It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). Various other issues were also addressed.
fbe29704c99306a1bca47b078a9a33c2572ec3b421ae2b3cfb6ccde48d2a5412==========================================================================
Kernel Live Patch Security Notice 0045-1
November 13, 2018
linux vulnerability
==========================================================================
A security issue affects these releases of Ubuntu:
| Series | Base kernel | Arch | flavors |
|------------------+--------------+----------+------------------|
| Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic |
| Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency |
| Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic |
| Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency |
| Ubuntu 18.04 LTS | 4.15.0 | amd64 | generic |
| Ubuntu 18.04 LTS | 4.15.0 | amd64 | lowlatency |
Summary:
Several security issues were fixed in the kernel.
Software Description:
- linux: Linux kernel
Details:
It was discovered that the generic SCSI driver in the Linux kernel did not
properly enforce permissions on kernel memory access. A local attacker
could use this to expose sensitive information or possibly elevate
privileges. (CVE-2017-13168)
Wen Xu discovered that the ext4 filesystem implementation in the Linux
kernel did not properly ensure that xattr information remained in inode
bodies. An attacker could use this to construct a malicious ext4 image
that, when mounted, could cause a denial of service (system crash).
(CVE-2018-10880)
It was discovered that an integer overflow existed in the HID Bluetooth
implementation in the Linux kernel that could lead to a buffer overwrite.
An attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2018-9363)
It was discovered that an integer overflow existed in the CD-ROM driver of
the Linux kernel. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2018-16658)
Update instructions:
The problem can be corrected by updating your livepatches to the following
versions:
| Kernel | Version | flavors |
|--------------------------+----------+--------------------------|
| 4.4.0-133.159 | 45.1 | generic, lowlatency |
| 4.4.0-133.159~14.04.1 | 45.1 | lowlatency, generic |
| 4.4.0-134.160 | 45.1 | generic, lowlatency |
| 4.4.0-134.160~14.04.1 | 45.1 | lowlatency, generic |
| 4.4.0-135.161~14.04.1 | 45.1 | lowlatency, generic |
| 4.4.0-137.163~14.04.1 | 45.1 | generic, lowlatency |
| 4.4.0-138.164 | 45.1 | generic, lowlatency |
| 4.4.0-138.164~14.04.1 | 45.1 | lowlatency, generic |
| 4.15.0-32.35 | 45.1 | lowlatency, generic |
| 4.15.0-32.35~16.04.1 | 45.1 | generic, lowlatency |
| 4.15.0-33.36 | 45.1 | lowlatency, generic |
| 4.15.0-33.36~16.04.1 | 45.1 | lowlatency, generic |
| 4.15.0-34.37 | 45.1 | generic, lowlatency |
| 4.15.0-34.37~16.04.1 | 45.1 | lowlatency, generic |
| 4.15.0-36.39 | 45.1 | generic, lowlatency |
| 4.15.0-36.39~16.04.1 | 45.1 | generic, lowlatency |
| 4.15.0-38.41 | 45.1 | lowlatency, generic |
| 4.15.0-38.41~16.04.1 | 45.1 | lowlatency, generic |
References:
CVE-2017-13168, CVE-2018-10880, CVE-2018-9363, CVE-2018-16658
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed