Category Archives: Ubuntu

Ubuntu Security Notices

USN-3456-1: X.Org X server vulnerabilities

Ubuntu Security Notice USN-3456-1

17th October, 2017

xorg-server, xorg-server-hwe-16.04, xorg-server-lts-xenial vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the X.Org X server.

Software description

  • xorg-server
    – X.Org X11 server

  • xorg-server-hwe-16.04
    – X.Org X11 server

  • xorg-server-lts-xenial
    – X.Org X11 server

Details

It was discovered that the X.Org X server incorrectly handled certain
lengths. An attacker able to connect to an X server, either locally or
remotely, could use these issues to crash the server, or possibly execute
arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
xserver-xorg-core

2:1.19.3-1ubuntu1.3
Ubuntu 16.04 LTS:
xserver-xorg-core

2:1.18.4-0ubuntu0.7
xserver-xorg-core-hwe-16.04

2:1.19.3-1ubuntu1~16.04.4
Ubuntu 14.04 LTS:
xserver-xorg-core

2:1.15.1-0ubuntu2.11
xserver-xorg-core-lts-xenial

2:1.18.3-1ubuntu2.3~trusty4

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2017-12176,

CVE-2017-12177,

CVE-2017-12178,

CVE-2017-12179,

CVE-2017-12180,

CVE-2017-12181,

CVE-2017-12182,

CVE-2017-12183,

CVE-2017-12184,

CVE-2017-12185,

CVE-2017-12186,

CVE-2017-12187

Read More

USN-3455-1: wpa_supplicant and hostapd vulnerabilities

Ubuntu Security Notice USN-3455-1

16th October, 2017

wpa vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in wpa_supplicant.

Software description

  • wpa
    – client support for WPA and WPA2

Details

Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly
handled WPA2. A remote attacker could use this issue with key
reinstallation attacks to obtain sensitive information. (CVE-2017-13077,
CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,
CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)

Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled
invalid characters in passphrase parameters. A remote attacker could use
this issue to cause a denial of service. (CVE-2016-4476)

Imre Rad discovered that wpa_supplicant and hostapd incorrectly handled
invalid characters in passphrase parameters. A local attacker could use
this issue to cause a denial of service, or possibly execute arbitrary
code. (CVE-2016-4477)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
hostapd

2.4-0ubuntu9.1
wpasupplicant

2.4-0ubuntu9.1
Ubuntu 16.04 LTS:
hostapd

2.4-0ubuntu6.2
wpasupplicant

2.4-0ubuntu6.2
Ubuntu 14.04 LTS:
hostapd

2.1-0ubuntu1.5
wpasupplicant

2.1-0ubuntu1.5

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2016-4476,

CVE-2016-4477,

CVE-2017-13077,

CVE-2017-13078,

CVE-2017-13079,

CVE-2017-13080,

CVE-2017-13081,

CVE-2017-13082,

CVE-2017-13086,

CVE-2017-13087,

CVE-2017-13088

Read More

USN-3453-1: X.Org X server vulnerabilities

Ubuntu Security Notice USN-3453-1

12th October, 2017

xorg-server, xorg-server-hwe-16.04, xorg-server-lts-xenial vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in the X.Org X server.

Software description

  • xorg-server
    – X.Org X11 server

  • xorg-server-hwe-16.04
    – X.Org X11 server

  • xorg-server-lts-xenial
    – X.Org X11 server

Details

Michal Srb discovered that the X.Org X server incorrectly handled shared
memory segments. An attacker able to connect to an X server, either locally
or remotely, could use this issue to crash the server, or possibly replace
shared memory segments of other X clients in the same session.
(CVE-2017-13721)

Michal Srb discovered that the X.Org X server incorrectly handled XKB
buffers. An attacker able to connect to an X server, either locally or
remotely, could use this issue to crash the server, or possibly execute
arbitrary code. (CVE-2017-13723)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
xserver-xorg-core

