-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCgAGBQJSnjdkAAoJEAUvNnAY1cPYmQ0P/i2gmMxphjUd530tWgkl1ETs
GA3/m4f+VwH0tk0MmTb88u9eeH4Hg/qNC9AF7hNGntx1BFoheKLvk0pUNX23G2Sc
swfsnRgVFWPeOSM2N8jVdocsIXlQaEACxBmdQIIKVZstgY7gTmhvBd2AiKfH/6gI
3puqH4eczdwVUbVl23R+siOa38JID5/zAy32pd0LOkHPcMFI/y6JLq1KFvkUZYI4
gkdTQeCR452ZpLgfhg/HUG9Jd4i7g2pzb2qP0JI7qUsW43U9Ds50IFL+LnhV8pIz
ZaX9k8EGOrF3YbHT8HfzyOPEupPgZnUi8zSWYn7Ha9XagUxjNlv7fMCE79SEb1fz
MMYZvhyL/fIlg7zdz/XkM61nbrAkf/W1lgLBTxrQh9/YqCmKLJbP1s/271RiLn2z
9THZhp0ZtlqB5i8+EvMdfeqFlPBtt0NTX35S8dZFdXS1uugr7qoJ/1+dsmxpL6vB
FqJksyF1P2u3adsMpv6kqOX8SDVJUZ1dUkg8bZ5cQHTepYwEOAzArx8hghTgI0EA
KsQxc4Da5US1qScDhPDkpDWVkSoiBeL4odIaS2iibn0Zp3Y7e3o9mGo25OD5JYzG
XzbCtrIu5a3YHBODpx+Ant6HkrH/Y6BxSXZXN5KH/+vfGZOb0fBKd+smhxNrXCOf
sCgNgRoTC0lRiH4Dw1fS
=9L7R
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2040-1
December 03, 2013
linux-lts-quantal vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
Summary:
Several security issues were fixed in the kernel.
Software Description:
- linux-lts-quantal: Linux hardware enablement kernel from Quantal
Details:
A flaw was discovered in the Linux kernel's dm snapshot facility. A remote
authenticated user could exploit this flaw to obtain sensitive information
or modify/corrupt data. (CVE-2013-4299)
Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP
Fragmenttation Offload (UFO). An unprivileged local user could exploit this
flaw to cause a denial of service (system crash) or possibly gain
administrative privileges. (CVE-2013-4470)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
linux-image-3.5.0-44-generic 3.5.0-44.67~precise1
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.
References:
http://www.ubuntu.com/usn/usn-2040-1
CVE-2013-4299, CVE-2013-4470
Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-quantal/3.5.0-44.67~precise1
No comments:
Post a Comment