Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 6 articles for you...
100
security advisorydenial of servicelocal user exploitSUSE Linux 12-SP1: 2017:0865-1 Important: Kernel Bugs Fixed
An update that solves two vulnerabilities and has one An update that solves two vulnerabilities and has one An update that solves two vulnerabilities and has one errata is now available. errata is now available.. SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0865-1 Rating: important References: #1027565 #1028372 #1030573 Cross-References: CVE-2017-2636 CVE-2017-7184 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: The SUSE Linux Enterprise 12 kernel was updated to fix the following security bugs: - CVE-2017-7184: The Linux kernel allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) via unspecified vectors, as demonstrated during a Pwn2Own competition at CanSecWest 2017 (bnc#1030573, bnc#1028372). - CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bnc#1027565). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-485=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -tpatch SUSE-SLE-SDK-12-SP1-2017-485=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-485=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2017-485=1 - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-485=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-485=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): kernel-default-debuginfo-3.12.69-60.64.35.1 kernel-default-debugsource-3.12.69-60.64.35.1 kernel-default-extra-3.12.69-60.64.35.1 kernel-default-extra-debuginfo-3.12.69-60.64.35.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): kernel-obs-build-3.12.69-60.64.35.1 kernel-obs-build-debugsource-3.12.69-60.64.35.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): kernel-docs-3.12.69-60.64.35.3 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): kernel-default-3.12.69-60.64.35.1 kernel-default-base-3.12.69-60.64.35.1 kernel-default-base-debuginfo-3.12.69-60.64.35.1 kernel-default-debuginfo-3.12.69-60.64.35.1 kernel-default-debugsource-3.12.69-60.64.35.1 kernel-default-devel-3.12.69-60.64.35.1 kernel-syms-3.12.69-60.64.35.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): kernel-devel-3.12.69-60.64.35.1 kernel-macros-3.12.69-60.64.35.1 kernel-source-3.12.69-60.64.35.1 - SUSE Linux Enterprise Server 12-SP1 (x86_64): kernel-xen-3.12.69-60.64.35.1 kernel-xen-base-3.12.69-60.64.35.1 kernel-xen-base-debuginfo-3.12.69-60.64.35.1 kernel-xen-debuginfo-3.12.69-60.64.35.1 kernel-xen-debugsource-3.12.69-60.64.35.1 kernel-xen-devel-3.12.69-60.64.35.1 - SUSE Linux Enterprise Server 12-SP1 (s390x): kernel-default-man-3.12.69-60.64.35.1 - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64): kernel-ec2-3.12.69-60.64.35.1 kernel-ec2-debuginfo-3.12.69-60.64.35.1 kernel-ec2-debugsource-3.12.69-60.64.35.1 kernel-ec2-devel-3.12.69-60.64.35.1 kernel-ec2-extra-3.12.69-60.64.35.1 kernel-ec2-extra-debuginfo-3.12.69-60.64.35.1 - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_69-60_64_35-default-1-2.1 kgraft-patch-3_12_69-60_64_35-xen-1-2.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): kernel-default-3.12.69-60.64.35.1 kernel-default-debuginfo-3.12.69-60.64.35.1 kernel-default-debugsource-3.12.69-60.64.35.1 kernel-default-devel-3.12.69-60.64.35.1 kernel-default-extra-3.12.69-60.64.35.1 kernel-default-extra-debuginfo-3.12.69-60.64.35.1 kernel-syms-3.12.69-60.64.35.1 kernel-xen-3.12.69-60.64.35.1 kernel-xen-debuginfo-3.12.69-60.64.35.1 kernel-xen-debugsource-3.12.69-60.64.35.1 kernel-xen-devel-3.12.69-60.64.35.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): kernel-devel-3.12.69-60.64.35.1 kernel-macros-3.12.69-60.64.35.1 kernel-source-3.12.69-60.64.35.1 References: https://www.suse.com/security/cve/CVE-2017-2636.html https://www.suse.com/security/cve/CVE-2017-7184.html https://bugzilla.suse.com/1027565 https://bugzilla.suse.com/1028372 https://bugzilla.suse.com/1030573 . SUSE has released a crucial Security Update for the Linux Kernel, tackling several vulnerabilities. It is vital to keep your system current to reduce potential threats.. SUSE Linux, Kernel Update, Privilege Escalation, Security Bug Fixes, Denial of Service. . Severity: Important. LinuxSecurity.com Team
Mar 30, 2017
•Important
SuSE
100
security advisorydenial of servicesecurity issueSUSE: 2016:0751-1 Important: Kernel Live Patch for Security Issues
An update that fixes three vulnerabilities is now available. An update that fixes three vulnerabilities is now available. An update that fixes three vulnerabilities is now available.. SUSE Security Update: Security update for kernel live patch 0 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:0751-1 Rating: important References: #955837 #960329 #962078 Cross-References: CVE-2013-7446 CVE-2015-8660 CVE-2016-0728 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This kernel live patch for Linux Kernel 3.12.49-11.1 fixes three security issues: Fixes: - CVE-2016-0728: A reference leak in keyring handling with join_session_keyring() could lead to local attackers gain root privileges. (bsc#962078). - CVE-2015-8660: The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application. (bsc#960329) - CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls. (bsc#955837) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-439=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_49-11-default-3-8.2 kgraft-patch-3_12_49-11-xen-3-8.2 References: https://www.suse.com/security/cve/CVE-2013-7446.html https://www.suse.com/security/cve/CVE-2015-8660.html https://www.suse.com/security/cve/CVE-2016-0728.html https://bugzilla.suse.com/955837 https://bugzilla.suse.com/960329 https://bugzilla.suse.com/962078 . SUSE Security Update tackles urgent kernel vulnerabilities, enhancing overall protection for Linux 12 users through essential updates.. SUSE Linux, Kernel Patch, Security Update, System Security, Live Patching. . Severity: Important. LinuxSecurity.com Team
