https://fedoraproject.org/wiki/Changes/Power_Profiles_Daemon
== Summary ==
We will install power-profiles-daemon in Fedora Workstation and enable
it by default. power-profiles-daemon allows the user to choose between
optimizing for system performance or battery life.
== Owner ==
* Name: [[User:Hadess| Bastien Nocera]]
* Email: bnocera@redhat.com
* Name: [[User:Catanzaro|Michael Catanzaro]]
* Email: mcatanzaro@redhat.com
* Name: [[User:Ngompa|Neal Gompa]]
* Email: ngompa13@gmail.com
== Detailed Description ==
From the upstream README:
power-profiles-daemon offers to modify system behaviour based upon
user-selected power profiles. There are 3 different power profiles, a
"balanced" default mode, a "power-saver" mode, as well as a
"performance" mode. The first 2 of those are available on every
system. The "performance" mode is only available on select systems and
is implemented by different "drivers" based on the system or systems
it targets.
In addition to those 2 or 3 modes (depending on the system), "actions"
can be hooked up to change the behaviour of a particular device. For
example, this can be used to disable the fast-charging for some USB
devices when in power-saver mode.
GNOME's Settings and shell both include interfaces to select the
current mode, but they are also expected to adjust the behaviour of
the desktop depending on the mode, such as turning the screen off
after inaction more aggressively when in power-saver mode.
== Feedback ==
<!-- Summarize the feedback from the community and address why you
chose not to accept proposed alternatives. This section is optional
for all change proposals but is strongly suggested. Incorporating
feedback here as it is raised gives FESCo a clearer view of your
proposal and leaves a good record for the future. If you get no
feedback, that is useful to note in this section as well. For
innovative or possibly controversial ideas, consider collecting
feedback before you file the change proposal. -->
== Benefit to Fedora ==
Shipping power-profiles-daemon enables GNOME to display and offer
users the ability to adjust configuration related to power management
similar to other operating systems, which can improve the quality of
the on-battery experience (with respect to longevity of operating on
battery power).
== Scope ==
* Proposal owners: Add Recommends: power-profiles-daemon to
gnome-control-center package. Add systemd preset to fedora-release.
* Other developers: N/A (not needed for this Change)
* Release engineering: N/A (not needed for this Change)
* Policies and guidelines: N/A (not needed for this Change)
* Trademark approval: N/A (not needed for this Change)
* Alignment with Objectives: Nope.
== Upgrade/compatibility impact ==
power-profiles-daemon will be installed on upgrade to Fedora 35 if
gnome-control-center is installed. Since the default power profile is
the balanced mode, users should not notice performance changes (sans
bugs), but the option to manually select either performance or power
saving mode will now be present.
== How To Test ==
Visit the Power settings panel in gnome-control-center and switch
between performance, balanced, and power save mode. Look for
unexpected behavior changes over long periods of time. For example,
selecting Performance mode should improve system performance but
reduce battery life. Selecting power save mode should reduce
performance but increase battery life. Selecting balanced mode should
not change anything.
The selected power save mode should persist across system reboots.
== User Experience ==
GNOME Control Center will show a new section in the Power page giving
users the option to select power modes:
* Balanced (the default)
* Performance (to maximize performance)
* Power saver (to maximize battery life)
User selection of these profiles will set various tunables to meet the
needs as described in the profiles.
== Dependencies ==
gnome-control-center depends on power-profiles-daemon to offer power
saving options. If not installed, these options will not be present in
the power panel.
== Contingency Plan ==
* Contingency mechanism: we can easily remove the Recommends: in
gnome-control-center or the preset in fedora-release if necessary.
* Contingency deadline: N/A (not a System Wide Change)
* Blocks release? No
== Documentation ==
The only documentation is the upstream project README:
https://gitlab.freedesktop.org/hadess/power-profiles-daemon/-/blob/main/README.md
== Release Notes ==
Fedora Workstation now ships with power-profiles-daemon installed and enabled.
--
Ben Cotton
He / Him / His
Fedora Program Manager
Red Hat
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Friday, July 23, 2021
Thursday, July 22, 2021
[USN-5021-1] curl vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5021-1
July 22, 2021
curl vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in curl.
Software Description:
- curl: HTTP, HTTPS, and FTP client and client libraries
Details:
Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled
TELNET connections when the -t option was used on the command line.
Uninitialized data possibly containing sensitive information could be sent
to the remote server, contrary to expectations. (CVE-2021-22898,
CVE-2021-22925)
Harry Sintonen discovered that curl incorrectly reused connections in the
connection pool. This could result in curl reusing the wrong connections.
(CVE-2021-22924)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
curl 7.74.0-1ubuntu2.1
libcurl3-gnutls 7.74.0-1ubuntu2.1
libcurl3-nss 7.74.0-1ubuntu2.1
libcurl4 7.74.0-1ubuntu2.1
Ubuntu 20.04 LTS:
curl 7.68.0-1ubuntu2.6
libcurl3-gnutls 7.68.0-1ubuntu2.6
libcurl3-nss 7.68.0-1ubuntu2.6
libcurl4 7.68.0-1ubuntu2.6
Ubuntu 18.04 LTS:
curl 7.58.0-2ubuntu3.14
libcurl3-gnutls 7.58.0-2ubuntu3.14
libcurl3-nss 7.58.0-2ubuntu3.14
libcurl4 7.58.0-2ubuntu3.14
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5021-1
CVE-2021-22898, CVE-2021-22924, CVE-2021-22925
Package Information:
https://launchpad.net/ubuntu/+source/curl/7.74.0-1ubuntu2.1
https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.6
https://launchpad.net/ubuntu/+source/curl/7.58.0-2ubuntu3.14
Ubuntu Security Notice USN-5021-1
July 22, 2021
curl vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in curl.
Software Description:
- curl: HTTP, HTTPS, and FTP client and client libraries
Details:
Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled
TELNET connections when the -t option was used on the command line.
Uninitialized data possibly containing sensitive information could be sent
to the remote server, contrary to expectations. (CVE-2021-22898,
CVE-2021-22925)
Harry Sintonen discovered that curl incorrectly reused connections in the
connection pool. This could result in curl reusing the wrong connections.
(CVE-2021-22924)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
curl 7.74.0-1ubuntu2.1
libcurl3-gnutls 7.74.0-1ubuntu2.1
libcurl3-nss 7.74.0-1ubuntu2.1
libcurl4 7.74.0-1ubuntu2.1
Ubuntu 20.04 LTS:
curl 7.68.0-1ubuntu2.6
libcurl3-gnutls 7.68.0-1ubuntu2.6
libcurl3-nss 7.68.0-1ubuntu2.6
libcurl4 7.68.0-1ubuntu2.6
Ubuntu 18.04 LTS:
curl 7.58.0-2ubuntu3.14
libcurl3-gnutls 7.58.0-2ubuntu3.14
libcurl3-nss 7.58.0-2ubuntu3.14
libcurl4 7.58.0-2ubuntu3.14
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5021-1
CVE-2021-22898, CVE-2021-22924, CVE-2021-22925
Package Information:
https://launchpad.net/ubuntu/+source/curl/7.74.0-1ubuntu2.1
https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.6
https://launchpad.net/ubuntu/+source/curl/7.58.0-2ubuntu3.14
[FreeBSD-Announce] UPC: Ihre Rückerstattungsanfrage ist abgelaufen.
