You are here
Home > Preporuke > Ranjivosti jezgre operacijskog sustava

Ranjivosti jezgre operacijskog sustava

  • Detalji os-a: LUB
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-2374-1
October 09, 2014

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
– linux: Linux kernel

Details:

Ben Hawkes reported some off by one errors for report descriptors in the
Linux kernel’s HID stack. A physically proximate attacker could exploit
these flaws to cause a denial of service (out-of-bounds write) via a
specially crafted device. (CVE-2014-3184)

Several bounds check flaws allowing for buffer overflows were discovered in
the Linux kernel’s Whiteheat USB serial driver. A physically proximate
attacker could exploit these flaws to cause a denial of service (system
crash) via a specially crafted device. (CVE-2014-3185)

A flaw was discovered in the Linux kernel’s UDF filesystem (used on some
CD-ROMs and DVDs) when processing indirect ICBs. An attacker who can cause
CD, DVD or image file with a specially crafted inode to be mounted can
cause a denial of service (infinite loop or stack consumption).
(CVE-2014-6410)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.32-67-386 2.6.32-67.134
linux-image-2.6.32-67-generic 2.6.32-67.134
linux-image-2.6.32-67-generic-pae 2.6.32-67.134
linux-image-2.6.32-67-ia64 2.6.32-67.134
linux-image-2.6.32-67-lpia 2.6.32-67.134
linux-image-2.6.32-67-powerpc 2.6.32-67.134
linux-image-2.6.32-67-powerpc-smp 2.6.32-67.134
linux-image-2.6.32-67-powerpc64-smp 2.6.32-67.134
linux-image-2.6.32-67-preempt 2.6.32-67.134
linux-image-2.6.32-67-server 2.6.32-67.134
linux-image-2.6.32-67-sparc64 2.6.32-67.134
linux-image-2.6.32-67-sparc64-smp 2.6.32-67.134
linux-image-2.6.32-67-versatile 2.6.32-67.134
linux-image-2.6.32-67-virtual 2.6.32-67.134

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-2374-1
CVE-2014-3184, CVE-2014-3185, CVE-2014-6410

Package Information:
https://launchpad.net/ubuntu/+source/linux/2.6.32-67.134

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJUNmroAAoJEAUvNnAY1cPYPPUP/isvqrxbXDRo8UXj/a1B1O2k
1MRDQmd1229MTZ8K7BshAXEa6NpjH6dvc9V4G33EsbOnjC3qkAYl8Ajfr44ue4QH
YnjVuYY1lrj39zI2H/nMcCURGYwx0XIqVbM92oxejDXglBSuBvjcNGqKnNimJybi
Wbsz8rBY1UIkve0QlL4bzA/x+rsRj1m6cKZhs4Efnyj8Z0c6r5JJ/TJZ17tfc5OP
Z7NnfSfeUv23s9Yt38+7J4Z5hIPrKi1i4PTMsBL2YoCxumMM7ufVg/ikFUBDR1qb
UiGxsRqHCQ3f9ahv4UWeqYFwI1/dFP2LkGGKwYMd2bt2Of5iXqWY/k4t62Omt11h
5n8q/l4OmkpfxoOr07D8YUp92fCf727FIeNha0oLSnulS+JbSZfBFsVlT9bw8XHy
aXTFZZTibVBPNfHWPsguei/EXaP29m+sY0hrzkDjac3dHEqtpq9awDm05fONefVg
baiO3Lu+mWWrWyzRufE3bZ0qKxGM9I74CLR01LgF2SVlDF9FxMUe5DrlqZDd1RMV
3YbS7/S+2mRY91N6CWCkJvY9bl6r82dR7ZXuF5aTICn6BwkgLST53lqxmYIoWWic
atiOlGnENPH/2mXgoq5q+FW1sHLqwjvhQyRPGqacCgSbG1o4Jav4ufv3IvJrkASI
t+4s7Gdu7a9WvGRdw1FN
=HWmO
—–END PGP SIGNATURE—–

AutorTomislav Protega
Cert idNCERT-REF-2014-10-0012-ADV
CveCVE-2014-3184 CVE-2014-3185 CVE-2014-6410
ID izvornikaUSN-2374-1
Proizvodlinux
Izvorhttp://www.ubuntu.com
Top
More in Preporuke
Ranjivost jezgre operacijskog sustava

Otkrivena je ranjivost u funkciji futex_wait (kernel/futex.c) u jezgri operacijskog sustava RHEL 6.4 Extended Update Support, a mogla je biti...

Close