Saturday, July 5, 2014

[USN-2271-1] Linux kernel (Saucy HWE) vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJTuD6nAAoJEAUvNnAY1cPYbY0P/A65oY9m+0MqLssoWmKfMlDH
Xohe3230Kq+9nstsnVaXUUXjvAQgd+pqkcERSb5VWnUL2pRQcBju6nBs+0Z78iLp
CGLpsH2K7jnk4C1i5d5Cl6IDFxDJPPxEjvhN453emv0IGzsYGYeXfYnUUD1GBKyu
SaPX7k6dTjTEmX4ChwxEmW+hp2wDUKXVdZJZ7Q7AEMcvoCtR7R0l6zY2TW6iNMK6
fRhs10Nb+K5nohtV+1no1cIU3FqONxsd7EkeyR8c3ne1ZUhX5gB/Em4bn59lZkvw
ySMVr2qiXWnnwKYqwZTzWxiGozK2uVqQqyaYQrTcksEIweAIUpf8sVok8EoabP4g
2Bv7B5iIPtb5slVl9po4lBscba1qZX5shTROqYnWi+0OYnb13XgxCVrgii4wmeWq
HDifsU1q9w4QGvsz+P6l6qZ7V615P44bYfFJZUMLQEM+HVhRJ0ye7VVVSkA7Yckf
I5fJtWkvHfI07ZGiRX4+63dOByFr0yzUnQr0gjtVAtzHNDXhxwg7OtIivFQDEX8N
r4Cjd+IQIpee4VxfbzH7r1uJB58ERdXK6SME3dd0kseWhsjWM0fIbUxqLc2ocp5o
MUgZC+65ieggj+2se7K6m2uTkKYLLYS9oPDZyJM1+Ln0ktFLPxGe73Cch+t4pjYm
jXvWfBhx4opTUKpu2gNG
=fVw/
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2271-1
July 05, 2014

linux-lts-saucy vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

The system could be made to crash or run programs as an administrator.

Software Description:
- linux-lts-saucy: Linux hardware enablement kernel from Saucy

Details:

Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on
x86_64 processors. An attacker could exploit this flaw to cause a denial of
service (System Crash) or potential gain administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.11.0-24-generic 3.11.0-24.42~precise1
linux-image-3.11.0-24-generic-lpae 3.11.0-24.42~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2271-1
CVE-2014-4699

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-saucy/3.11.0-24.42~precise1

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)