Mar 14, 2016
•Important
SuSE
98
security advisoryRed Hatlocal user exploitRed Hat 5: RHSA-2014:0740-01 Important Kernel Fixes and Updates
Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2014:0740-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2014:0740.html Issue date: 2014-06-10 CVE Names: CVE-2013-7339 CVE-2014-1737 CVE-2014-1738 ==================================================================== 1. Summary: Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with writeaccess to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. * A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate) Red Hat would like to thank Matthew Daley for reporting CVE-2014-1737 and CVE-2014-1738. This update also fixes the following bugs: * A bug in the futex system call could result in an overflow when passing a very large positive timeout. As a consequence, the FUTEX_WAIT operation did not work as intended and the system call was timing out immediately. A backported patch fixes this bug by limiting very large positive timeouts to the maximal supported value. (BZ#1091832) * A new Linux Security Module (LSM) functionality related to the setrlimit hooks should produce a warning message when used by a third party module that could not cope with it. However, due to a programming error, the kernel could print this warning message when a process was setting rlimits for a different process, or if rlimits were modified by another than the main thread even though there was no incompatible third party module. This update fixes the relevant code and ensures that the kernel handles this warning message correctly. (BZ#1092869) * Previously, the kernel was unable to detect KVM on system boot if the Hyper-V emulation was enabled. A patch has been applied to ensure that both KVM and Hyper-V hypervisors are now correctly detected during system boot. (BZ#1094152) * A function in the RPC code responsible for verifying whether cached credentials match the current process did not perform the check correctly. The code checked only whether the groups in the current process credentials appear in the same order as in the cached credentials but did not ensure that no other groups are present in the cached credentials. As a consequence, when accessingfiles in NFS mounts, a process with the same UID and GID as the original process but with a non-matching group list could have been granted an unauthorized access to a file, or under certain circumstances, the process could have been wrongly prevented from accessing the file. The incorrect test condition has been fixed and the problem can no longer occur. (BZ#1095062) * When being under heavy load, some Fibre Channel storage devices, such as Hitachi and HP Open-V series, can send a logout (LOGO) message to the host system. However, due to a bug in the lpfc driver, this could result in a loss of active paths to the storage and the paths could not be recovered without manual intervention. This update corrects the lpfc driver to ensure automatic recovery of the lost paths to the storage in this scenario. (BZ#1096061) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1079214 - CVE-2013-7339 kernel: net: rds: dereference of a NULL device in rds_ib_laddr_check() 1094299 - CVE-2014-1737 CVE-2014-1738 kernel: block: floppy: privilege escalation via FDRAWCMD floppy ioctl command 6. Package List: Red Hat Enterprise Linux Desktop (v. 5client): Source: kernel-2.6.18-371.9.1.el5.src.rpm i386: kernel-2.6.18-371.9.1.el5.i686.rpm kernel-PAE-2.6.18-371.9.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-PAE-devel-2.6.18-371.9.1.el5.i686.rpm kernel-debug-2.6.18-371.9.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-debug-devel-2.6.18-371.9.1.el5.i686.rpm kernel-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-371.9.1.el5.i686.rpm kernel-devel-2.6.18-371.9.1.el5.i686.rpm kernel-headers-2.6.18-371.9.1.el5.i386.rpm kernel-xen-2.6.18-371.9.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-xen-devel-2.6.18-371.9.1.el5.i686.rpm noarch: kernel-doc-2.6.18-371.9.1.el5.noarch.rpm x86_64: kernel-2.6.18-371.9.1.el5.x86_64.rpm kernel-debug-2.6.18-371.9.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-371.9.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-371.9.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-371.9.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-371.9.1.el5.x86_64.rpm kernel-devel-2.6.18-371.9.1.el5.x86_64.rpm kernel-headers-2.6.18-371.9.1.el5.x86_64.rpm kernel-xen-2.6.18-371.9.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-371.9.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-371.9.1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: kernel-2.6.18-371.9.1.el5.src.rpm i386: kernel-2.6.18-371.9.1.el5.i686.rpm kernel-PAE-2.6.18-371.9.