2:1.19.3-1ubuntu1.2
Ubuntu 16.04 LTS:
xserver-xorg-core

2:1.18.4-0ubuntu0.6
xserver-xorg-core-hwe-16.04

2:1.19.3-1ubuntu1~16.04.3
Ubuntu 14.04 LTS:
xserver-xorg-core

2:1.15.1-0ubuntu2.10
xserver-xorg-core-lts-xenial

2:1.18.3-1ubuntu2.3~trusty3

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2017-13721,

CVE-2017-13723

Read More

USN-3454-1: libffi vulnerability

Ubuntu Security Notice USN-3454-1

12th October, 2017

libffi vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 14.04 LTS

Summary

A security issue was fixed in libffi.

Software description

  • libffi
    – Foreign Function Interface library

Details

It was discovered that libffi incorrectly enforced an executable stack. An
attacker could possibly use this issue, in combination with another
vulnerability, to facilitate executing arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 14.04 LTS:
libffi6

3.1~rc1+r3.0.13-12ubuntu0.2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-1000376

Read More

USN-3443-1: Linux kernel vulnerabilities

Ubuntu Security Notice USN-3443-1

10th October, 2017

linux, linux-raspi2 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04

Summary

Several security issues were fixed in the Linux kernel.

Software description

  • linux
    – Linux kernel

  • linux-raspi2
    – Linux kernel for Raspberry Pi 2

Details

It was discovered that on the PowerPC architecture, the kernel did not
properly sanitize the signal stack when handling sigreturn(). A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2017-1000255)

Andrey Konovalov discovered that a divide-by-zero error existed in the TCP
stack implementation in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash). (CVE-2017-14106)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
linux-image-powerpc-smp 4.10.0.37.37
linux-image-powerpc-e500mc 4.10.0.37.37
linux-image-4.10.0-37-lowlatency

4.10.0-37.41
linux-image-generic-lpae 4.10.0.37.37
linux-image-lowlatency 4.10.0.37.37
linux-image-virtual 4.10.0.37.37
linux-image-4.10.0-1019-raspi2

4.10.0-1019.22
linux-image-powerpc64-smp 4.10.0.37.37
linux-image-generic 4.10.0.37.37
linux-image-4.10.0-37-generic-lpae

4.10.0-37.41
linux-image-4.10.0-37-generic

4.10.0-37.41
linux-image-powerpc64-emb 4.10.0.37.37
linux-image-raspi2 4.10.0.1019.20

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2017-1000255,

CVE-2017-14106

Read More

USN-3442-1: libXfont vulnerabilities

Ubuntu Security Notice USN-3442-1

10th October, 2017

libxfont, libxfont1, libxfont2 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in libXfont.

Software description

  • libxfont
    – X11 font rasterisation library

  • libxfont1
    – X11 font rasterisation library

  • libxfont2
    – X11 font rasterisation library

Details

It was discovered that libXfont incorrectly handled certain patterns in
PatternMatch. A local attacker could use this issue to cause libXfont to
crash, resulting in a denial of service, or possibly obtain sensitive
information. (CVE-2017-13720)

It was discovered that libXfont incorrectly handled certain malformed PCF
files. A local attacker could use this issue to cause libXfont to crash,
resulting in a denial of service, or possibly obtain sensitive information.
(CVE-2017-13722)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
libxfont1

1:1.5.2-4ubuntu0.1
libxfont2

1:2.0.1-3ubuntu0.1
Ubuntu 16.04 LTS:
libxfont1

1:1.5.1-1ubuntu0.16.04.3
libxfont2

1:2.0.1-3~ubuntu16.04.2
Ubuntu 14.04 LTS:
libxfont1

1:1.4.7-1ubuntu0.3

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2017-13720,

CVE-2017-13722

Read More

USN-3441-1: curl vulnerabilities

Ubuntu Security Notice USN-3441-1

10th October, 2017

curl vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in curl.

