MDVSA-2015:218: glibc

Multiple vulnerabilities has been found and corrected in glibc:

It was discovered that, under certain circumstances, glibc’s
getaddrinfo() function would send DNS queries to random file
descriptors. An attacker could potentially use this flaw to send DNS
queries to unintended recipients, resulting in information disclosure
or data loss due to the application encountering corrupted data
(CVE-2013-7423).

A buffer overflow flaw was found in the way glibc’s gethostbyname_r()
and other related functions computed the size of a buffer when passed
a misaligned buffer as input. An attacker able to make an application
call any of these functions with a misaligned buffer could use this
flaw to crash the application or, potentially, execute arbitrary
code with the permissions of the user running the application
(CVE-2015-1781).

The updated packages provides a solution for these security issues.

Read more

MDVSA-2015:217: sqlite3

Multiple vulnerabilities has been found and corrected in sqlite3:

SQLite before 3.8.9 does not properly implement the dequoting of
collation-sequence names, which allows context-dependent attackers to
cause a denial of service (uninitialized memory access and application
crash) or possibly have unspecified other impact via a crafted COLLATE
clause, as demonstrated by COLLATE at the end of a SELECT statement
(CVE-2015-3414).

The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9
does not properly implement comparison operators, which allows
context-dependent attackers to cause a denial of service (invalid
free operation) or possibly have unspecified other impact via a
crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE
TABLE statement (CVE-2015-3415).

The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does
not properly handle precision and width values during floating-point
conversions, which allows context-dependent attackers to cause a
denial of service (integer overflow and stack-based buffer overflow)
or possibly have unspecified other impact via large integers in a
crafted printf function call in a SELECT statement (CVE-2015-3416).

The updated packages provides a solution for these security issues.

Read more

RHSA-2015:0921-1: Important: chromium-browser security and bug fix update

Red Hat Enterprise Linux: Updated chromium-browser packages that fix multiple security issues and one
bug are now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.
CVE-2015-1243, CVE-2015-1250

Read More

RHSA-2015:0919-1: Important: kernel security update

Red Hat Enterprise Linux: Updated kernel packages that fix one security issue are now available for
Red Hat Enterprise Linux 5.6 Long Life.

Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
CVE-2014-8159

Read More

USN-2583-1: Linux kernel vulnerability

Ubuntu Security Notice USN-2583-1

30th April, 2015

linux vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 10.04 LTS

Summary

The system could be made to run programs as an administrator.

Software description

  • linux
    – Linux kernel

Details

A race condition between chown() and execve() was discovered in the Linux
kernel. A local attacker could exploit this race by using chown on a
setuid-user-binary to gain administrative privileges.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 10.04 LTS:
linux-image-2.6.32-74-powerpc

2.6.32-74.142
linux-image-2.6.32-74-386

2.6.32-74.142
linux-image-2.6.32-74-sparc64

2.6.32-74.142
linux-image-2.6.32-74-generic-pae

2.6.32-74.142
linux-image-2.6.32-74-preempt

2.6.32-74.142
linux-image-2.6.32-74-lpia

2.6.32-74.142
linux-image-2.6.32-74-sparc64-smp

2.6.32-74.142
linux-image-2.6.32-74-powerpc64-smp

2.6.32-74.142
linux-image-2.6.32-74-versatile

2.6.32-74.142
linux-image-2.6.32-74-generic

2.6.32-74.142
linux-image-2.6.32-74-virtual

2.6.32-74.142
linux-image-2.6.32-74-server

2.6.32-74.142
linux-image-2.6.32-74-powerpc-smp

2.6.32-74.142
linux-image-2.6.32-74-ia64

2.6.32-74.142

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-3339

Read More

USN-2584-1: Linux kernel (EC2) vulnerability

Ubuntu Security Notice USN-2584-1

30th April, 2015

linux-ec2 vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 10.04 LTS

Summary

The system could be made to run programs as an administrator.

Software description

  • linux-ec2
    – Linux kernel for EC2

Details

A race condition between chown() and execve() was discovered in the Linux
kernel. A local attacker could exploit this race by using chown on a
setuid-user-binary to gain administrative privileges.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 10.04 LTS:
linux-image-2.6.32-377-ec2

2.6.32-377.94

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References

CVE-2015-3339

Read More