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
[CentOS-announce] CESA-2021:2784 Important CentOS 7 java-11-openjdk Security Update
CentOS Errata and Security Advisory 2021:2784 Important
Upstream details at : https://access.redhat.com/errata/RHSA-2021:2784
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
a2e3eec180d90a42cea830a8b5f0fa6890394a9b51d4349667c8010da5d2d418 java-11-openjdk-11.0.12.0.7-0.el7_9.i686.rpm
f8d118dd0c38e6be586da71c24bb8639d30d388d9b57e276ec52b9ac2f649ead java-11-openjdk-11.0.12.0.7-0.el7_9.x86_64.rpm
c1a1ba3ae8f745008a0b7e5c0e4663241db1a386d16bd54eef846e125686ceba java-11-openjdk-demo-11.0.12.0.7-0.el7_9.i686.rpm
708f19a2413ea0ae0ab9a7619a05c06675c69004d477b56b71ac6ec988ee1cc4 java-11-openjdk-demo-11.0.12.0.7-0.el7_9.x86_64.rpm
1a762e2d8882a0c051d0a322eb97ba3c2fbdb843e16699bb702cecd284f238fa java-11-openjdk-devel-11.0.12.0.7-0.el7_9.i686.rpm
5b9c35a49f05bdae1d6d9ae13688adb2f1aa9eed15604ea80e3126af3ad89c77 java-11-openjdk-devel-11.0.12.0.7-0.el7_9.x86_64.rpm
155a01df2abb9e5b0463d2bbe0314d3147245d1540cc0e5026de16abc670d0e6 java-11-openjdk-headless-11.0.12.0.7-0.el7_9.i686.rpm
f1402f59f4309e9a2ad497a9699c098b61381170de7f600a6a7636db589400d5 java-11-openjdk-headless-11.0.12.0.7-0.el7_9.x86_64.rpm
49275f52aa1c71edc688e6802a1f2c8b136594807077f4aa90e4e2686edd8ddb java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.i686.rpm
f3c1504a0f9e8be3e261212092e89009d8b01f3fe0f1804ed10e767846e87d26 java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.x86_64.rpm
d17d23e9f3e2cd89c98f84ba07345a6c51f1dc3d67f5d52d483e6f2ed2d93751 java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.i686.rpm
4c7a4b1402ce62b471994dd364f3e883167ad5ba8ebba01d67f8ceee2f63d6a5 java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.x86_64.rpm
2596d8e58b7977e350ac45b39a8c22507bf5f23a48e5c5af3025b81016622b58 java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.i686.rpm
b346f29da69c21241a449decf0f47b1117502c6f136b70a23a24f1438e919766 java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.x86_64.rpm
f544bc64d6a690d2e5853b042cb5a8c7eb50879dacd1acf3c3eca69966d25370 java-11-openjdk-src-11.0.12.0.7-0.el7_9.i686.rpm
c55fbad2b511346ebf2a848c75861a87c98b38738226ac74429144324281ef52 java-11-openjdk-src-11.0.12.0.7-0.el7_9.x86_64.rpm
8f21403b3615c8a3c67833bcb49d11b4c3b80d768a6bdba42abe5d2b299d9cb3 java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.i686.rpm
8319e904c4b86f6892579492778456a31dcdbb29d4f7b62060dba26486be2a85 java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.x86_64.rpm
Source:
31ba75ab61265b2d9377e08747ee05ef445f4fb160a5d4e4f4d2d1b1bcb78b56 java-11-openjdk-11.0.12.0.7-0.el7_9.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2021:2784
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
a2e3eec180d90a42cea830a8b5f0fa6890394a9b51d4349667c8010da5d2d418 java-11-openjdk-11.0.12.0.7-0.el7_9.i686.rpm
f8d118dd0c38e6be586da71c24bb8639d30d388d9b57e276ec52b9ac2f649ead java-11-openjdk-11.0.12.0.7-0.el7_9.x86_64.rpm
c1a1ba3ae8f745008a0b7e5c0e4663241db1a386d16bd54eef846e125686ceba java-11-openjdk-demo-11.0.12.0.7-0.el7_9.i686.rpm
708f19a2413ea0ae0ab9a7619a05c06675c69004d477b56b71ac6ec988ee1cc4 java-11-openjdk-demo-11.0.12.0.7-0.el7_9.x86_64.rpm
1a762e2d8882a0c051d0a322eb97ba3c2fbdb843e16699bb702cecd284f238fa java-11-openjdk-devel-11.0.12.0.7-0.el7_9.i686.rpm
5b9c35a49f05bdae1d6d9ae13688adb2f1aa9eed15604ea80e3126af3ad89c77 java-11-openjdk-devel-11.0.12.0.7-0.el7_9.x86_64.rpm
155a01df2abb9e5b0463d2bbe0314d3147245d1540cc0e5026de16abc670d0e6 java-11-openjdk-headless-11.0.12.0.7-0.el7_9.i686.rpm
f1402f59f4309e9a2ad497a9699c098b61381170de7f600a6a7636db589400d5 java-11-openjdk-headless-11.0.12.0.7-0.el7_9.x86_64.rpm
49275f52aa1c71edc688e6802a1f2c8b136594807077f4aa90e4e2686edd8ddb java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.i686.rpm
f3c1504a0f9e8be3e261212092e89009d8b01f3fe0f1804ed10e767846e87d26 java-11-openjdk-javadoc-11.0.12.0.7-0.el7_9.x86_64.rpm
d17d23e9f3e2cd89c98f84ba07345a6c51f1dc3d67f5d52d483e6f2ed2d93751 java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.i686.rpm
4c7a4b1402ce62b471994dd364f3e883167ad5ba8ebba01d67f8ceee2f63d6a5 java-11-openjdk-javadoc-zip-11.0.12.0.7-0.el7_9.x86_64.rpm
2596d8e58b7977e350ac45b39a8c22507bf5f23a48e5c5af3025b81016622b58 java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.i686.rpm
b346f29da69c21241a449decf0f47b1117502c6f136b70a23a24f1438e919766 java-11-openjdk-jmods-11.0.12.0.7-0.el7_9.x86_64.rpm
f544bc64d6a690d2e5853b042cb5a8c7eb50879dacd1acf3c3eca69966d25370 java-11-openjdk-src-11.0.12.0.7-0.el7_9.i686.rpm
c55fbad2b511346ebf2a848c75861a87c98b38738226ac74429144324281ef52 java-11-openjdk-src-11.0.12.0.7-0.el7_9.x86_64.rpm
8f21403b3615c8a3c67833bcb49d11b4c3b80d768a6bdba42abe5d2b299d9cb3 java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.i686.rpm
8319e904c4b86f6892579492778456a31dcdbb29d4f7b62060dba26486be2a85 java-11-openjdk-static-libs-11.0.12.0.7-0.el7_9.x86_64.rpm
Source:
31ba75ab61265b2d9377e08747ee05ef445f4fb160a5d4e4f4d2d1b1bcb78b56 java-11-openjdk-11.0.12.0.7-0.el7_9.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2021:2725 Important CentOS 7 kernel Security Update
CentOS Errata and Security Advisory 2021:2725 Important
Upstream details at : https://access.redhat.com/errata/RHSA-2021:2725
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
e07580dc20cee29ddae2c26b7d4782a6e7671477d7f4ae210d2cef6cc71555cb bpftool-3.10.0-1160.36.2.el7.x86_64.rpm
91d2cf4d7a40fe66ba14583d4d5f045850fefc8b26b7e0adc2634f5ec9f9a775 kernel-3.10.0-1160.36.2.el7.x86_64.rpm
6ce4b480a292b7fa51c31777377a1711c2537597c5cf02d8aa14b345321b67bf kernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch.rpm
1cd93bcccbab328b508e869ff3ceeaa30e1ab5ac781b7a6c3b91207832226025 kernel-debug-3.10.0-1160.36.2.el7.x86_64.rpm
5ec120d1c66453ab1a85e5107b0b4457686f595cf2e8dfc5ca04adcec4f0ade0 kernel-debug-devel-3.10.0-1160.36.2.el7.x86_64.rpm
ba5a53ea9bd2aff2765fd9fc38a3f75ecd5d3e617e1c2cb85f6a9a793063506c kernel-devel-3.10.0-1160.36.2.el7.x86_64.rpm
28f85ca5b6e7c2b1e3ab7c4b31675583e8a72c18188f86f288a9a9bc046a202c kernel-doc-3.10.0-1160.36.2.el7.noarch.rpm
68cfd2b5e2aa6b9bad7a4040def6ccec2aa6ca31c6acf4758e98b507e8efc105 kernel-headers-3.10.0-1160.36.2.el7.x86_64.rpm
53ebea1b387c7333eb49334b5bf8e867d5307742f502d7d40091abe8eb42387b kernel-tools-3.10.0-1160.36.2.el7.x86_64.rpm
c3571b20ed80af5bcdad26c4ffded5902a413e69a9f36e66ea22eb7f0b7343be kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64.rpm
d0f3c1d37d812e6fbf2b4e853fb66fd0ffe2a908b0bd0749ea1f99b53198ad71 kernel-tools-libs-devel-3.10.0-1160.36.2.el7.x86_64.rpm
cc99796988903240582ca2234451a6b7eaa5f9534e910f4f9838cbd024cc7b0a perf-3.10.0-1160.36.2.el7.x86_64.rpm
d1779b88b2029c7b3cd102334127e7013a0a71479581fd2f04f0d23bbc8a0463 python-perf-3.10.0-1160.36.2.el7.x86_64.rpm
Source:
e82932562eb31affee526927b3cbc2280750983a88182a0fcc49e511e6836691 kernel-3.10.0-1160.36.2.el7.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2021:2725
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
e07580dc20cee29ddae2c26b7d4782a6e7671477d7f4ae210d2cef6cc71555cb bpftool-3.10.0-1160.36.2.el7.x86_64.rpm
91d2cf4d7a40fe66ba14583d4d5f045850fefc8b26b7e0adc2634f5ec9f9a775 kernel-3.10.0-1160.36.2.el7.x86_64.rpm
6ce4b480a292b7fa51c31777377a1711c2537597c5cf02d8aa14b345321b67bf kernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch.rpm
1cd93bcccbab328b508e869ff3ceeaa30e1ab5ac781b7a6c3b91207832226025 kernel-debug-3.10.0-1160.36.2.el7.x86_64.rpm
5ec120d1c66453ab1a85e5107b0b4457686f595cf2e8dfc5ca04adcec4f0ade0 kernel-debug-devel-3.10.0-1160.36.2.el7.x86_64.rpm
ba5a53ea9bd2aff2765fd9fc38a3f75ecd5d3e617e1c2cb85f6a9a793063506c kernel-devel-3.10.0-1160.36.2.el7.x86_64.rpm
28f85ca5b6e7c2b1e3ab7c4b31675583e8a72c18188f86f288a9a9bc046a202c kernel-doc-3.10.0-1160.36.2.el7.noarch.rpm
68cfd2b5e2aa6b9bad7a4040def6ccec2aa6ca31c6acf4758e98b507e8efc105 kernel-headers-3.10.0-1160.36.2.el7.x86_64.rpm
53ebea1b387c7333eb49334b5bf8e867d5307742f502d7d40091abe8eb42387b kernel-tools-3.10.0-1160.36.2.el7.x86_64.rpm
c3571b20ed80af5bcdad26c4ffded5902a413e69a9f36e66ea22eb7f0b7343be kernel-tools-libs-3.10.0-1160.36.2.el7.x86_64.rpm
d0f3c1d37d812e6fbf2b4e853fb66fd0ffe2a908b0bd0749ea1f99b53198ad71 kernel-tools-libs-devel-3.10.0-1160.36.2.el7.x86_64.rpm
cc99796988903240582ca2234451a6b7eaa5f9534e910f4f9838cbd024cc7b0a perf-3.10.0-1160.36.2.el7.x86_64.rpm
d1779b88b2029c7b3cd102334127e7013a0a71479581fd2f04f0d23bbc8a0463 python-perf-3.10.0-1160.36.2.el7.x86_64.rpm
Source:
e82932562eb31affee526927b3cbc2280750983a88182a0fcc49e511e6836691 kernel-3.10.0-1160.36.2.el7.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Wednesday, July 21, 2021
[USN-5020-1] Ruby vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5020-1
July 21, 2021
ruby2.3, ruby2.5, ruby2.7 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in Ruby.
Software Description:
- ruby2.7: Object-oriented scripting language
- ruby2.5: Object-oriented scripting language
- ruby2.3: Object-oriented scripting language
Details:
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2021-31799)
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to conduct
port scans and service banner extractions. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-31810)
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to perform
man-in-the-middle attackers to bypass the TLS protection.
(CVE-2021-32066)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
libruby2.7 2.7.2-4ubuntu1.2
ruby2.7 2.7.2-4ubuntu1.2
Ubuntu 20.10:
libruby2.7 2.7.1-3ubuntu1.4
ruby2.7 2.7.1-3ubuntu1.4
Ubuntu 20.04 LTS:
libruby2.7 2.7.0-5ubuntu1.5
ruby2.7 2.7.0-5ubuntu1.5
Ubuntu 18.04 LTS:
libruby2.5 2.5.1-1ubuntu1.10
ruby2.5 2.5.1-1ubuntu1.10
Ubuntu 16.04 ESM:
libruby2.3 2.3.1-2~ubuntu16.04.16+esm1
ruby2.3 2.3.1-2~ubuntu16.04.16+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5020-1
CVE-2021-31799, CVE-2021-31810, CVE-2021-32066
Package Information:
https://launchpad.net/ubuntu/+source/ruby2.7/2.7.2-4ubuntu1.2
https://launchpad.net/ubuntu/+source/ruby2.7/2.7.1-3ubuntu1.4
https://launchpad.net/ubuntu/+source/ruby2.7/2.7.0-5ubuntu1.5
https://launchpad.net/ubuntu/+source/ruby2.5/2.5.1-1ubuntu1.10
Ubuntu Security Notice USN-5020-1
July 21, 2021
ruby2.3, ruby2.5, ruby2.7 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in Ruby.
Software Description:
- ruby2.7: Object-oriented scripting language
- ruby2.5: Object-oriented scripting language
- ruby2.3: Object-oriented scripting language
Details:
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2021-31799)
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to conduct
port scans and service banner extractions. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-31810)
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to perform
man-in-the-middle attackers to bypass the TLS protection.
(CVE-2021-32066)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
libruby2.7 2.7.2-4ubuntu1.2
ruby2.7 2.7.2-4ubuntu1.2
Ubuntu 20.10:
libruby2.7 2.7.1-3ubuntu1.4
ruby2.7 2.7.1-3ubuntu1.4
Ubuntu 20.04 LTS:
libruby2.7 2.7.0-5ubuntu1.5
ruby2.7 2.7.0-5ubuntu1.5
Ubuntu 18.04 LTS:
libruby2.5 2.5.1-1ubuntu1.10
ruby2.5 2.5.1-1ubuntu1.10
Ubuntu 16.04 ESM:
libruby2.3 2.3.1-2~ubuntu16.04.16+esm1
ruby2.3 2.3.1-2~ubuntu16.04.16+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5020-1
CVE-2021-31799, CVE-2021-31810, CVE-2021-32066
Package Information:
https://launchpad.net/ubuntu/+source/ruby2.7/2.7.2-4ubuntu1.2
https://launchpad.net/ubuntu/+source/ruby2.7/2.7.1-3ubuntu1.4
https://launchpad.net/ubuntu/+source/ruby2.7/2.7.0-5ubuntu1.5
https://launchpad.net/ubuntu/+source/ruby2.5/2.5.1-1ubuntu1.10
[USN-4336-2] GNU binutils vulnerabilities
==========================================================================
Ubuntu Security Notice USN-4336-2
July 21, 2021
binutils vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in GNU binutils.
Software Description:
- binutils: GNU assembler, linker and binary utilities
Details:
USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that GNU binutils contained a large number of security
issues. If a user or automated system were tricked into processing a
specially-crafted file, a remote attacker could cause GNU binutils to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
binutils 2.26.1-1ubuntu1~16.04.8+esm1
binutils-multiarch 2.26.1-1ubuntu1~16.04.8+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4336-2
https://ubuntu.com/security/notices/USN-4336-1
CVE-2016-2226, CVE-2016-4487, CVE-2016-4488, CVE-2016-4489,
CVE-2016-4490, CVE-2016-4491, CVE-2016-4492, CVE-2016-4493,
CVE-2016-6131, CVE-2017-12448, CVE-2017-12449, CVE-2017-12450,
CVE-2017-12451, CVE-2017-12452, CVE-2017-12453, CVE-2017-12454,
CVE-2017-12455, CVE-2017-12456, CVE-2017-12457, CVE-2017-12458,
CVE-2017-12459, CVE-2017-12799, CVE-2017-12967, CVE-2017-13710,
CVE-2017-14128, CVE-2017-14129, CVE-2017-14130, CVE-2017-14333,
CVE-2017-14529, CVE-2017-14930, CVE-2017-14932, CVE-2017-14938,
CVE-2017-14939, CVE-2017-14940, CVE-2017-15020, CVE-2017-15021,
CVE-2017-15022, CVE-2017-15024, CVE-2017-15025, CVE-2017-15225,
CVE-2017-15938, CVE-2017-15939, CVE-2017-15996, CVE-2017-16826,
CVE-2017-16827, CVE-2017-16828, CVE-2017-16831, CVE-2017-16832,
CVE-2017-17080, CVE-2017-17121, CVE-2017-17123, CVE-2017-17124,
CVE-2017-17125, CVE-2017-6965, CVE-2017-6966, CVE-2017-6969,
CVE-2017-7209, CVE-2017-7210, CVE-2017-7223, CVE-2017-7224,
CVE-2017-7225, CVE-2017-7226, CVE-2017-7227, CVE-2017-7299,
CVE-2017-7300, CVE-2017-7301, CVE-2017-7302, CVE-2017-7614,
CVE-2017-8393, CVE-2017-8394, CVE-2017-8395, CVE-2017-8396,
CVE-2017-8397, CVE-2017-8398, CVE-2017-8421, CVE-2017-9038,
CVE-2017-9039, CVE-2017-9040, CVE-2017-9041, CVE-2017-9042,
CVE-2017-9044, CVE-2017-9742, CVE-2017-9744, CVE-2017-9745,
CVE-2017-9746, CVE-2017-9747, CVE-2017-9748, CVE-2017-9749,
CVE-2017-9750, CVE-2017-9751, CVE-2017-9752, CVE-2017-9753,
CVE-2017-9754, CVE-2017-9755, CVE-2017-9756, CVE-2017-9954,
CVE-2018-1000876, CVE-2018-10372, CVE-2018-10373, CVE-2018-10534,
CVE-2018-10535, CVE-2018-12641, CVE-2018-12697, CVE-2018-12698,
CVE-2018-12699, CVE-2018-12700, CVE-2018-12934, CVE-2018-13033,
CVE-2018-17358, CVE-2018-17359, CVE-2018-17360, CVE-2018-17794,
CVE-2018-17985, CVE-2018-18309, CVE-2018-18483, CVE-2018-18484,
CVE-2018-18605, CVE-2018-18606, CVE-2018-18607, CVE-2018-18700,
CVE-2018-18701, CVE-2018-19931, CVE-2018-19932, CVE-2018-20002,
CVE-2018-20623, CVE-2018-20671, CVE-2018-6323, CVE-2018-6543,
CVE-2018-6759, CVE-2018-7208, CVE-2018-7568, CVE-2018-7569,
CVE-2018-7642, CVE-2018-7643, CVE-2018-8945, CVE-2018-9138,
CVE-2019-12972, CVE-2019-14250, CVE-2019-14444, CVE-2019-17450,
CVE-2019-17451, CVE-2019-9070, CVE-2019-9071, CVE-2019-9073,
CVE-2019-9074, CVE-2019-9075, CVE-2019-9077
Ubuntu Security Notice USN-4336-2
July 21, 2021
binutils vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 ESM
Summary:
Several security issues were fixed in GNU binutils.
Software Description:
- binutils: GNU assembler, linker and binary utilities
Details:
USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that GNU binutils contained a large number of security
issues. If a user or automated system were tricked into processing a
specially-crafted file, a remote attacker could cause GNU binutils to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 ESM:
binutils 2.26.1-1ubuntu1~16.04.8+esm1
binutils-multiarch 2.26.1-1ubuntu1~16.04.8+esm1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-4336-2
https://ubuntu.com/security/notices/USN-4336-1
CVE-2016-2226, CVE-2016-4487, CVE-2016-4488, CVE-2016-4489,
CVE-2016-4490, CVE-2016-4491, CVE-2016-4492, CVE-2016-4493,
CVE-2016-6131, CVE-2017-12448, CVE-2017-12449, CVE-2017-12450,
CVE-2017-12451, CVE-2017-12452, CVE-2017-12453, CVE-2017-12454,
CVE-2017-12455, CVE-2017-12456, CVE-2017-12457, CVE-2017-12458,
CVE-2017-12459, CVE-2017-12799, CVE-2017-12967, CVE-2017-13710,
CVE-2017-14128, CVE-2017-14129, CVE-2017-14130, CVE-2017-14333,
CVE-2017-14529, CVE-2017-14930, CVE-2017-14932, CVE-2017-14938,
CVE-2017-14939, CVE-2017-14940, CVE-2017-15020, CVE-2017-15021,
CVE-2017-15022, CVE-2017-15024, CVE-2017-15025, CVE-2017-15225,
CVE-2017-15938, CVE-2017-15939, CVE-2017-15996, CVE-2017-16826,
CVE-2017-16827, CVE-2017-16828, CVE-2017-16831, CVE-2017-16832,
CVE-2017-17080, CVE-2017-17121, CVE-2017-17123, CVE-2017-17124,
CVE-2017-17125, CVE-2017-6965, CVE-2017-6966, CVE-2017-6969,
CVE-2017-7209, CVE-2017-7210, CVE-2017-7223, CVE-2017-7224,
CVE-2017-7225, CVE-2017-7226, CVE-2017-7227, CVE-2017-7299,
CVE-2017-7300, CVE-2017-7301, CVE-2017-7302, CVE-2017-7614,
CVE-2017-8393, CVE-2017-8394, CVE-2017-8395, CVE-2017-8396,
CVE-2017-8397, CVE-2017-8398, CVE-2017-8421, CVE-2017-9038,
CVE-2017-9039, CVE-2017-9040, CVE-2017-9041, CVE-2017-9042,
CVE-2017-9044, CVE-2017-9742, CVE-2017-9744, CVE-2017-9745,
CVE-2017-9746, CVE-2017-9747, CVE-2017-9748, CVE-2017-9749,
CVE-2017-9750, CVE-2017-9751, CVE-2017-9752, CVE-2017-9753,
CVE-2017-9754, CVE-2017-9755, CVE-2017-9756, CVE-2017-9954,
CVE-2018-1000876, CVE-2018-10372, CVE-2018-10373, CVE-2018-10534,
CVE-2018-10535, CVE-2018-12641, CVE-2018-12697, CVE-2018-12698,
CVE-2018-12699, CVE-2018-12700, CVE-2018-12934, CVE-2018-13033,
CVE-2018-17358, CVE-2018-17359, CVE-2018-17360, CVE-2018-17794,
CVE-2018-17985, CVE-2018-18309, CVE-2018-18483, CVE-2018-18484,
CVE-2018-18605, CVE-2018-18606, CVE-2018-18607, CVE-2018-18700,
CVE-2018-18701, CVE-2018-19931, CVE-2018-19932, CVE-2018-20002,
CVE-2018-20623, CVE-2018-20671, CVE-2018-6323, CVE-2018-6543,
CVE-2018-6759, CVE-2018-7208, CVE-2018-7568, CVE-2018-7569,
CVE-2018-7642, CVE-2018-7643, CVE-2018-8945, CVE-2018-9138,
CVE-2019-12972, CVE-2019-14250, CVE-2019-14444, CVE-2019-17450,
CVE-2019-17451, CVE-2019-9070, CVE-2019-9071, CVE-2019-9073,
CVE-2019-9074, CVE-2019-9075, CVE-2019-9077
Fedora 35 Mass Rebuild update
Hi all,
Per the Fedora 35 schedule[1] we will start a mass rebuild for Fedora 35
on Jul 21st, 2021. We will run a mass rebuild for Fedora 35 for the
changes listed in:
https://pagure.io/releng/issues?status=Open&tags=mass+rebuild
The mass rebuild will be done in a side tag (f35-rebuild) and moved over
when completed.
Failures can be seen
https://kojipkgs.fedoraproject.org/mass-rebuild/f35-failures.html
Things still needing rebuilding
https://kojipkgs.fedoraproject.org/mass-rebuild/f35-need-rebuild.html
FTBFS bugs will be filed shortly.
Please be sure to let releng know if you see any bugs in the
reporting. You can contact releng in #fedora-releng on Libera.Chat, by
dropping an email to our list[2] or filing an issue in pagure[3]
Regards,
[1] https://fedorapeople.org/groups/schedule/f-35/f-35-key-tasks.html
[2] https://lists.fedoraproject.org/admin/lists/rel-eng.lists.fedoraproject.org/
--
Per the Fedora 35 schedule[1] we will start a mass rebuild for Fedora 35
on Jul 21st, 2021. We will run a mass rebuild for Fedora 35 for the
changes listed in:
https://pagure.io/releng/issues?status=Open&tags=mass+rebuild
The mass rebuild will be done in a side tag (f35-rebuild) and moved over
when completed.
Failures can be seen
https://kojipkgs.fedoraproject.org/mass-rebuild/f35-failures.html
Things still needing rebuilding
https://kojipkgs.fedoraproject.org/mass-rebuild/f35-need-rebuild.html
FTBFS bugs will be filed shortly.
Please be sure to let releng know if you see any bugs in the
reporting. You can contact releng in #fedora-releng on Libera.Chat, by
dropping an email to our list[2] or filing an issue in pagure[3]
Regards,
Tomas Hrcka
fas: humaton
LiberaChat: jednorozec
[1] https://fedorapeople.org/groups/schedule/f-35/f-35-key-tasks.html
[2] https://lists.fedoraproject.org/admin/lists/rel-eng.lists.fedoraproject.org/
--
Tomas Hrcka
role: CPE Team - Senior Software Engineer
fas: humaton
freenode: jednorozec
Tuesday, July 20, 2021
[USN-5019-1] NVIDIA graphics drivers vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5019-1
July 21, 2021
nvidia-graphics-drivers-390, nvidia-graphics-drivers-418-server,
nvidia-graphics-drivers-450-server, nvidia-graphics-drivers-460,
nvidia-graphics-drivers-460-server, nvidia-graphics-drivers-470
vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the NVIDIA graphics drivers.
Software Description:
- nvidia-graphics-drivers-390: NVIDIA binary X.Org driver
- nvidia-graphics-drivers-418-server: NVIDIA Server Driver
- nvidia-graphics-drivers-450-server: NVIDIA Server Driver
- nvidia-graphics-drivers-460: NVIDIA binary X.Org driver
- nvidia-graphics-drivers-460-server: NVIDIA Server Driver
- nvidia-graphics-drivers-470: NVIDIA binary X.Org driver
Details:
It was discovered that an assert() could be triggered in the NVIDIA
graphics drivers. A local attacker could use this to cause a denial
of service. (CVE-2021-1093)
It was discovered that the NVIDIA graphics drivers permitted an
out-of-bounds array access. A local attacker could use this
to cause a denial of service or possibly expose sensitive
information. (CVE-2021-1094)
It was discovered that the NVIDIA graphics drivers contained a
vulnerability in the kernel mode layer where they did not properly
control calls with embedded parameters in some situations. A local
attacker could use this to cause a denial of service. (CVE-2021-1095)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
xserver-xorg-video-nvidia-390 390.144-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-418-server 418.211.00-0ubunt0.21.04.1
xserver-xorg-video-nvidia-440-server 450.142.00-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-450 460.91.03-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-450-server 450.142.00-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-455 460.91.03-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-460 460.91.03-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-460-server 460.91.03-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-465 470.57.02-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-470 470.57.02-0ubuntu0.21.04.1
Ubuntu 20.10:
xserver-xorg-video-nvidia-390 390.144-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-418-server 418.211.00-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-440-server 450.142.00-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-450 460.91.03-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-450-server 450.142.00-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-455 460.91.03-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-460 460.91.03-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-460-server 460.91.03-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-465 470.57.02-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-470 470.57.02-0ubuntu0.20.10.1
Ubuntu 20.04 LTS:
xserver-xorg-video-nvidia-390 390.144-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-418-server 418.211.00-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-440-server 450.142.00-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-450 460.91.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-450-server 450.142.00-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-455 460.91.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-460 460.91.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-460-server 460.91.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-465 470.57.02-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-470 470.57.02-0ubuntu0.20.04.1
Ubuntu 18.04 LTS:
xserver-xorg-video-nvidia-390 390.144-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-418-server 418.211.00-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-440-server 450.142.00-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-450 460.91.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-450-server 450.142.00-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-455 460.91.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-460 460.91.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-460-server 460.91.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-465 470.57.02-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-470 470.57.02-0ubuntu0.18.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5019-1
CVE-2021-1093, CVE-2021-1094, CVE-2021-1095
Package Information:
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.144-0ubuntu0.21.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-418-server/418.211.00-0ubunt0.21.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450-server/450.142.00-0ubuntu0.21.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.91.03-0ubuntu0.21.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460-server/460.91.03-0ubuntu0.21.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470/470.57.02-0ubuntu0.21.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.144-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-418-server/418.211.00-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450-server/450.142.00-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.91.03-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460-server/460.91.03-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470/470.57.02-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.144-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-418-server/418.211.00-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450-server/450.142.00-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.91.03-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460-server/460.91.03-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470/470.57.02-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.144-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-418-server/418.211.00-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450-server/450.142.00-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.91.03-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460-server/460.91.03-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470/470.57.02-0ubuntu0.18.04.1
Ubuntu Security Notice USN-5019-1
July 21, 2021
nvidia-graphics-drivers-390, nvidia-graphics-drivers-418-server,
nvidia-graphics-drivers-450-server, nvidia-graphics-drivers-460,
nvidia-graphics-drivers-460-server, nvidia-graphics-drivers-470
vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.10
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the NVIDIA graphics drivers.