Software description

  • curl
    – HTTP, HTTPS, and FTP client and client libraries

Details

Daniel Stenberg discovered that curl incorrectly handled large floating
point output. A remote attacker could use this issue to cause curl to
crash, resulting in a denial of service, or possibly execute arbitrary
code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
(CVE-2016-9586)

Even Rouault discovered that curl incorrectly handled large file names when
doing TFTP transfers. A remote attacker could use this issue to cause curl
to crash, resulting in a denial of service, or possibly obtain sensitive
memory contents. (CVE-2017-1000100)

Brian Carpenter and Yongji Ouyang discovered that curl incorrectly handled
numerical range globbing. A remote attacker could use this issue to cause
curl to crash, resulting in a denial of service, or possibly obtain
sensitive memory contents. (CVE-2017-1000101)

Max Dymond discovered that curl incorrectly handled FTP PWD responses. A
remote attacker could use this issue to cause curl to crash, resulting in a
denial of service. (CVE-2017-1000254)

Brian Carpenter discovered that curl incorrectly handled the –write-out
command line option. A local attacker could possibly use this issue to
obtain sensitive memory contents. (CVE-2017-7407)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
libcurl3-nss

7.52.1-4ubuntu1.2
curl

7.52.1-4ubuntu1.2
libcurl3-gnutls

7.52.1-4ubuntu1.2
libcurl3

7.52.1-4ubuntu1.2
Ubuntu 16.04 LTS:
libcurl3-nss

7.47.0-1ubuntu2.3
curl

7.47.0-1ubuntu2.3
libcurl3-gnutls

7.47.0-1ubuntu2.3
libcurl3

7.47.0-1ubuntu2.3
Ubuntu 14.04 LTS:
libcurl3-nss

7.35.0-1ubuntu2.11
curl

7.35.0-1ubuntu2.11
libcurl3-gnutls

7.35.0-1ubuntu2.11
libcurl3

7.35.0-1ubuntu2.11

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2016-9586,

CVE-2017-1000100,

CVE-2017-1000101,

CVE-2017-1000254,

CVE-2017-7407

Read More

USN-3444-1: Linux kernel vulnerabilities

Ubuntu Security Notice USN-3444-1

10th October, 2017

linux, linux-aws, linux-gke, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.04 LTS

Summary

Several security issues were fixed in the Linux kernel.

Software description

  • linux
    – Linux kernel

  • linux-aws
    – Linux kernel for Amazon Web Services (AWS) systems

  • linux-gke
    – Linux kernel for Google Container Engine (GKE) systems

  • linux-kvm
    – Linux kernel for cloud environments

  • linux-raspi2
    – Linux kernel for Raspberry Pi 2

  • linux-snapdragon
    – Linux kernel for Snapdragon processors

Details

Jan H. Schönherr discovered that the Xen subsystem did not properly handle
block IO merges correctly in some situations. An attacker in a guest vm
could use this to cause a denial of service (host crash) or possibly gain
administrative privileges in the host. (CVE-2017-12134)

Andrey Konovalov discovered that a divide-by-zero error existed in the TCP
stack implementation in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash). (CVE-2017-14106)

Otto Ebeling discovered that the memory manager in the Linux kernel did not
properly check the effective UID in some situations. A local attacker could
use this to expose sensitive information. (CVE-2017-14140)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.04 LTS:
linux-image-powerpc-e500mc 4.4.0.97.102
linux-image-4.4.0-97-lowlatency

4.4.0-97.120
linux-image-4.4.0-1032-gke

4.4.0-1032.32
linux-image-kvm 4.4.0.1008.8
linux-image-4.4.0-97-generic

4.4.0-97.120
linux-image-4.4.0-1075-raspi2

4.4.0-1075.83
linux-image-4.4.0-1008-kvm

4.4.0-1008.13
linux-image-4.4.0-97-powerpc-smp

4.4.0-97.120
linux-image-snapdragon 4.4.0.1077.69
linux-image-4.4.0-97-powerpc64-smp

4.4.0-97.120
linux-image-powerpc64-emb 4.4.0.97.102
linux-image-4.4.0-97-powerpc-e500mc