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-PAE-devel-2.6.18-371.9.1.el5.i686.rpm kernel-debug-2.6.18-371.9.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-debug-devel-2.6.18-371.9.1.el5.i686.rpm kernel-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-371.9.1.el5.i686.rpm kernel-devel-2.6.18-371.9.1.el5.i686.rpm kernel-headers-2.6.18-371.9.1.el5.i386.rpm kernel-xen-2.6.18-371.9.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-371.9.1.el5.i686.rpm kernel-xen-devel-2.6.18-371.9.1.el5.i686.rpm ia64: kernel-2.6.18-371.9.1.el5.ia64.rpm kernel-debug-2.6.18-371.9.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-371.9.1.el5.ia64.rpm kernel-debug-devel-2.6.18-371.9.1.el5.ia64.rpm kernel-debuginfo-2.6.18-371.9.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-371.9.1.el5.ia64.rpm kernel-devel-2.6.18-371.9.1.el5.ia64.rpm kernel-headers-2.6.18-371.9.1.el5.ia64.rpm kernel-xen-2.6.18-371.9.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-371.9.1.el5.ia64.rpm kernel-xen-devel-2.6.18-371.9.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-371.9.1.el5.noarch.rpm ppc: kernel-2.6.18-371.9.1.el5.ppc64.rpm kernel-debug-2.6.18-371.9.1.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-371.9.1.el5.ppc64.rpm kernel-debug-devel-2.6.18-371.9.1.el5.ppc64.rpm kernel-debuginfo-2.6.18-371.9.1.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-371.9.1.el5.ppc64.rpm kernel-devel-2.6.18-371.9.1.el5.ppc64.rpm kernel-headers-2.6.18-371.9.1.el5.ppc.rpm kernel-headers-2.6.18-371.9.1.el5.ppc64.rpm kernel-kdump-2.6.18-371.9.1.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-371.9.1.el5.ppc64.rpm kernel-kdump-devel-2.6.18-371.9.1.el5.ppc64.rpm s390x: kernel-2.6.18-371.9.1.el5.s390x.rpm kernel-debug-2.6.18-371.9.1.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-371.9.1.el5.s390x.rpm kernel-debug-devel-2.6.18-371.9.1.el5.s390x.rpm kernel-debuginfo-2.6.18-371.9.1.el5.s390x.rpm kernel-debuginfo-common-2.6.18-371.9.1.el5.s390x.rpm kernel-devel-2.6.18-371.9.1.el5.s390x.rpm kernel-headers-2.6.18-371.9.1.el5.s390x.rpm kernel-kdump-2.6.18-371.9.1.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-371.9.1.el5.s390x.rpm kernel-kdump-devel-2.6.18-371.9.1.el5.s390x.rpm x86_64: kernel-2.6.18-371.9.1.el5.x86_64.rpm kernel-debug-2.6.18-371.9.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-371.9.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-371.9.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-371.9.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-371.9.1.el5.x86_64.rpm kernel-devel-2.6.18-371.9.1.el5.x86_64.rpm kernel-headers-2.6.18-371.9.1.el5.x86_64.rpm kernel-xen-2.6.18-371.9.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-371.9.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-371.9.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/cve/CVE-2013-7339 https://access.redhat.com/security/cve/CVE-2014-1737 https://access.redhat.com/security/cve/CVE-2014-1738 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. . Critical kernel patches released for Red Hat Enterprise Linux 5, resolving several vulnerabilities and defects.. Kernel Security Update, Red Hat Enterprise Linux, Bug Fixes, Local User Exploit. . Severity: Important. LinuxSecurity.com Team
Jun 10, 2014
•Important
Red Hat
172
security advisorydenial of servicelocal user exploitUbuntu 13.10: USN-2116-1 Important: Issues with the OMAP4 Kernel
Several security issues were fixed in the kernel.. =========================================================================Ubuntu Security Notice USN-2116-1 February 18, 2014 linux-ti-omap4 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 13.10 Summary: Several security issues were fixed in the kernel. Software Description: - linux-ti-omap4: Linux kernel for OMAP4 Details: Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2929) A flaw in the handling of memory regions of the kernel virtual machine (KVM) subsystem was discovered. A local user with the ability to assign a device could exploit this flaw to cause a denial of service (memory consumption). (CVE-2013-4592) Nico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's debugfs filesystem. An administrative local user could exploit this flaw to cause a denial of service (OOPS). (CVE-2013-6378) Nico Golde and Fabian Yamaguchi reported a flaw in the driver for Adaptec AACRAID scsi raid devices in the Linux kernel. A local user could use this flaw to cause a denial of service or possibly other unspecified impact. (CVE-2013-6380) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 13.10: linux-image-3.5.0-238-omap4 3.5.0-238.54 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version.Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-2116-1 CVE-2013-2929, CVE-2013-4592, CVE-2013-6378, CVE-2013-6380 Package Information: https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.5.0-238.54 . Multiple vulnerabilities addressed in the Linux kernel for OMAP4 on Ubuntu, focusing on the mitigation of unauthorized access exploits.. Linux Kernel Updates, OMAP4 Security, Ubuntu Security Notices, Denial of Service Risks. . Severity: Important. LinuxSecurity.com Team
Feb 18, 2014
•Important
Ubuntu
172
security advisorycritical issuelocal user exploitUbuntu 11.04: USN-1557-1 Critical: Linux Kernel Crash Threat
