Tuesday, January 15, 2013

[USN-1689-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJQ9RtGAAoJEAUvNnAY1cPYXN0QALziufT257eEppwokI3/uunR
zIPa0fZOrxZrRbJ4mgzOiO848cKNrGedTfZRsNBzNELSOrMaLnHEbegJ1pEmSDUt
GX1PaqJEunYjPZ/jeeCCz4qB0dORu8pMOEqE9WD+gOhUB0QlznJhE3SqVKQVGMuq
USB9ywNk+ztmYpIFiAT6Df3cbnL/y2Uim/8VjqG2gPdegzz348qhUZ03lX7bfK+s
hZ7moVYL0Y/Dlx9V3Iza2i4+Z5dAE276iGsYEg0JNCA7DvGIV27SsExUk4beM43l
Md2cVyh4sRVhrofCDRzxUpt1R8O/2M4Qx3fYg6g/eUsgSUfwizySjIV1Oal3hK6u
uKSQpqgDY9YZMTz1WC7ES6W4jtm01PcXiRIxQcUM3aQ8JA2iTpNzGwMP2bzm0dQW
PW3cby+oyqBCWHHc5FJ9nFdubSXukldoHr8w9e25KpdTeiGAbYNrn6+wVghTbPBh
zv0I0fFgUbre8439H2Z3yuMvvmEvAVhHSFc+47EJ/0BT0I36uIxYmdXtMvjkZlnM
JV1m67nX33JebXCzxa0eSgOqzDBeQK02oROC0df9yozWBGWJBVPdiIjvciUsnOHT
cXLiM0BkjPthlPVrZEbFVmHh1MmhGxtAZAaAuN7ys9+XPQFpyRe4VdHqVgtUhrq9
IOXqNdUMEsnqpTf5Algy
=2Cfn
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1689-1
January 15, 2013

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual
machine) subsystem's handling of the XSAVE feature. On hosts, using qemu
userspace, without the XSAVE feature an unprivileged local attacker could
exploit this flaw to crash the system. (CVE-2012-4461)

A flaw was discovered in the Linux kernel's handling of script execution
when module loading is enabled. A local attacker could exploit this flaw to
cause a leak of kernel stack contents. (CVE-2012-4530)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.10:
linux-image-3.0.0-30-generic 3.0.0-30.47
linux-image-3.0.0-30-generic-pae 3.0.0-30.47
linux-image-3.0.0-30-omap 3.0.0-30.47
linux-image-3.0.0-30-powerpc 3.0.0-30.47
linux-image-3.0.0-30-powerpc-smp 3.0.0-30.47
linux-image-3.0.0-30-powerpc64-smp 3.0.0-30.47
linux-image-3.0.0-30-server 3.0.0-30.47
linux-image-3.0.0-30-virtual 3.0.0-30.47

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1689-1
CVE-2012-4461, CVE-2012-4530

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.0.0-30.47

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)