4.4.0-97.120
linux-image-gke 4.4.0.1032.33
linux-image-4.4.0-97-generic-lpae

4.4.0-97.120
linux-image-generic 4.4.0.97.102
linux-image-4.4.0-1077-snapdragon

4.4.0-1077.82
linux-image-aws 4.4.0.1038.40
linux-image-4.4.0-97-powerpc64-emb

4.4.0-97.120
linux-image-raspi2 4.4.0.1075.75
linux-image-powerpc-smp 4.4.0.97.102
linux-image-generic-lpae 4.4.0.97.102
linux-image-4.4.0-1038-aws

4.4.0-1038.47
linux-image-powerpc64-smp 4.4.0.97.102
linux-image-lowlatency 4.4.0.97.102

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2017-12134,

CVE-2017-14106,

CVE-2017-14140

Read More

USN-3424-2: libxml2 vulnerabilities

Ubuntu Security Notice USN-3424-2

10th October, 2017

libxml2 vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 12.04 LTS

Summary

Several security issues were fixed in libxml2.

Software description

  • libxml2
    – GNOME XML library

Details

USN-3424-1 fixed several vulnerabilities in libxml2. This update
provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

It was discovered that a type confusion error existed in libxml2. An
attacker could use this to specially construct XML data that
could cause a denial of service or possibly execute arbitrary
code. (CVE-2017-0663)

It was discovered that libxml2 did not properly validate parsed entity
references. An attacker could use this to specially construct XML
data that could expose sensitive information. (CVE-2017-7375)

It was discovered that a buffer overflow existed in libxml2 when
handling HTTP redirects. An attacker could use this to specially
construct XML data that could cause a denial of service or possibly
execute arbitrary code. (CVE-2017-7376)

Marcel Böhme and Van-Thuan Pham discovered a buffer overflow in
libxml2 when handling elements. An attacker could use this to specially
construct XML data that could cause a denial of service or possibly
execute arbitrary code. (CVE-2017-9047)

Marcel Böhme and Van-Thuan Pham discovered a buffer overread
in libxml2 when handling elements. An attacker could use this
to specially construct XML data that could cause a denial of
service. (CVE-2017-9048)

Marcel Böhme and Van-Thuan Pham discovered multiple buffer overreads
in libxml2 when handling parameter-entity references. An attacker
could use these to specially construct XML data that could cause a
denial of service. (CVE-2017-9049, CVE-2017-9050)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 12.04 LTS:
libxml2

2.7.8.dfsg-5.1ubuntu4.18

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

CVE-2017-0663,

CVE-2017-7375,

CVE-2017-7376,

CVE-2017-9047,

CVE-2017-9048,

CVE-2017-9049,

CVE-2017-9050

Read More

USN-3443-2: Linux kernel (HWE) vulnerabilities

Ubuntu Security Notice USN-3443-2

10th October, 2017

linux-hwe vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 16.04 LTS

Summary

Several security issues were fixed in the Linux kernel.

Software description

  • linux-hwe
    – Linux hardware enablement (HWE) kernel

Details

USN-3443-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04.
This update provides the corresponding updates for the Linux Hardware
Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS.

It was discovered that on the PowerPC architecture, the kernel did not
properly sanitize the signal stack when handling sigreturn(). A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2017-1000255)

Andrey Konovalov discovered that a divide-by-zero error existed in the TCP
stack implementation in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash). (CVE-2017-14106)

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 16.04 LTS:
linux-image-4.10.0-37-lowlatency

4.10.0-37.41~16.04.1
linux-image-lowlatency-hwe-16.04

4.10.0.37.39
linux-image-generic-hwe-16.04

4.10.0.37.39
linux-image-4.10.0-37-generic-lpae

4.10.0-37.41~16.04.1
linux-image-4.10.0-37-generic

4.10.0-37.41~16.04.1
linux-image-generic-lpae-hwe-16.04

4.10.0.37.39

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

CVE-2017-1000255,

CVE-2017-14106

Read More