The system could be made to crash under certain conditions.. =========================================================================Ubuntu Security Notice USN-1557-1 September 07, 2012 linux vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.04 Summary: The system could be made to crash under certain conditions. Software Description: - linux: Linux kernel Details: Some errors where discovered in the Linux kernel's UDF file system, which is used to mount some CD-ROMs and DVDs. An unprivileged local user could use these flaws to crash the system. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: linux-image-2.6.38-15-generic 2.6.38-15.66 linux-image-2.6.38-15-generic-pae 2.6.38-15.66 linux-image-2.6.38-15-omap 2.6.38-15.66 linux-image-2.6.38-15-powerpc 2.6.38-15.66 linux-image-2.6.38-15-powerpc-smp 2.6.38-15.66 linux-image-2.6.38-15-powerpc64-smp 2.6.38-15.66 linux-image-2.6.38-15-server 2.6.38-15.66 linux-image-2.6.38-15-versatile 2.6.38-15.66 linux-image-2.6.38-15-virtual 2.6.38-15.66 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-1557-1 CVE-2012-3400 Package Information: https://launchpad.net/ubuntu/+source/linux/2.6.38-15.66 . An essential vulnerability in the Linux kernel permits a local user to cause a system crash. It's crucial to update Ubuntu 11.04 to address this issue. Discover how!. linux kernel issue, security notice, system crash fix, Linux updates, security patch. . Severity: Critical. LinuxSecurity.com Team
Sep 07, 2012
•Critical
Ubuntu
98
security advisoryRed Hatkernel updateRed Hat 5: RHSA-2011:0833-01 Critical: Kernel Security Flaws
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2011:0833-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2011:0833.html Issue date: 2011-05-31 CVE Names: CVE-2011-0726 CVE-2011-1078 CVE-2011-1079 CVE-2011-1080 CVE-2011-1093 CVE-2011-1163 CVE-2011-1166 CVE-2011-1170 CVE-2011-1171 CVE-2011-1172 CVE-2011-1494 CVE-2011-1495 CVE-2011-1577 CVE-2011-1763 ==================================================================== 1. Summary: Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * A flaw in the dccp_rcv_state_process() function could allow a remote attacker to cause a denial of service, even when the socket was already closed. (CVE-2011-1093, Important) * Multiple buffer overflow flaws were found in the Linux kernel's Management Module Support for Message Passing Technology (MPT) based controllers. A local, unprivileged user coulduse these flaws to cause a denial of service, an information leak, or escalate their privileges. (CVE-2011-1494, CVE-2011-1495, Important) * A missing validation of a null-terminated string data structure element in the bnep_sock_ioctl() function could allow a local user to cause an information leak or a denial of service. (CVE-2011-1079, Moderate) * Missing error checking in the way page tables were handled in the Xen hypervisor implementation could allow a privileged guest user to cause the host, and the guests, to lock up. (CVE-2011-1166, Moderate) * A flaw was found in the way the Xen hypervisor implementation checked for the upper boundary when getting a new event channel port. A privileged guest user could use this flaw to cause a denial of service or escalate their privileges. (CVE-2011-1763, Moderate) * The start_code and end_code values in "/proc/[pid]/stat" were not protected. In certain scenarios, this flaw could be used to defeat Address Space Layout Randomization (ASLR). (CVE-2011-0726, Low) * A missing initialization flaw in the sco_sock_getsockopt() function could allow a local, unprivileged user to cause an information leak. (CVE-2011-1078, Low) * A missing validation of a null-terminated string data structure element in the do_replace() function could allow a local user who has the CAP_NET_ADMIN capability to cause an information leak. (CVE-2011-1080, Low) * A buffer overflow flaw in the DEC Alpha OSF partition implementation in the Linux kernel could allow a local attacker to cause an information leak by mounting a disk that contains specially-crafted partition tables. (CVE-2011-1163, Low) * Missing validations of null-terminated string data structure elements in the do_replace(), compat_do_replace(), do_ipt_get_ctl(), do_ip6t_get_ctl(), and do_arpt_get_ctl() functions could allow a local user who has the CAP_NET_ADMIN capability to cause an information leak. (CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, Low) * A heap overflow flaw in the Linux kernel's EFI GUID Partition Table(GPT) implementation could allow a local attacker to cause a denial of service by mounting a disk that contains specially-crafted partition tables. (CVE-2011-1577, Low) Red Hat would like to thank Dan Rosenberg for reporting CVE-2011-1494 and CVE-2011-1495; Vasiliy Kulikov for reporting CVE-2011-1079, CVE-2011-1078, CVE-2011-1080, CVE-2011-1170, CVE-2011-1171, and CVE-2011-1172; Kees Cook for reporting CVE-2011-0726; and Timo Warns for reporting CVE-2011-1163 and CVE-2011-1577. This update also fixes several bugs. Documentation for these bug fixes will be available shortly from the Technical Notes document linked to in the References section. Users should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs noted in the Technical Notes. