You are here
Home > Preporuke > Sigurnosni propusti programskog paketa lxcfs

Sigurnosni propusti programskog paketa lxcfs

  • Detalji os-a: LUB
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-2813-1
November 17, 2015

lxcfs vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 15.10
– Ubuntu 15.04

Summary:

Several security issues were fixed in LXCFS.

Software Description:
– lxcfs: FUSE based filesystem for LXC

Details:

It was discovered that LXCFS incorrectly enforced directory escapes. A
local attacker could use this issue to possibly escalate privileges.
(CVE-2015-1342)

It was discovered that LXCFS incorrectly checked certain permissions. A
local attacker could use this issue t possibly escalate privileges.
(CVE-2015-1344)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
lxcfs 0.10-0ubuntu2.1

Ubuntu 15.04:
lxcfs 0.7-0ubuntu4.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2813-1
CVE-2015-1342, CVE-2015-1344

Package Information:
https://launchpad.net/ubuntu/+source/lxcfs/0.10-0ubuntu2.1
https://launchpad.net/ubuntu/+source/lxcfs/0.7-0ubuntu4.1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAEBCgAGBQJWS3K1AAoJEGVp2FWnRL6TQCEP/RdqLMQnoEpdBRrzsp1gEoF9
d0O+k1Bt7B+vGS0C8pRO3pHe7jPjEoLSFGyK/CSjhwKSs1EH6+R/L7QN1giL1rH4
aiXf/L6x6GVbm2NvVopr6hz7/Gy2QdRC1EWRIBjPVnXS3pGvnoz6KO/BDy9t1g3Q
3BypG4KBUA+AbYzibtqWbQnJKej6CeA1hTzofjmXTNm4cFZJtdTnJorjA54LLQbh
1Yqn+jOopJ7RiaKXNUGp45Csy6LynzLuu+50iEbs0v4v/F1b/yyk0MaYLQx2Cazu
T2Y7wLzLuim5ZEjCjDrRMeiQ8gmdQiIlPrUQaOieejVv47jvo+gkoVblYlQzls7+
vAXfB7n4o0XLXjETYRcC+kpIs//kA91/VGNngsKB3mwKGqj7e5peu77itFS1eT1H
3hxKQbTm7OiyfaGlNUCmjBmD7sOGAtMJkSx1Wb1DfJj/11tf4iluHGhDCO71llK4
a6xqcj05Fv/80CG+S2SWVWu952jxJoFy9DwlG+w9iqp5oIUC2Ai5k8CQqRjDmGFN
cQRBS8kYx75uBci6L8X1idl7H2cWvhxeSQj4BrGFTKksRTIMV0T5uXfL7YiIwKXC
+Fsc8oNWUuoJJRi4MO2fGy3mqVse/v5xoTyqVKeuZeJE0cJO+BJPmCGYq4GI57mt
fpQrgRZSYxsvpMkk2oFG
=HrYS
—–END PGP SIGNATURE—–

AutorTomislav Protega
Cert idNCERT-REF-2015-11-0006-ADV
CveCVE-2015-1342 CVE-2015-1344
ID izvornikaUSN-2813-1
Proizvodlxcfs
Izvorhttp://www.ubuntu.com
Top
More in Preporuke
Ranjivosti programskog paketa cyrus-imapd

Otkrivene su dvije ranjivosti u programskom paketu cyrus-imapd za Fedoru. Potencijalni udaljeni napadači ranjivosti bi mogli iskoristiti za otkrivanje informacija...

Close