Software Description:
- nvidia-graphics-drivers-390: NVIDIA binary X.Org driver
- nvidia-graphics-drivers-418-server: NVIDIA Server Driver
- nvidia-graphics-drivers-450-server: NVIDIA Server Driver
- nvidia-graphics-drivers-460: NVIDIA binary X.Org driver
- nvidia-graphics-drivers-460-server: NVIDIA Server Driver
- nvidia-graphics-drivers-470: NVIDIA binary X.Org driver
Details:
It was discovered that an assert() could be triggered in the NVIDIA
graphics drivers. A local attacker could use this to cause a denial
of service. (CVE-2021-1093)
It was discovered that the NVIDIA graphics drivers permitted an
out-of-bounds array access. A local attacker could use this
to cause a denial of service or possibly expose sensitive
information. (CVE-2021-1094)
It was discovered that the NVIDIA graphics drivers contained a
vulnerability in the kernel mode layer where they did not properly
control calls with embedded parameters in some situations. A local
attacker could use this to cause a denial of service. (CVE-2021-1095)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 21.04:
xserver-xorg-video-nvidia-390 390.144-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-418-server 418.211.00-0ubunt0.21.04.1
xserver-xorg-video-nvidia-440-server 450.142.00-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-450 460.91.03-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-450-server 450.142.00-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-455 460.91.03-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-460 460.91.03-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-460-server 460.91.03-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-465 470.57.02-0ubuntu0.21.04.1
xserver-xorg-video-nvidia-470 470.57.02-0ubuntu0.21.04.1
Ubuntu 20.10:
xserver-xorg-video-nvidia-390 390.144-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-418-server 418.211.00-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-440-server 450.142.00-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-450 460.91.03-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-450-server 450.142.00-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-455 460.91.03-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-460 460.91.03-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-460-server 460.91.03-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-465 470.57.02-0ubuntu0.20.10.1
xserver-xorg-video-nvidia-470 470.57.02-0ubuntu0.20.10.1
Ubuntu 20.04 LTS:
xserver-xorg-video-nvidia-390 390.144-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-418-server 418.211.00-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-440-server 450.142.00-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-450 460.91.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-450-server 450.142.00-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-455 460.91.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-460 460.91.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-460-server 460.91.03-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-465 470.57.02-0ubuntu0.20.04.1
xserver-xorg-video-nvidia-470 470.57.02-0ubuntu0.20.04.1
Ubuntu 18.04 LTS:
xserver-xorg-video-nvidia-390 390.144-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-418-server 418.211.00-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-440-server 450.142.00-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-450 460.91.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-450-server 450.142.00-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-455 460.91.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-460 460.91.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-460-server 460.91.03-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-465 470.57.02-0ubuntu0.18.04.1
xserver-xorg-video-nvidia-470 470.57.02-0ubuntu0.18.04.1
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5019-1
CVE-2021-1093, CVE-2021-1094, CVE-2021-1095
Package Information:
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.144-0ubuntu0.21.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-418-server/418.211.00-0ubunt0.21.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450-server/450.142.00-0ubuntu0.21.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.91.03-0ubuntu0.21.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460-server/460.91.03-0ubuntu0.21.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470/470.57.02-0ubuntu0.21.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.144-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-418-server/418.211.00-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450-server/450.142.00-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.91.03-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460-server/460.91.03-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470/470.57.02-0ubuntu0.20.10.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.144-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-418-server/418.211.00-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450-server/450.142.00-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.91.03-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460-server/460.91.03-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470/470.57.02-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-390/390.144-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-418-server/418.211.00-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-450-server/450.142.00-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460/460.91.03-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-460-server/460.91.03-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-470/470.57.02-0ubuntu0.18.04.1
[USN-5018-1] Linux kernel vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5018-1
July 20, 2021
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp,
linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2,
linux-snapdragon vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp-4.15: Linux kernel for Google Cloud Platform (GCP) systems
- linux-kvm: Linux kernel for cloud environments
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-raspi2: Linux kernel for Raspberry Pi (V8) systems
- linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors
- linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe: Linux hardware enablement (HWE) kernel
Details:
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code. (CVE-2021-33909)
Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel
did not properly enforce limits for pointer operations. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-33200)
Mathy Vanhoef discovered that the Linux kernel's WiFi implementation did
not properly clear received fragments from memory in some situations. A
physically proximate attacker could possibly use this issue to inject
packets or expose sensitive information. (CVE-2020-24586)
Mathy Vanhoef discovered that the Linux kernel's WiFi implementation
incorrectly handled encrypted fragments. A physically proximate attacker
could possibly use this issue to decrypt fragments. (CVE-2020-24587)
Mathy Vanhoef discovered that the Linux kernel's WiFi implementation
incorrectly handled EAPOL frames from unauthenticated senders. A physically
proximate attacker could inject malicious packets to cause a denial of
service (system crash). (CVE-2020-26139)
Mathy Vanhoef discovered that the Linux kernel's WiFi implementation could
reassemble mixed encrypted and plaintext fragments. A physically proximate
attacker could possibly use this issue to inject packets or exfiltrate
selected fragments. (CVE-2020-26147)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly perform access control. An authenticated attacker could possibly
use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129)
Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the
nfc implementation in the Linux kernel. A privileged local attacker could
use this issue to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-23134)
Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel
did not properly prevent speculative loads in certain situations. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2021-31829)
It was discovered that a race condition in the kernel Bluetooth subsystem
could lead to use-after-free of slab objects. An attacker could use this
issue to possibly execute arbitrary code. (CVE-2021-32399)
It was discovered that a use-after-free existed in the Bluetooth HCI driver
of the Linux kernel. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-33034)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
linux-image-4.15.0-1078-oracle 4.15.0-1078.86
linux-image-4.15.0-1092-raspi2 4.15.0-1092.98
linux-image-4.15.0-1097-kvm 4.15.0-1097.99