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (http://bugzilla.redhat.com/): 681259 - CVE-2011-1078 kernel: bt sco_conninfo infoleak 681260 - CVE-2011-1079 kernel: bnep device field missing NULL terminator 681262 - CVE-2011-1080 kernel: ebtables stack infoleak 682954 - CVE-2011-1093 kernel: dccp: fix oops on Reset after close 684569 - CVE-2011-0726 kernel: proc: protect mm start_code/end_code in /proc/pid/stat 688021 - CVE-2011-1163 kernel: fs/partitions: Corrupted OSF partition table infoleak 688156 - [5.6][REG]for some uses of 'nfsservctl' system call, the kernel crashes. [rhel-5.6.z] 688579 - CVE-2011-1166 kernel: xen: x86_64:fix error checking in arch_set_info_guest() 689321 - CVE-2011-1170 ipv4: netfilter: arp_tables: fix infoleak to userspace 689327 - CVE-2011-1171 ipv4: netfilter: ip_tables: fix infoleak to userspace 689345 - CVE-2011-1172 ipv6: netfilter: ip6_tables: fix infoleak to userspace 689699 - Deadlock between device driver attachment and device removal with a USB device [rhel-5.6.z] 689700 - [NetApp 5.6 Bug] QLogic 8G FC firmware dumps seen during IO [rhel-5.6.z] 690134 - Time runs too fast in a VM on processors with > 4GHZ freq [rhel-5.6.z] 690239 - gfs2: creating large files suddenly slow to a crawl [rhel-5.6.z] 694021 - CVE-2011-1494 CVE-2011-1495 kernel: drivers/scsi/mpt2sas: prevent heap overflows 695976 - CVE-2011-1577 kernel: corrupted GUID partition tables can cause kernel oops 696136 - RHEL 5.6 (kernel -238) causes audio issues [rhel-5.6.z] 697448 - slab corruption after seeing some nfs-related BUG: warning [rhel-5.6.z] 699808 - dasd: fix race between open and offline [rhel-5.6.z] 701240 - CVE-2011-1763 kernel: xen: improper upper boundary check in get_free_port() function 6. Package List: Red Hat Enterprise Linux Desktop (v. 5client): Source: i386: kernel-2.6.18-238.12.1.el5.i686.rpm kernel-PAE-2.6.18-238.12.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-238.12.1.el5.i686.rpm kernel-PAE-devel-2.6.18-238.12.1.el5.i686.rpm kernel-debug-2.6.18-238.12.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-238.12.1.el5.i686.rpm kernel-debug-devel-2.6.18-238.12.1.el5.i686.rpm kernel-debuginfo-2.6.18-238.12.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-238.12.1.el5.i686.rpm kernel-devel-2.6.18-238.12.1.el5.i686.rpm kernel-headers-2.6.18-238.12.1.el5.i386.rpm kernel-xen-2.6.18-238.12.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-238.12.1.el5.i686.rpm kernel-xen-devel-2.6.18-238.12.1.el5.i686.rpm noarch: kernel-doc-2.6.18-238.12.1.el5.noarch.rpm x86_64: kernel-2.6.18-238.12.1.el5.x86_64.rpm kernel-debug-2.6.18-238.12.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-238.12.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-238.12.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-238.12.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-238.12.1.el5.x86_64.rpm kernel-devel-2.6.18-238.12.1.el5.x86_64.rpm kernel-headers-2.6.18-238.12.1.el5.x86_64.rpm kernel-xen-2.6.18-238.12.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-238.12.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-238.12.1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: i386: kernel-2.6.18-238.12.1.el5.i686.rpm kernel-PAE-2.6.18-238.12.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-238.12.1.el5.i686.rpm kernel-PAE-devel-2.6.18-238.12.1.el5.i686.rpm kernel-debug-2.6.18-238.12.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-238.12.1.el5.i686.rpm kernel-debug-devel-2.6.18-238.12.1.el5.i686.rpm kernel-debuginfo-2.6.18-238.12.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-238.12.1.el5.i686.rpm kernel-devel-2.6.18-238.12.1.el5.i686.rpm kernel-headers-2.6.18-238.12.1.el5.i386.rpm kernel-xen-2.6.18-238.12.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-238.12.1.el5.i686.rpm kernel-xen-devel-2.6.18-238.12.1.el5.i686.rpm ia64: kernel-2.6.18-238.12.1.el5.ia64.rpm kernel-debug-2.6.18-238.12.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-238.12.1.el5.ia64.rpm kernel-debug-devel-2.6.18-238.12.1.el5.ia64.rpm kernel-debuginfo-2.6.18-238.12.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-238.12.1.el5.ia64.rpm kernel-devel-2.6.18-238.12.1.el5.ia64.rpm kernel-headers-2.6.18-238.12.1.el5.ia64.rpm kernel-xen-2.6.18-238.12.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-238.12.1.el5.ia64.rpm kernel-xen-devel-2.6.18-238.12.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-238.12.1.el5.noarch.rpm ppc: kernel-2.6.18-238.12.1.el5.ppc64.rpm kernel-debug-2.6.18-238.12.1.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-238.12.1.el5.ppc64.rpm kernel-debug-devel-2.6.18-238.12.1.el5.ppc64.rpm kernel-debuginfo-2.6.18-238.12.1.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-238.12.1.el5.ppc64.rpm kernel-devel-2.6.18-238.12.1.el5.ppc64.rpm kernel-headers-2.6.18-238.12.1.el5.ppc.rpm kernel-headers-2.6.18-238.12.1.el5.ppc64.rpm kernel-kdump-2.6.18-238.12.1.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-238.12.1.el5.ppc64.rpm kernel-kdump-devel-2.6.18-238.12.1.el5.ppc64.rpm s390x: kernel-2.6.18-238.12.1.el5.s390x.rpm kernel-debug-2.6.18-238.12.1.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-238.12.1.el5.s390x.rpm kernel-debug-devel-2.6.18-238.12.1.el5.s390x.rpm kernel-debuginfo-2.6.18-238.12.1.el5.s390x.rpm kernel-debuginfo-common-2.6.18-238.12.1.el5.s390x.rpm kernel-devel-2.6.18-238.12.1.el5.s390x.rpm kernel-headers-2.6.18-238.12.1.el5.s390x.rpm kernel-kdump-2.6.18-238.12.1.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-238.12.1.el5.s390x.rpm kernel-kdump-devel-2.6.18-238.12.1.el5.s390x.rpm x86_64: kernel-2.6.18-238.12.1.el5.x86_64.rpm kernel-debug-2.6.18-238.12.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-238.12.