You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa ppp

Sigurnosni nedostaci programskog paketa ppp

by - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4451-1
August 04, 2020

ppp vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.04 LTS
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

ppp could be made to load arbitrary kernel modules and possibly run
programs.

Software Description:
– ppp: Point-to-Point Protocol (PPP)

Details:

Thomas Chauchefoin discovered that ppp incorrectly handled module loading.
A local attacker could use this issue to load arbitrary kernel modules and
possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
ppp 2.4.7-2+4.1ubuntu5.1

Ubuntu 18.04 LTS:
ppp 2.4.7-2+2ubuntu1.3

Ubuntu 16.04 LTS:
ppp 2.4.7-1+2ubuntu1.16.04.3

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4451-1
CVE-2020-15704

Package Information:
https://launchpad.net/ubuntu/+source/ppp/2.4.7-2+4.1ubuntu5.1
https://launchpad.net/ubuntu/+source/ppp/2.4.7-2+2ubuntu1.3
https://launchpad.net/ubuntu/+source/ppp/2.4.7-1+2ubuntu1.16.04.3

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl8pq9oACgkQZWnYVadE
vpMzmg/+PMS8cAk0PNsPqvNjSJx3r3mAgFxR7Wk9zGXCeTo975Wi2Xj58b+7f39z
9o/DpflS3yCrQpuSlWsFP/58Tm9a6B7vjEsOz1/VLY1Pi5D2MoTNabLWAyn+5kzj
WUlLecQPhx7+PyTHVmSOGTUmUl7lGG4WJu0apWbsJ89g2EaAcH0jZ6BVBex3oh/J
Wq/9gV1L+CkarN5ennYiYhevEw+t0IxLICLmtZbfkpm0uQCYdtETdhEe/dYv89hQ
Msc8ZEo4Z+xhu00U2jpizO4FZ7jd0ihQ2v0eDlL7EZSBfJAjKGwgxYx2ReFUNzEC
+ezygjz/kWttnPfNdE2wKYUmTOVd0I8nMaR0dj9TcBd637T9Htm7ro5NbySwVJsL
wTHI7whEz9DyvT1YEgTloMwgCn6BOXjxebi9Ynp0ZqZZjN4uGaLlo9dlk6pbwtv5
TLjyc78RzD7ka2v9FVHvPKrw30DbiTzx5sHUsF9ag2cGFKlVjzuZDJvh9KsplIUj
ox+ySS28osSGx+on6DqPi3GFqYRO8HkxxLFD4UB978dmPEtdNr7RktkAPvqXapK5
+IiLoPbVPjmNlzpj6Sy8qXr+PU1aqYBOYmtvr0Rf1obZkde5LFfNmgrrXyivmklE
PFs0SpzVRBub03nA4qK79o4P9ys/pFMIwFw78Zxv6NwtqtDtd54=
=P8Y3
—–END PGP SIGNATURE—–

AutorFilip Omazic
Cert idNCERT-REF-2020-08-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa mingw-curl

Otkriveni su sigurnosni nedostaci u programskom paketu mingw-curl za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju izvršavanje proizvoljnog programskog...

Close