Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Ubuntu 18.10: USN-3907-1 Moderate: WALinuxAgent Information Exposure

Calendar Mar 12, 2019 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory update instructions local attack information exposure ubuntu walinuxagent
WALinuxAgent could be made to expose sensitive information. 
=========================================================================Ubuntu Security Notice USN-3907-1
March 12, 2019

walinuxagent vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.10
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

WALinuxAgent could be made to expose sensitive information.

Software Description:
- walinuxagent: Windows Azure Linux Agent

Details:

It was discovered that WALinuxAgent created swap files with incorrect
permissions. A local attacker could possibly use this issue to obtain
sensitive information from the swap file.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.10:
  walinuxagent                    2.2.32-0ubuntu1~18.10.2

Ubuntu 18.04 LTS:
  walinuxagent                    2.2.32-0ubuntu1~18.04.2

Ubuntu 16.04 LTS:
  walinuxagent                    2.2.32-0ubuntu1~16.04.2

Ubuntu 14.04 LTS:
  walinuxagent                    2.2.32-0ubuntu1~14.04.2

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-3907-1
  CVE-2019-0804

Package Information:
  https://launchpad.net/ubuntu/+source/walinuxagent/2.2.32-0ubuntu1~18.10.2
  https://launchpad.net/ubuntu/+source/walinuxagent/2.2.32-0ubuntu1~18.04.2
  https://launchpad.net/ubuntu/+source/walinuxagent/2.2.32-0ubuntu1~16.04.2
  https://launchpad.net/ubuntu/+source/walinuxagent/2.2.32-0ubuntu1~14.04.2

Ubuntu 18.10: USN-3907-1 Moderate: WALinuxAgent Information Exposure

ubuntu
Calendar Grey March 12, 2019
Dist Ubuntu Esm H88
The WALinuxAgent is susceptible to local exploits, which could lead to the leakage of confidential data. Take immediate action to update and fortify your system!
WALinuxAgent could be made to expose sensitive information.

Summary

Topics%20covered

Topics Covered

security advisory update instructions local attack information exposure ubuntu walinuxagent

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: walinuxagent 2.2.32-0ubuntu1~18.10.2 Ubuntu 18.04 LTS: walinuxagent 2.2.32-0ubuntu1~18.04.2 Ubuntu 16.04 LTS: walinuxagent 2.2.32-0ubuntu1~16.04.2 Ubuntu 14.04 LTS: walinuxagent 2.2.32-0ubuntu1~14.04.2 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-3907-1

CVE-2019-0804

Severity
important
Lowest
Low
Medium
High
Critical

March 12, 2019

Topics%20covered

Topics Covered

security advisory update instructions local attack information exposure ubuntu walinuxagent

Package Information

https://launchpad.net/ubuntu/+source/walinuxagent/2.2.32-0ubuntu1~18.10.2 https://launchpad.net/ubuntu/+source/walinuxagent/2.2.32-0ubuntu1~18.04.2 https://launchpad.net/ubuntu/+source/walinuxagent/2.2.32-0ubuntu1~16.04.2 https://launchpad.net/ubuntu/+source/walinuxagent/2.2.32-0ubuntu1~14.04.2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here