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-238.12.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-238.12.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-238.12.1.el5.x86_64.rpm kernel-devel-2.6.18-238.12.1.el5.x86_64.rpm kernel-headers-2.6.18-238.12.1.el5.x86_64.rpm kernel-xen-2.6.18-238.12.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-238.12.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-238.12.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2011-0726 https://access.redhat.com/security/cve/CVE-2011-1078 https://access.redhat.com/security/cve/CVE-2011-1079 https://access.redhat.com/security/cve/CVE-2011-1080 https://access.redhat.com/security/cve/CVE-2011-1093 https://access.redhat.com/security/cve/CVE-2011-1163 https://access.redhat.com/security/cve/CVE-2011-1166 https://access.redhat.com/security/cve/CVE-2011-1170 https://access.redhat.com/security/cve/CVE-2011-1171 https://access.redhat.com/security/cve/CVE-2011-1172 https://access.redhat.com/security/cve/CVE-2011-1494 https://access.redhat.com/security/cve/CVE-2011-1495 https://access.redhat.com/security/cve/CVE-2011-1577 https://access.redhat.com/security/cve/CVE-2011-1763 https://access.redhat.com/security/updates/classification#important https://access.redhat.com/search/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2011 Red Hat, Inc. . An update for the kernel package in Red Hat Enterprise Linux 5has been released, addressing critical security vulnerabilities and bug resolutions. It's recommended to upgrade now.. Red Hat Enterprise Linux, Kernel Security, System Update, Package Management. . Severity: Important. LinuxSecurity.com Team
May 31, 2011
•Important
Red Hat
100
security advisorysecurity issuekernel updateSUSE Linux Enterprise 9: 2009-015 Moderate: Kernel Remote Denial Of Service
The SUSE Linux Enterprise 9 kernel has been updated to fix lots of bugs The SUSE Linux Enterprise 9 kernel has been updated to fix lots of bugs and several security issues. and several security issues. Following security issues were fixed: CVE-2009-0028: The clone system call in the Linux kernel allows local users to send arbitrary signals to a parent process from an unprivileged child process by [More...]. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: kernel Announcement ID: SUSE-SA:2009:015 Date: Fri, 03 Apr 2009 11:00:00 +0000 Affected Products: SUSE SLES 9 Novell Linux Desktop 9 Open Enterprise Server Novell Linux POS 9 Vulnerability Type: remote denial of service Severity (1-10): 7 SUSE Default Package: yes Cross-References: CVE-2009-0028, CVE-2009-0065, CVE-2009-0322 CVE-2009-0675, CVE-2009-0676 Content of This Advisory: 1) Security Vulnerability Resolved: Linux kernel security update Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion The SUSE Linux Enterprise 9 kernel has been updated to fix lots of bugs and several security issues. Following security issues were fixed: CVE-2009-0028: The clone system call in the Linux kernel allows local users to send arbitrary signals to aparent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit. CVE-2009-0675: The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an "inverted logic" issue. CVE-2009-0676: The sock_getsockopt function in net/core/sock.c in the Linux kernel does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request. CVE-2009-0322: drivers/firmware/dell_rbu.c in the Linux kernel allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/. CVE-2009-0065: Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID. The update was already released last Friday. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Please reboot the machine after installing the update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv to apply theupdate, replacing with the filename of the downloaded RPM package. Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: Novell Linux Desktop 9 for x86 Open Enterprise Server Novell Linux POS 9 SUSE CORE 9 for x86 SUSE CORE 9 for AMD64 and Intel EM64T SUSE CORE 9 for IBM zSeries 64bit SUSE CORE 9 for IBM S/390 31bit SUSE CORE 9 for IBM POWER SUSE SLES 9 SUSE CORE 9 for Itanium Processor Family Novell Linux Desktop 9 Novell Linux Desktop 9 for x86_64 ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify replacing with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team " where is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE updatepackages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from
Apr 03, 2009
•Important
SuSE
172
security advisorydenial of servicesecurity issueUbuntu 707-1 Advisory: CUPS DoS Risk and Security Fixes
It was discovered that CUPS didn't properly handle adding a large number of RSS subscriptions. A local user could exploit this and cause CUPS to crash, leading to a denial of service. This issue only applied to Ubuntu 7.10, 8.04 LTS and 8.10. (CVE-2008-5183) [More...]. ==========================================================Ubuntu Security Notice USN-707-1 January 12, 2009 cups, cupsys vulnerabilities CVE-2008-5183, CVE-2008-5184, CVE-2008-5286, CVE-2008-5377 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.10 Ubuntu 8.04 LTS Ubuntu 8.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: cupsys 1.2.2-0ubuntu0.6.06.12 Ubuntu 7.10: cupsys 1.3.2-1ubuntu7.9 Ubuntu 8.04 LTS: cupsys 1.3.7-1ubuntu3.3 Ubuntu 8.10: cups 1.3.9-2ubuntu6.