linux-image-4.15.0-1106-gcp 4.15.0-1106.120
linux-image-4.15.0-1109-aws 4.15.0-1109.116
linux-image-4.15.0-1109-snapdragon 4.15.0-1109.118
linux-image-4.15.0-1121-azure 4.15.0-1121.134
linux-image-4.15.0-151-generic 4.15.0-151.157
linux-image-4.15.0-151-generic-lpae 4.15.0-151.157
linux-image-4.15.0-151-lowlatency 4.15.0-151.157
linux-image-aws-lts-18.04 4.15.0.1109.112
linux-image-azure-lts-18.04 4.15.0.1121.94
linux-image-gcp-lts-18.04 4.15.0.1106.125
linux-image-generic 4.15.0.151.139
linux-image-generic-lpae 4.15.0.151.139
linux-image-kvm 4.15.0.1097.93
linux-image-lowlatency 4.15.0.151.139
linux-image-oracle-lts-18.04 4.15.0.1078.88
linux-image-raspi2 4.15.0.1092.90
linux-image-snapdragon 4.15.0.1109.112
linux-image-virtual 4.15.0.151.139
Ubuntu 16.04 ESM:
linux-image-4.15.0-1078-oracle 4.15.0-1078.86~16.04.1
linux-image-4.15.0-1106-gcp 4.15.0-1106.120~16.04.1
linux-image-4.15.0-1109-aws 4.15.0-1109.116~16.04.1
linux-image-4.15.0-1121-azure 4.15.0-1121.134~16.04.1
linux-image-4.15.0-151-generic 4.15.0-151.157~16.04.1
linux-image-4.15.0-151-lowlatency 4.15.0-151.157~16.04.1
linux-image-aws-hwe 4.15.0.1109.100
linux-image-azure 4.15.0.1121.112
linux-image-gcp 4.15.0.1106.107
linux-image-generic-hwe-16.04 4.15.0.151.146
linux-image-gke 4.15.0.1106.107
linux-image-lowlatency-hwe-16.04 4.15.0.151.146
linux-image-oem 4.15.0.151.146
linux-image-oracle 4.15.0.1078.66
linux-image-virtual-hwe-16.04 4.15.0.151.146
Ubuntu 14.04 ESM:
linux-image-4.15.0-1121-azure 4.15.0-1121.134~14.04.1
linux-image-azure 4.15.0.1121.94
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-5018-1
CVE-2020-24586, CVE-2020-24587, CVE-2020-26139, CVE-2020-26147,
CVE-2020-26558, CVE-2021-0129, CVE-2021-23134, CVE-2021-31829,
CVE-2021-32399, CVE-2021-33034, CVE-2021-33200, CVE-2021-33909
Package Information:
https://launchpad.net/ubuntu/+source/linux/4.15.0-151.157
https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1109.116
https://launchpad.net/ubuntu/+source/linux-azure-4.15/4.15.0-1121.134
https://launchpad.net/ubuntu/+source/linux-gcp-4.15/4.15.0-1106.120
https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1097.99
https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1078.86
https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1092.98
https://launchpad.net/ubuntu/+source/linux-snapdragon/4.15.0-1109.118
Ubuntu Security Notice USN-5018-1
July 20, 2021
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp,
linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2,
linux-snapdragon vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 ESM
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp-4.15: Linux kernel for Google Cloud Platform (GCP) systems
- linux-kvm: Linux kernel for cloud environments
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-raspi2: Linux kernel for Raspberry Pi (V8) systems
- linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors
- linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe: Linux hardware enablement (HWE) kernel
Details:
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code. (CVE-2021-33909)
Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel
did not properly enforce limits for pointer operations. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-33200)
Mathy Vanhoef discovered that the Linux kernel's WiFi implementation did
not properly clear received fragments from memory in some situations. A
physically proximate attacker could possibly use this issue to inject
packets or expose sensitive information. (CVE-2020-24586)
Mathy Vanhoef discovered that the Linux kernel's WiFi implementation
incorrectly handled encrypted fragments. A physically proximate attacker
could possibly use this issue to decrypt fragments. (CVE-2020-24587)
Mathy Vanhoef discovered that the Linux kernel's WiFi implementation
incorrectly handled EAPOL frames from unauthenticated senders. A physically
proximate attacker could inject malicious packets to cause a denial of
service (system crash). (CVE-2020-26139)
Mathy Vanhoef discovered that the Linux kernel's WiFi implementation could
reassemble mixed encrypted and plaintext fragments. A physically proximate
attacker could possibly use this issue to inject packets or exfiltrate
selected fragments. (CVE-2020-26147)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly perform access control. An authenticated attacker could possibly
use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129)
Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the
nfc implementation in the Linux kernel. A privileged local attacker could
use this issue to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-23134)
Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel
did not properly prevent speculative loads in certain situations. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2021-31829)
It was discovered that a race condition in the kernel Bluetooth subsystem
could lead to use-after-free of slab objects. An attacker could use this
issue to possibly execute arbitrary code. (CVE-2021-32399)
It was discovered that a use-after-free existed in the Bluetooth HCI driver
of the Linux kernel. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-33034)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
linux-image-4.15.0-1078-oracle 4.15.0-1078.86
linux-image-4.15.0-1092-raspi2 4.15.0-1092.98
linux-image-4.15.0-1097-kvm 4.15.0-1097.99
linux-image-4.15.0-1106-gcp 4.15.0-1106.120
linux-image-4.15.0-1109-aws 4.15.0-1109.116
linux-image-4.15.0-1109-snapdragon 4.15.0-1109.118
linux-image-4.15.0-1121-azure 4.15.0-1121.134
linux-image-4.15.0-151-generic 4.15.0-151.157
linux-image-4.15.0-151-generic-lpae 4.15.0-151.157
linux-image-4.15.0-151-lowlatency 4.15.0-151.157
linux-image-aws-lts-18.04 4.15.0.1109.112
linux-image-azure-lts-18.04 4.15.0.1121.94
linux-image-gcp-lts-18.04 4.15.0.1106.125
linux-image-generic 4.15.0.151.139
linux-image-generic-lpae 4.15.0.151.139
linux-image-kvm 4.15.0.1097.93
linux-image-lowlatency 4.15.0.151.139
linux-image-oracle-lts-18.04 4.15.0.1078.88
linux-image-raspi2 4.15.0.1092.90
linux-image-snapdragon 4.15.0.1109.112
linux-image-virtual 4.15.0.151.139
Ubuntu 16.04 ESM:
linux-image-4.15.0-1078-oracle 4.15.0-1078.86~16.04.1
linux-image-4.15.0-1106-gcp 4.15.0-1106.120~16.04.1
linux-image-4.15.0-1109-aws 4.15.0-1109.116~16.04.1
linux-image-4.15.0-1121-azure 4.15.0-1121.134~16.04.1
linux-image-4.15.0-151-generic 4.15.0-151.157~16.04.1
linux-image-4.15.0-151-lowlatency 4.15.0-151.157~16.04.1
linux-image-aws-hwe 4.15.0.1109.100
linux-image-azure 4.15.0.1121.112
linux-image-gcp 4.15.0.1106.107
linux-image-generic-hwe-16.04 4.15.0.151.146
linux-image-gke 4.15.0.1106.107
linux-image-lowlatency-hwe-16.04 4.15.0.151.146
linux-image-oem 4.15.0.151.146
linux-image-oracle 4.15.0.1078.66
linux-image-virtual-hwe-16.04 4.15.0.151.146
Ubuntu 14.04 ESM:
linux-image-4.15.0-1121-azure 4.15.0-1121.134~14.04.1
linux-image-azure 4.15.0.1121.94
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-5018-1
CVE-2020-24586, CVE-2020-24587, CVE-2020-26139, CVE-2020-26147,
CVE-2020-26558, CVE-2021-0129, CVE-2021-23134, CVE-2021-31829,
CVE-2021-32399, CVE-2021-33034, CVE-2021-33200, CVE-2021-33909
Package Information:
https://launchpad.net/ubuntu/+source/linux/4.15.0-151.157
https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1109.116
https://launchpad.net/ubuntu/+source/linux-azure-4.15/4.15.0-1121.134
https://launchpad.net/ubuntu/+source/linux-gcp-4.15/4.15.0-1106.120
https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1097.99
https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1078.86
https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1092.98
https://launchpad.net/ubuntu/+source/linux-snapdragon/4.15.0-1109.118
[USN-5017-1] Linux kernel vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5017-1
July 20, 2021
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp,
linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4,
linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi,
linux-raspi-5.4 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke: Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems
- linux-kvm: Linux kernel for cloud environments
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-raspi: Linux kernel for Raspberry Pi (V8) systems
- linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems
- linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke-5.4: Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop-5.4: Linux kernel for Google Container Engine (GKE) systems
- linux-hwe-5.4: Linux hardware enablement (HWE) kernel
- linux-oracle-5.4: Linux kernel for Oracle Cloud systems
- linux-raspi-5.4: Linux kernel for Raspberry Pi (V8) systems
Details:
