You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa ppp

Sigurnosni nedostatak programskog paketa ppp

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4451-2
August 06, 2020

ppp vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 ESM
– Ubuntu 12.04 ESM

Summary:

ppp could be made to load arbitrary kernel modules and possibly run
programs.

Software Description:
– ppp: Point-to-Point Protocol (PPP)

Details:

USN-4451-1 fixed a vulnerability in ppp. This update provides
the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Original advisory details:

Thomas Chauchefoin discovered that ppp incorrectly handled module loading.
A local attacker could use this issue to load arbitrary kernel modules and
possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 ESM:
ppp 2.4.5-5.1ubuntu2.3+esm2

Ubuntu 12.04 ESM:
ppp 2.4.5-5ubuntu1.4

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4451-2
https://usn.ubuntu.com/4451-1
CVE-2020-15704
—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl8sJCkACgkQRbznW4QL
H2mhqQ/+Neilc3fvlbgo1SGmKntGUAGPV4/5+jJfzusQOnfWCUiYvC8XaL/mehCI
D2ftDAwWm9q88UzpQlARmyTCMt5dBDvvWXvEUC+d/KV7k7OFQ9epDaC4rH9tECMf
Dd5vtr8iSQIp6ys9lqEr63o+DKDRnKhnBiI1him84+3TgYJ6BiCwB/5PsE5St/dT
YHYWRBlZ2sru++eAYkKBV1IRKyIY487EjB2qLUsJApDWTX7BdP5qhhSUcS4/Wkgh
mCtJnkG4E3FRHmsjgduJpFZuk80WXhV8O1mVOOmydl3decdEBHUx+dR00OVxJ9z2
XMO+Us3ox2/SfBjD+6+7/8KxIGML9t5b1rhkxn4Nm+RgNeOMHR8UmH/HfRQ6rNAO
qrUrrm9ssCjHr/4RyOn90ixzTr4QvUfp/77p0amTNYxC05tH9ux9GEO4hTzPqzb4
MH2M5qv8BWBjE/Kp5JHuEozgz95ze4cuvRPJHSVFKb2w6TrTtiabsHgl9QqkkVP/
/78D4U0eypBdr1xDETidwHBa6qFDBLXpqvXm97VgOBAGep2lpCddvA8Vmq97nP8h
x0ACuiBVxEvbiXQ9M6+t9xMcIxUAQtswWXXIgK6qJ5LVQ3rH2w35Fl5j04Hwzpz2
EzLjL+zgYwiYpy3K8ZCR3IbD6ez/Wpusc0JVUczJKL3rTVwret0=
=+SDt
—–END PGP SIGNATURE—–

AutorFilip Omazic
Cert idNCERT-REF-2020-08-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci jezgre operacijskog sustava

Otkriveni su sigurnosni nedostaci jezgre operacijskog sustava openSUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja, izvršavanje proizvoljnog programskog koda...

Close