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: It was discovered that CUPS didn't properly handle adding a large number of RSS subscriptions. A local user could exploit this and cause CUPS to crash, leading to a denial of service. This issue only applied to Ubuntu 7.10, 8.04 LTS and 8.10. (CVE-2008-5183) It was discovered that CUPS did not authenticate users when adding and cancelling RSS subscriptions. An unprivileged local user could bypass intended restrictions and add a large number of RSS subscriptions. This issue only applied to Ubuntu 7.10 and 8.04 LTS. (CVE-2008-5184) It was discovered that the PNG filter in CUPS did not properly handle certain malformed images. If a user or automated system were tricked into opening a crafted PNG image file, a remote attacker could cause a denial of service or execute arbitrarycode with user privileges. In Ubuntu 7.10, 8.04 LTS, and 8.10, attackers would be isolated by the AppArmor CUPS profile. (CVE-2008-5286) It was discovered that the example pstopdf CUPS filter created log files in an insecure way. Local users could exploit a race condition to create or overwrite files with the privileges of the user invoking the program. This issue only applied to Ubuntu 6.06 LTS, 7.10, and 8.04 LTS. (CVE-2008-5377) Updated packages for Ubuntu 6.06 LTS: Source archives: Size/MD5: 100650 effacab03a0a75663148e730badca56e Size/MD5: 1060 e320589ea4731d43a927b6ea986e2ca9 Size/MD5: 4070384 2c99b8aa4c8dc25c8a84f9c06aa52e3e Architecture independent packages: Size/MD5: 996 01d1b0dbc0bf6fed042b103b81d91293 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 36230 ac91b545a2f40de7c165f160928334be Size/MD5: 81912 f3ec3b95abadf43c3642d422bb1d8d64 Size/MD5: 2286872 779f854a26f5670c1183aac0a9adf15b Size/MD5: 6092 e4f7e6b58bbcf3656487d779ada528d1 Size/MD5: 77434 f7789b8cca7ea8f57ca2ca14f4cc1a9b Size/MD5: 25748 e2a92ba2421bafc00df0a6c1f99bcda8 Size/MD5: 130184 6a0808bf1ea2650d8a97fc50ceee0aa6 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 34766 ec9c0af53c98f9d904a8241331179a6d Size/MD5: 77990 c582e927e8d8bbdd29c5c111bc0dd162 Size/MD5: 2254158 f9e7ba99ce5ff49546a8922df47d0005 Size/MD5: 6092 969b76527edef12a2f3c77a77c97480e Size/MD5: 76550 2e653b4dac7063a7d290918bdafd43cf Size/MD5: 25748 cfff840b4e9984245fcd15d845183810 Size/MD5: 122384 ec7ddfb032ee70d393c65d9d90060ea0 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 40466 119cafd93458295da6a6c8c12b35a262 Size/MD5: 89530 bc52672d7f4903f7ec745cbe778e4da2 Size/MD5: 2301402 e3bf63715dbebb29410ce13098b645f1 Size/MD5: 6088 68fd62d76fc0a4e2e515f5a644852e60 Size/MD5: 79208 b83506e935ffd0ac4c1311f003424f2b Size/MD5: 25744 cb2ca08057f83b9b40b60960712d8766 Size/MD5: 128150 597300fc1511305508b9c0e62c061660 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 35388 afe7217a6f8ebe6fba8f7668f8a6d5bf Size/MD5: 78722 0f5be23fb63000b5fb2945f4a40ad70a Size/MD5: 2287758 3b8180329fa4c55ece2b828e07d3366c Size/MD5: 6090 aee18e619e301cdd7472d6f6a326655c Size/MD5: 76468 398ecfef9fff03f088e4964ad0e76c71 Size/MD5: 25748 22655777c70067f973fef557c9196bdf Size/MD5: 123876 99879b6877338c254ae31dcd0f4bae29 Updated packages for Ubuntu 7.10: Source archives: Size/MD5: 129791 3e27f46f569ec5719b5fe13fb78a9f14 Size/MD5: 1226 3a8eb42c55eb55163497543c39f23124 Size/MD5: 4848424 9e3e1dee4d872fdff0682041198d3d73 Architecture independent packages: Size/MD5: 1080428 2a130e02392de2ce721ac25a9a71ef0f amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 37202 8a68cf9bfa98bda7cf30f6bfba41dd2e Size/MD5: 89510 e721173ffa8c31fc92703b908140e84c Size/MD5: 2034862 f512c15b34be6e169e9f947ca916ca93 Size/MD5: 60018 4f4e8635956b4b882074cc2760ebcb5e Size/MD5: 46878 197a3efe70b9864efe397bb27e455933 Size/MD5: 152008 c05765a56717613f12ca4e47dd751864 Size/MD5: 186748 03cda4eef301db2a8f2cb6f5344c9f02 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 36480 6742a1d19a47e85b583bfc6cc8e5bef1 Size/MD5: 86482 33d1e6cc218245db992e2b8337d63fad Size/MD5: 2018562 6217c3d4a08b575b0fd01a2f0b6d9965 Size/MD5: 58836 228f15292895fb6714cf83ac08376530 Size/MD5: 46256 a2a663a767af4beccac469b36af692b4 Size/MD5: 145696 099603137d153ed2f50e0154fde6811f Size/MD5: 183548 69d7d5292ed78f5a5dca16d9be7d9ebe lpia architecture (Low Power Intel Architecture): Size/MD5: 36670 2f95875950737fb3b29d8170e0e842be Size/MD5: 88296 51a1b00b3aa778300d6be240ca814448 Size/MD5: 2021580 ec2e3b013c825e7b1c269778d722c41f Size/MD5: 59622 38519a455e3dca46fdc55980903ef527 Size/MD5: 47694 2a305b565e33a52d5cfe71bb09d3fbc0 Size/MD5: 142418 b0423e069760ca141c0e73f07b7049fb Size/MD5: 181750 8e286ae296e7b3fd216d7137a4c21c19 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 46502 a1296168b5d3706b8870d2aca19cfc4a Size/MD5: 107760 d98d3f88cf3706b28ca9706e4f21897e Size/MD5: 2099848 088263da7a0baba49e4b28f000070cdf Size/MD5: 59484 85a44c9e70aadd41bdcb9401af938361 Size/MD5: 51846 4442245f4cf71913bbd642f5185f93a0 Size/MD5: 146944 ca2f12efe3d8b1ef0711019a6f4be4a3 Size/MD5: 192530 47b0cc559fb4548701addb4e389beda1 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 37568 441cbf24d055107a408220ea945357e6 Size/MD5: 89612 42f545e2092863afc31a6beb921ba803 Size/MD5: 2061116 df2be5541017e5a11f265dc0420d1de4 Size/MD5: 58094 4602a5ee17eae8d0769901ffff089eac Size/MD5: 45560 fce319567830955760626e98a52bd9e0 Size/MD5: 148474 0fa2f0010fbd4b08d91b1c62765ed46e Size/MD5: 182570 ef1eec9c88b499b3cea8742fc31d8edf Updated packages for Ubuntu 8.04 LTS: Source archives: Size/MD5: 134438 a4a1876673e461e35cfec8952ca054f5 