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code. (CVE-2021-33909)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly perform access control. An authenticated attacker could possibly
use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
linux-image-5.4.0-1021-gkeop 5.4.0-1021.22
linux-image-5.4.0-1041-raspi 5.4.0-1041.45
linux-image-5.4.0-1044-kvm 5.4.0-1044.46
linux-image-5.4.0-1049-gcp 5.4.0-1049.53
linux-image-5.4.0-1049-gke 5.4.0-1049.52
linux-image-5.4.0-1052-oracle 5.4.0-1052.56
linux-image-5.4.0-1054-aws 5.4.0-1054.57
linux-image-5.4.0-1055-azure 5.4.0-1055.57
linux-image-5.4.0-80-generic 5.4.0-80.90
linux-image-5.4.0-80-generic-lpae 5.4.0-80.90
linux-image-5.4.0-80-lowlatency 5.4.0-80.90
linux-image-aws-lts-20.04 5.4.0.1054.57
linux-image-azure-lts-20.04 5.4.0.1055.53
linux-image-gcp-lts-20.04 5.4.0.1049.59
linux-image-generic 5.4.0.80.84
linux-image-generic-lpae 5.4.0.80.84
linux-image-gke 5.4.0.1049.59
linux-image-gke-5.4 5.4.0.1049.59
linux-image-gkeop 5.4.0.1021.24
linux-image-gkeop-5.4 5.4.0.1021.24
linux-image-kvm 5.4.0.1044.43
linux-image-lowlatency 5.4.0.80.84
linux-image-oem 5.4.0.80.84
linux-image-oem-osp1 5.4.0.80.84
linux-image-oracle-lts-20.04 5.4.0.1052.52
linux-image-raspi 5.4.0.1041.76
linux-image-raspi2 5.4.0.1041.76
linux-image-virtual 5.4.0.80.84
Ubuntu 18.04 LTS:
linux-image-5.4.0-1021-gkeop 5.4.0-1021.22~18.04.1
linux-image-5.4.0-1041-raspi 5.4.0-1041.45~18.04.1
linux-image-5.4.0-1049-gcp 5.4.0-1049.53~18.04.1
linux-image-5.4.0-1049-gke 5.4.0-1049.52~18.04.1
linux-image-5.4.0-1052-oracle 5.4.0-1052.56~18.04.1
linux-image-5.4.0-1054-aws 5.4.0-1054.57~18.04.1
linux-image-5.4.0-1055-azure 5.4.0-1055.57~18.04.1
linux-image-5.4.0-80-generic 5.4.0-80.90~18.04.1
linux-image-5.4.0-80-generic-lpae 5.4.0-80.90~18.04.1
linux-image-5.4.0-80-lowlatency 5.4.0-80.90~18.04.1
linux-image-aws 5.4.0.1054.37
linux-image-azure 5.4.0.1055.35
linux-image-gcp 5.4.0.1049.36
linux-image-generic-hwe-18.04 5.4.0.80.90~18.04.72
linux-image-generic-lpae-hwe-18.04 5.4.0.80.90~18.04.72
linux-image-gke-5.4 5.4.0.1049.52~18.04.15
linux-image-gkeop-5.4 5.4.0.1021.22~18.04.22
linux-image-lowlatency-hwe-18.04 5.4.0.80.90~18.04.72
linux-image-oem 5.4.0.80.90~18.04.72
linux-image-oem-osp1 5.4.0.80.90~18.04.72
linux-image-oracle 5.4.0.1052.56~18.04.32
linux-image-raspi-hwe-18.04 5.4.0.1041.44
linux-image-snapdragon-hwe-18.04 5.4.0.80.90~18.04.72
linux-image-virtual-hwe-18.04 5.4.0.80.90~18.04.72
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-5017-1
CVE-2020-26558, CVE-2021-0129, CVE-2021-33909
Package Information:
https://launchpad.net/ubuntu/+source/linux/5.4.0-80.90
https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1054.57
https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1055.57
https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1049.53
https://launchpad.net/ubuntu/+source/linux-gke/5.4.0-1049.52
https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1021.22
https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1044.46
https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1052.56
https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1041.45
https://launchpad.net/ubuntu/+source/linux-aws-5.4/5.4.0-1054.57~18.04.1
https://launchpad.net/ubuntu/+source/linux-azure-5.4/5.4.0-1055.57~18.04.1
https://launchpad.net/ubuntu/+source/linux-gcp-5.4/5.4.0-1049.53~18.04.1
https://launchpad.net/ubuntu/+source/linux-gke-5.4/5.4.0-1049.52~18.04.1
https://launchpad.net/ubuntu/+source/linux-gkeop-5.4/5.4.0-1021.22~18.04.1
https://launchpad.net/ubuntu/+source/linux-hwe-5.4/5.4.0-80.90~18.04.1
https://launchpad.net/ubuntu/+source/linux-oracle-5.4/5.4.0-1052.56~18.04.1
https://launchpad.net/ubuntu/+source/linux-raspi-5.4/5.4.0-1041.45~18.04.1
Ubuntu Security Notice USN-5017-1
July 20, 2021
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp,
linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4,
linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi,
linux-raspi-5.4 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke: Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop: Linux kernel for Google Container Engine (GKE) systems
- linux-kvm: Linux kernel for cloud environments
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-raspi: Linux kernel for Raspberry Pi (V8) systems
- linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems
- linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems
- linux-gke-5.4: Linux kernel for Google Container Engine (GKE) systems
- linux-gkeop-5.4: Linux kernel for Google Container Engine (GKE) systems
- linux-hwe-5.4: Linux hardware enablement (HWE) kernel
- linux-oracle-5.4: Linux kernel for Oracle Cloud systems
- linux-raspi-5.4: Linux kernel for Raspberry Pi (V8) systems
Details:
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code. (CVE-2021-33909)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly perform access control. An authenticated attacker could possibly
use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
linux-image-5.4.0-1021-gkeop 5.4.0-1021.22
linux-image-5.4.0-1041-raspi 5.4.0-1041.45
linux-image-5.4.0-1044-kvm 5.4.0-1044.46
linux-image-5.4.0-1049-gcp 5.4.0-1049.53
linux-image-5.4.0-1049-gke 5.4.0-1049.52
linux-image-5.4.0-1052-oracle 5.4.0-1052.56
linux-image-5.4.0-1054-aws 5.4.0-1054.57
linux-image-5.4.0-1055-azure 5.4.0-1055.57
linux-image-5.4.0-80-generic 5.4.0-80.90
linux-image-5.4.0-80-generic-lpae 5.4.0-80.90
linux-image-5.4.0-80-lowlatency 5.4.0-80.90
linux-image-aws-lts-20.04 5.4.0.1054.57
linux-image-azure-lts-20.04 5.4.0.1055.53
linux-image-gcp-lts-20.04 5.4.0.1049.59
linux-image-generic 5.4.0.80.84
linux-image-generic-lpae 5.4.0.80.84
linux-image-gke 5.4.0.1049.59
linux-image-gke-5.4 5.4.0.1049.59
linux-image-gkeop 5.4.0.1021.24
linux-image-gkeop-5.4 5.4.0.1021.24
linux-image-kvm 5.4.0.1044.43
linux-image-lowlatency 5.4.0.80.84
linux-image-oem 5.4.0.80.84
linux-image-oem-osp1 5.4.0.80.84
linux-image-oracle-lts-20.04 5.4.0.1052.52
linux-image-raspi 5.4.0.1041.76
linux-image-raspi2 5.4.0.1041.76
linux-image-virtual 5.4.0.80.84
Ubuntu 18.04 LTS:
linux-image-5.4.0-1021-gkeop 5.4.0-1021.22~18.04.1
linux-image-5.4.0-1041-raspi 5.4.0-1041.45~18.04.1
linux-image-5.4.0-1049-gcp 5.4.0-1049.53~18.04.1
linux-image-5.4.0-1049-gke 5.4.0-1049.52~18.04.1
linux-image-5.4.0-1052-oracle 5.4.0-1052.56~18.04.1
linux-image-5.4.0-1054-aws 5.4.0-1054.57~18.04.1
linux-image-5.4.0-1055-azure 5.4.0-1055.57~18.04.1
linux-image-5.4.0-80-generic 5.4.0-80.90~18.04.1
linux-image-5.4.0-80-generic-lpae 5.4.0-80.90~18.04.1
linux-image-5.4.0-80-lowlatency 5.4.0-80.90~18.04.1
linux-image-aws 5.4.0.1054.37
linux-image-azure 5.4.0.1055.35
linux-image-gcp 5.4.0.1049.36
linux-image-generic-hwe-18.04 5.4.0.80.90~18.04.72
linux-image-generic-lpae-hwe-18.04 5.4.0.80.90~18.04.72
linux-image-gke-5.4 5.4.0.1049.52~18.04.15
linux-image-gkeop-5.4 5.4.0.1021.22~18.04.22
linux-image-lowlatency-hwe-18.04 5.4.0.80.90~18.04.72
linux-image-oem 5.4.0.80.90~18.04.72
linux-image-oem-osp1 5.4.0.80.90~18.04.72
linux-image-oracle 5.4.0.1052.56~18.04.32
linux-image-raspi-hwe-18.04 5.4.0.1041.44
linux-image-snapdragon-hwe-18.04 5.4.0.80.90~18.04.72
linux-image-virtual-hwe-18.04 5.4.0.80.90~18.04.72
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-5017-1
CVE-2020-26558, CVE-2021-0129, CVE-2021-33909
Package Information:
https://launchpad.net/ubuntu/+source/linux/5.4.0-80.90
https://launchpad.net/ubuntu/+source/linux-aws/5.4.0-1054.57
https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1055.57
https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1049.53
https://launchpad.net/ubuntu/+source/linux-gke/5.4.0-1049.52
https://launchpad.net/ubuntu/+source/linux-gkeop/5.4.0-1021.22
https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1044.46
https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1052.56
https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1041.45
https://launchpad.net/ubuntu/+source/linux-aws-5.4/5.4.0-1054.57~18.04.1
https://launchpad.net/ubuntu/+source/linux-azure-5.4/5.4.0-1055.57~18.04.1
https://launchpad.net/ubuntu/+source/linux-gcp-5.4/5.4.0-1049.53~18.04.1
https://launchpad.net/ubuntu/+source/linux-gke-5.4/5.4.0-1049.52~18.04.1
https://launchpad.net/ubuntu/+source/linux-gkeop-5.4/5.4.0-1021.22~18.04.1
https://launchpad.net/ubuntu/+source/linux-hwe-5.4/5.4.0-80.90~18.04.1
https://launchpad.net/ubuntu/+source/linux-oracle-5.4/5.4.0-1052.56~18.04.1
https://launchpad.net/ubuntu/+source/linux-raspi-5.4/5.4.0-1041.45~18.04.1
[USN-5016-1] Linux kernel vulnerabilities
==========================================================================
Ubuntu Security Notice USN-5016-1
July 20, 2021
linux, linux-aws, linux-aws-5.8, linux-azure, linux-azure-5.8, linux-gcp,
linux-gcp-5.8, linux-hwe-5.8, linux-kvm, linux-oracle, linux-oracle-5.8,
