 529

Ubuntu 14.04 LTS USN-2413-1 Critical AppArmor Resource Access

ubuntu
Calendar Grey November 20, 2014
Dist Ubuntu Esm H88
Ubuntu Security Notice USN-2414-2 outlines a vulnerability in the OpenSSL library, which might enable attackers to intercept sensitive communications.
apparmor_parser could allow applications that are confined by AppArmor to gainunintended access to resources.

Summary

apparmor_parser could allow applications that are confined by AppArmor to gain

unintended access to resources.

Software Description:

- apparmor: Linux security system

Details:

An AppArmor policy miscompilation flaw was discovered in apparmor_parser. Under

certain circumstances, a malicious application could use this flaw to perform

operations that are not allowed by AppArmor policy. The flaw may also prevent

applications from accessing resources that are allowed by AppArmor policy.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
  apparmor                        2.8.95~2430-0ubuntu5.1

In general, a standard system update will make all the necessary changes.

References

CVE-2014-1424

Severity
critical
Lowest
Low
Medium
High
Critical

November 20, 2014

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.