Size/MD5: 1441 2ced31d2fde396439410f30e758d7db2 Size/MD5: 4700333 383e556d9841475847da6076c88da467 Architecture independent packages: Size/MD5: 1144166 4893a05510da7c9b5434d00fc29e455f amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 37532 480443df9d0723c844c0c0f6408169a2 Size/MD5: 899780d287573cdcc4701998ce53af56dd3f9 Size/MD5: 1880612 2314ea0930f6d00794e0176916b6da35 Size/MD5: 60906 9042974135c36a37171a424b7d4a202d Size/MD5: 50368 3cd1eb8125943eaa9ee6dde601f4422e Size/MD5: 344934 c5aec8c571564cbd0c895145a875d02a Size/MD5: 177930 36d56cb0664534f425871d13d77e4b1a i386 architecture (x86 compatible Intel/AMD): Size/MD5: 36968 6f01ef27169dfc9aa944c5049acbbe63 Size/MD5: 88402 dd874fead670a6d57e90176ad1facc94 Size/MD5: 1863008 ff961e2dbb46de7be8722d88178a38e6 Size/MD5: 60100 0881e753bb681af3463d6ed8d11c09cf Size/MD5: 49846 07a541a01b7e231c9988e779a3f602d0 Size/MD5: 339346 d5efe383bc97ce56837e36806bfba341 Size/MD5: 174778 a578d4f7a0fe9195167e7a0cafc37974 lpia architecture (Low Power Intel Architecture): Size/MD5: 36678 3176e400d418ca744825919b30d1a248 Size/MD5: 88752 998f5ae89f57c5a3874a2bec71f435af Size/MD5: 1865256 715aafc333b7d070b516950843cdf664 Size/MD5: 60548 39aa25aae6614a78a0b3c29e30d464f9 Size/MD5: 50860 1ba114f3487de2725c3704efbaf6a5c5 Size/MD5: 337010 98f33df59e831f8213370b533c9a6f7b Size/MD5: 173708 dca1c947f9af44e5d4c6bc2c604aa371 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 46930 5baf8d502a2bdca9954d98a542e92f1b Size/MD5: 110824 b0aab96be927c4d4924df4c45049f8a0 Size/MD5: 1949124 d53346f89338971030ed9a202726849c Size/MD5: 59928 0c7f0193cfee10e401ca8304bc6a20bb Size/MD5: 54930 694817b2babba26327d4b021a36f938a Size/MD5: 341674 78be76c752899ff02d96f7d9f4c8cbc1 Size/MD5: 183682 2dfb517ad5388b6471fc3f33148110c7 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 38030 018dbd428bea31bff3efe42c650ab930 Size/MD5: 91034 0cdf41119c49465205ec9d85e0fcedcb Size/MD5: 1897932265d337f28fada008fdf22034c76d43b Size/MD5: 57852 5ebf07d4d87d5c0ba46bb52b0cabe6bd Size/MD5: 48224 ed14b7888ad80c70678b20881c6b9606 Size/MD5: 341382 ed914dcee1d36a7437ebdb46d44fba62 Size/MD5: 173608 98ee538398dcf7c112099d3e398b686e Updated packages for Ubuntu 8.10: Source archives: Size/MD5: 328034 b25d444f40ebc1f17984cb538172480c Size/MD5: 2043 3b36a5cadfe85ed62bf8b28de6ec7591 Size/MD5: 4809771 e6f2d90491ed050e5ff2104b617b88ea Architecture independent packages: Size/MD5: 1162340 88ad6900549400af9f75f927227d45cb Size/MD5: 57652 7a33348b800c156e43a83e9083436bd5 Size/MD5: 57660 6c89ff2b1f7fe264b5caaaf986b36d9c Size/MD5: 57652 ee1e3c3d68c190281678d7c1e7adadc9 Size/MD5: 57656 2e8d25c423fbc2e265b0d56633ebc67d Size/MD5: 57670 b0c0e0f336be70d0c458b45936f98d0d Size/MD5: 4530 23fb36af369fe018cd11fb3291dcc3cc Size/MD5: 57656 46de04530c997f729b7dce967559c8b3 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 37318 7c4c4cadb4f9b7f6e2c6080b790e6ee1 Size/MD5: 119788 72cab9079aeefee51e09a3b31ae592fa Size/MD5: 1682518 3180c4e3fa3d5cfe0b2b894898485fdd Size/MD5: 2172420 d7928f5c71b128511a0864db35ba6fe9 Size/MD5: 352208 ba6478c9d8f3712b0c1e648e48bbb0c3 Size/MD5: 172690 b2f7befc45ccf3bcd176186f9c48ceb1 Size/MD5: 61404 a16ecd777aca26b88c24d16b69e5f193 Size/MD5: 52392 7a9f6aabf047ad3225f8ec44d2fb5540 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 36216 b4999abd3bf22b2963db0969b40da8e1 Size/MD5: 115352 9ec804831b4557a4ada56602384ecc39 Size/MD5: 1542016 c120e8f977f4b19be21e3b3067ca0df5 Size/MD5: 2139174 18db7072b040bc4f3319b3b51361a239 Size/MD5: 345996 53a7bdb95ee0b5d3b0f96c463710dadd Size/MD5: 169534efa2f12acaf19bfab23d60478b5586cd Size/MD5: 60536 ceb4ded5423c0a25ddcc924d29e390f5 Size/MD5: 51750 cf8f8190d6281a5881b8cc1922035758 lpia architecture (Low Power Intel Architecture): Size/MD5: 36030 95ca36c48f733f3d709e94c2202e97db Size/MD5: 114514 c44f5a21e630c130008be55aa258cb42 Size/MD5: 1571226 37ce539f88c38ba11a89515ddc188d2c Size/MD5: 2135890 46cb00e52f60f8adc58496bc550a5ad9 Size/MD5: 342976 e14329c1e782470735f35422c592b473 Size/MD5: 167800 9cbad1fe09d9904ae6e026987d85731a Size/MD5: 60672 8a5ca81cd3803ad98afe963360242177 Size/MD5: 52440 07bf6935608f398215f2880d5be9fd25 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 43578 6876bb9233cf8352dfbf66bc95ddf7e9 Size/MD5: 138186 b3868a2e0d935a95e9083773859f1cbe Size/MD5: 1663458 2bf2dae0699cf7dc45889dc678f20fcc Size/MD5: 2264178 b5b51d8116a46689275f98ea94e946af Size/MD5: 347972 af66fd54a390946c7b676cf54cb6e22e Size/MD5: 176964 0605e8b21a449afea97a3f5060af63e1 Size/MD5: 61336 79c4d467e37c334effe0b5ee31238901 Size/MD5: 57492 a6d2f97d74132b1f2a40599398ecd9b1 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 37220 31f862d50b31324596054730ea09f7d3 Size/MD5: 117632 b594a8cb5b194fef18a0393968fe0736 Size/MD5: 1490260 01fcb6d2d1c062dcdfd6cde440ef2a98 Size/MD5: 2200956 ebfffd46f41befdda3e30e3cb1ab521e Size/MD5: 344800 6192418a2f2625f81551e9839d1187b4 Size/MD5: 165706 5804589b4f9bcc3bf016e3394f7acb7f Size/MD5: 57906 34fef3b4e0a01df4a76c92768a8c292e Size/MD5: 49792 24e09a0af0155fd8a13ca3f1db035c6d . A crucial advisory for Ubuntu highlights vulnerabilities in CUPS that could enable DoS attacks, disrupting services. Users should apply recommended updates promptly to enhance security. CUPSVulnerabilities, Ubuntu Security Update, Denial of Service, Local User Exploit, Software Upgrade. . Severity: Critical. LinuxSecurity.com Team
Jan 12, 2009
•Critical
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!