linux-raspi vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.10
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-kvm: Linux kernel for cloud environments
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-raspi: Linux kernel for Raspberry Pi (V8) systems
- linux-aws-5.8: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure-5.8: Linux kernel for Microsoft Azure cloud systems
- linux-gcp-5.8: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe-5.8: Linux hardware enablement (HWE) kernel
- linux-oracle-5.8: Linux kernel for Oracle Cloud systems
Details:
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code. (CVE-2021-33909)
Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the
nfc implementation in the Linux kernel. A privileged local attacker could
use this issue to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-23134)
It was discovered that a race condition in the kernel Bluetooth subsystem
could lead to use-after-free of slab objects. An attacker could use this
issue to possibly execute arbitrary code. (CVE-2021-32399)
It was discovered that a use-after-free existed in the Bluetooth HCI driver
of the Linux kernel. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-33034)
It was discovered that an out-of-bounds (OOB) memory access flaw existed in
the f2fs module of the Linux kernel. A local attacker could use this issue
to cause a denial of service (system crash). (CVE-2021-3506)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.10:
linux-image-5.8.0-1032-raspi 5.8.0-1032.35
linux-image-5.8.0-1032-raspi-nolpae 5.8.0-1032.35
linux-image-5.8.0-1033-kvm 5.8.0-1033.36
linux-image-5.8.0-1037-oracle 5.8.0-1037.38
linux-image-5.8.0-1038-gcp 5.8.0-1038.40
linux-image-5.8.0-1039-azure 5.8.0-1039.42
linux-image-5.8.0-1041-aws 5.8.0-1041.43
linux-image-5.8.0-63-generic 5.8.0-63.71
linux-image-5.8.0-63-generic-64k 5.8.0-63.71
linux-image-5.8.0-63-generic-lpae 5.8.0-63.71
linux-image-5.8.0-63-lowlatency 5.8.0-63.71
linux-image-aws 5.8.0.1041.43
linux-image-azure 5.8.0.1039.40
linux-image-gcp 5.8.0.1038.38
linux-image-generic 5.8.0.63.69
linux-image-generic-64k 5.8.0.63.69
linux-image-generic-lpae 5.8.0.63.69
linux-image-gke 5.8.0.1038.38
linux-image-kvm 5.8.0.1033.36
linux-image-lowlatency 5.8.0.63.69
linux-image-oem-20.04 5.8.0.63.69
linux-image-oracle 5.8.0.1037.36
linux-image-raspi 5.8.0.1032.34
linux-image-raspi-nolpae 5.8.0.1032.34
linux-image-virtual 5.8.0.63.69
Ubuntu 20.04 LTS:
linux-image-5.8.0-1037-oracle 5.8.0-1037.38~20.04.1
linux-image-5.8.0-1038-gcp 5.8.0-1038.40~20.04.1
linux-image-5.8.0-1039-azure 5.8.0-1039.42~20.04.1
linux-image-5.8.0-1041-aws 5.8.0-1041.43~20.04.1
linux-image-5.8.0-63-generic 5.8.0-63.71~20.04.1
linux-image-5.8.0-63-generic-64k 5.8.0-63.71~20.04.1
linux-image-5.8.0-63-generic-lpae 5.8.0-63.71~20.04.1
linux-image-5.8.0-63-lowlatency 5.8.0-63.71~20.04.1
linux-image-aws 5.8.0.1041.43~20.04.13
linux-image-azure 5.8.0.1039.42~20.04.11
linux-image-gcp 5.8.0.1038.40~20.04.13
linux-image-generic-64k-hwe-20.04 5.8.0.63.71~20.04.45
linux-image-generic-hwe-20.04 5.8.0.63.71~20.04.45
linux-image-generic-lpae-hwe-20.04 5.8.0.63.71~20.04.45
linux-image-lowlatency-hwe-20.04 5.8.0.63.71~20.04.45
linux-image-oracle 5.8.0.1037.38~20.04.13
linux-image-virtual-hwe-20.04 5.8.0.63.71~20.04.45
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-5016-1
CVE-2021-23134, CVE-2021-32399, CVE-2021-33034, CVE-2021-33909,
CVE-2021-3506
Package Information:
https://launchpad.net/ubuntu/+source/linux/5.8.0-63.71
https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1041.43
https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1039.42
https://launchpad.net/ubuntu/+source/linux-gcp/5.8.0-1038.40
https://launchpad.net/ubuntu/+source/linux-kvm/5.8.0-1033.36
https://launchpad.net/ubuntu/+source/linux-oracle/5.8.0-1037.38
https://launchpad.net/ubuntu/+source/linux-raspi/5.8.0-1032.35
https://launchpad.net/ubuntu/+source/linux-aws-5.8/5.8.0-1041.43~20.04.1
https://launchpad.net/ubuntu/+source/linux-azure-5.8/5.8.0-1039.42~20.04.1
https://launchpad.net/ubuntu/+source/linux-gcp-5.8/5.8.0-1038.40~20.04.1
https://launchpad.net/ubuntu/+source/linux-hwe-5.8/5.8.0-63.71~20.04.1
https://launchpad.net/ubuntu/+source/linux-oracle-5.8/5.8.0-1037.38~20.04.1
Ubuntu Security Notice USN-5016-1
July 20, 2021
linux, linux-aws, linux-aws-5.8, linux-azure, linux-azure-5.8, linux-gcp,
linux-gcp-5.8, linux-hwe-5.8, linux-kvm, linux-oracle, linux-oracle-5.8,
linux-raspi vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.10
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-kvm: Linux kernel for cloud environments
- linux-oracle: Linux kernel for Oracle Cloud systems
- linux-raspi: Linux kernel for Raspberry Pi (V8) systems
- linux-aws-5.8: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure-5.8: Linux kernel for Microsoft Azure cloud systems
- linux-gcp-5.8: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe-5.8: Linux hardware enablement (HWE) kernel
- linux-oracle-5.8: Linux kernel for Oracle Cloud systems
Details:
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code. (CVE-2021-33909)
Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the
nfc implementation in the Linux kernel. A privileged local attacker could
use this issue to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-23134)
It was discovered that a race condition in the kernel Bluetooth subsystem
could lead to use-after-free of slab objects. An attacker could use this
issue to possibly execute arbitrary code. (CVE-2021-32399)
It was discovered that a use-after-free existed in the Bluetooth HCI driver
of the Linux kernel. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-33034)
It was discovered that an out-of-bounds (OOB) memory access flaw existed in
the f2fs module of the Linux kernel. A local attacker could use this issue
to cause a denial of service (system crash). (CVE-2021-3506)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.10:
linux-image-5.8.0-1032-raspi 5.8.0-1032.35
linux-image-5.8.0-1032-raspi-nolpae 5.8.0-1032.35
linux-image-5.8.0-1033-kvm 5.8.0-1033.36
linux-image-5.8.0-1037-oracle 5.8.0-1037.38
linux-image-5.8.0-1038-gcp 5.8.0-1038.40
linux-image-5.8.0-1039-azure 5.8.0-1039.42
linux-image-5.8.0-1041-aws 5.8.0-1041.43
linux-image-5.8.0-63-generic 5.8.0-63.71
linux-image-5.8.0-63-generic-64k 5.8.0-63.71
linux-image-5.8.0-63-generic-lpae 5.8.0-63.71
linux-image-5.8.0-63-lowlatency 5.8.0-63.71
linux-image-aws 5.8.0.1041.43
linux-image-azure 5.8.0.1039.40
linux-image-gcp 5.8.0.1038.38
linux-image-generic 5.8.0.63.69
linux-image-generic-64k 5.8.0.63.69
linux-image-generic-lpae 5.8.0.63.69
linux-image-gke 5.8.0.1038.38
linux-image-kvm 5.8.0.1033.36
linux-image-lowlatency 5.8.0.63.69
linux-image-oem-20.04 5.8.0.63.69
linux-image-oracle 5.8.0.1037.36
linux-image-raspi 5.8.0.1032.34
linux-image-raspi-nolpae 5.8.0.1032.34
linux-image-virtual 5.8.0.63.69
Ubuntu 20.04 LTS:
linux-image-5.8.0-1037-oracle 5.8.0-1037.38~20.04.1
linux-image-5.8.0-1038-gcp 5.8.0-1038.40~20.04.1
linux-image-5.8.0-1039-azure 5.8.0-1039.42~20.04.1
linux-image-5.8.0-1041-aws 5.8.0-1041.43~20.04.1
linux-image-5.8.0-63-generic 5.8.0-63.71~20.04.1
linux-image-5.8.0-63-generic-64k 5.8.0-63.71~20.04.1
linux-image-5.8.0-63-generic-lpae 5.8.0-63.71~20.04.1
linux-image-5.8.0-63-lowlatency 5.8.0-63.71~20.04.1
linux-image-aws 5.8.0.1041.43~20.04.13
linux-image-azure 5.8.0.1039.42~20.04.11
linux-image-gcp 5.8.0.1038.40~20.04.13
linux-image-generic-64k-hwe-20.04 5.8.0.63.71~20.04.45
linux-image-generic-hwe-20.04 5.8.0.63.71~20.04.45
linux-image-generic-lpae-hwe-20.04 5.8.0.63.71~20.04.45
linux-image-lowlatency-hwe-20.04 5.8.0.63.71~20.04.45
linux-image-oracle 5.8.0.1037.38~20.04.13
linux-image-virtual-hwe-20.04 5.8.0.63.71~20.04.45
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://ubuntu.com/security/notices/USN-5016-1
CVE-2021-23134, CVE-2021-32399, CVE-2021-33034, CVE-2021-33909,
CVE-2021-3506
Package Information:
https://launchpad.net/ubuntu/+source/linux/5.8.0-63.71
https://launchpad.net/ubuntu/+source/linux-aws/5.8.0-1041.43
https://launchpad.net/ubuntu/+source/linux-azure/5.8.0-1039.42
https://launchpad.net/ubuntu/+source/linux-gcp/5.8.0-1038.40
https://launchpad.net/ubuntu/+source/linux-kvm/5.8.0-1033.36
https://launchpad.net/ubuntu/+source/linux-oracle/5.8.0-1037.38
https://launchpad.net/ubuntu/+source/linux-raspi/5.8.0-1032.35
https://launchpad.net/ubuntu/+source/linux-aws-5.8/5.8.0-1041.43~20.04.1
https://launchpad.net/ubuntu/+source/linux-azure-5.8/5.8.0-1039.42~20.04.1
https://launchpad.net/ubuntu/+source/linux-gcp-5.8/5.8.0-1038.40~20.04.1
https://launchpad.net/ubuntu/+source/linux-hwe-5.8/5.8.0-63.71~20.04.1
https://launchpad.net/ubuntu/+source/linux-oracle-5.8/5.8.0-1037.38~20.04.1
Subscribe to:
Posts (Atom)