Saturday, July 5, 2014

[USN-2272-1] Linux kernel (Trusty HWE) vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJTuD7DAAoJEAUvNnAY1cPYyfYQAJQoxv3v+TLd39K/mmuB3pfO
Fu+7dlelpd16hYAKefH0SZ1CFFCt6LtfdH46xru4kCc6twqKcw1QCsTRlEAQCZqL
VG36eozCGqX56Ef4BPjI71PkeDdwMswkrZGkH6mbuG0Fswyly6ivjHuue4r+GI68
DLdfY5P+Rn8EJSArgY8iHFG6s7TY17l9z423rBys8oq2qrG6Ap7fLwOruZXKpOni
tYMtZgetCTp6P9PVc5pnt89X/3ODCrLXD2mWJT1RwQimPvUiTxpNksdiF3t1DRTm
si+p6DO+jzS8nGtNCI4oCJ42sy/09MPyzjcfo8fJRpCeemSzOfFpVv6bDWrgyUFG
ukCzYu7NXqN/mAD0QN8HBIOHp3Urxon9ZdnRm5MUDoYXxVWIBzATm02B6JCetJoV
ljnHDF1hpGTaF8JHYzZunTMoKrCKWLW38sMv08j533mZkNlMP/bFjJ8V98vV8F4L
/rvPRhe+oegFAmSMeN6CwJkk/xWLvqoI1jHuUhB48A7jAdOQI7FQmzN71ADSscJT
176G82crzJXYjtcr9EhCRL6sEw5VMTjW45qoqYM8bMucHPakTWXHeMQtm2ft+iwe
mYxobJ3IdXk+jAoM6RK5avbNlR0yizWQLWwCBMP+z7lbc3nDIDQryCSeULRb2raI
me7rNaLWN5tghlGNHoF3
=Gbvz
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2272-1
July 05, 2014

linux-lts-trusty vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

The system could be made to crash or run programs as an administrator.

Software Description:
- linux-lts-trusty: Block storage devices (udeb)

Details:

Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on
x86_64 processors. An attacker could exploit this flaw to cause a denial of
service (System Crash) or potential gain administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.13.0-30-generic 3.13.0-30.55~precise1
linux-image-3.13.0-30-generic-lpae 3.13.0-30.55~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2272-1
CVE-2014-4699

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-trusty/3.13.0-30.55~precise1

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)