You are here
Home > Preporuke > Ranjivost jezgre operacijskog sustava

Ranjivost jezgre operacijskog sustava

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-3104-1
October 20, 2016

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.04 LTS

Summary:

The system could be made to run programs as an administrator.

Software Description:
– linux: Linux kernel

Details:

It was discovered that a race condition existed in the memory manager of
the Linux kernel when handling copy-on-write breakage of private read-only
memory mappings. A local attacker could use this to gain administrative
privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.2.0-113-generic 3.2.0-113.155
linux-image-3.2.0-113-generic-pae 3.2.0-113.155
linux-image-3.2.0-113-highbank 3.2.0-113.155
linux-image-3.2.0-113-omap 3.2.0-113.155
linux-image-3.2.0-113-powerpc-smp 3.2.0-113.155
linux-image-3.2.0-113-powerpc64-smp 3.2.0-113.155
linux-image-3.2.0-113-virtual 3.2.0-113.155

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
http://www.ubuntu.com/usn/usn-3104-1
CVE-2016-5195

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.2.0-113.155

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIbBAEBCgAGBQJYCC3CAAoJEC8Jno0AXoH0ol4P+L7zI4NYAcHRWNR44buZJCgz
aPsFqvenKGkYcI8dEFX+QARDZg0pmh8s1oCM9tS+ThZY3DgLBXt2uQEhutivAgJz
SQ3/60EgSAoDjTHKKhHdx3tmkEdvNTpm2tXLD21lUFQEUVbbVV/NoGCJtOdBKTZ1
na2XRdFHDkJUZbRFUny1BFFznf96ysaTb9QK4oFpSwI0RI0RRe8ew8rnzAxXb/ee
q7RirIe2ZV74dlrJiduf20vCPR1oCWu5+l+R/pD+nc3sCtQ4pYEx+cinYVSuzQH4
BH/W4OaXPjasgjJaXd8+iQuOzY8gMQ6YLzheKtLtBQbBVxdIPj7S3BtgWod4hWUX
sBVUh702Qvast7bSWpV/pg/NBnjR6GJA56lsNBWCeDqybs/jqEjY1ZAheCYIS+mZ
SHef8odl0PmVVg0qNG2z2+O7pROy5gxBbBvaowRYw+LgvPmrszYoSULXYB1dGYLw
07dHeT8e93sdGYIpthk3RsA2KYNKfVtUlJwVxGQqaoflBDmuGvFzIn+hXfESw6O5
gbOdsGbEDfMhSe1mGBrqbygg+a37LyG30VUj9LCAq/zpN19spI7yVTOO+VQSf8jH
vsajxvqSiq/1XZ+a2/z82rwZJzwvycvJBN004+YcNxxEhzdJOHSdsCVL+Tksi8Lf
xRcX8ieH/EIh6WrwPvY=
=6hiG
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3107-1
October 20, 2016

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.10

Summary:

The system could be made to run programs as an administrator.

Software Description:
– linux: Linux kernel

Details:

It was discovered that a race condition existed in the memory manager of
the Linux kernel when handling copy-on-write breakage of private read-only
memory mappings. A local attacker could use this to gain administrative
privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
linux-image-4.8.0-26-generic 4.8.0-26.28
linux-image-4.8.0-26-generic-lpae 4.8.0-26.28
linux-image-4.8.0-26-lowlatency 4.8.0-26.28
linux-image-4.8.0-26-powerpc-e500mc 4.8.0-26.28
linux-image-4.8.0-26-powerpc-smp 4.8.0-26.28
linux-image-4.8.0-26-powerpc64-emb 4.8.0-26.28

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
http://www.ubuntu.com/usn/usn-3107-1
CVE-2016-5195

Package Information:
https://launchpad.net/ubuntu/+source/linux/4.8.0-26.28

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJYCC8yAAoJEC8Jno0AXoH0yz0P/RMIkun5MJTaFzPfbmEV4qcn
M3o4NF8a44zw8pE/LMva0PwD5fZVAjvmzTxJvbbkHXA02DTCf+sdwAHhs6Gmcoa1
JoC/3uLzaXUE7dpCBYSAPcJ0PqENXh1O9nbiyN6xOdof/QazQ6wfjJXGsUz1jRNl
lVBGjNZBP7qriyM+3Mqh647C7zO13hon+hgY5V+X8jCgK2vWSZ07Zq6SsxlBi1o9
+FFj4l+1jXjIkff2G/PbyDJjXNs1OlENrGifPaXN/95Qk45Lwxbcpd15/Wh/9Yr3
gvFSrtuM/DonJqTVBMR8o5xfW7QR0iboDub3VjLuNX/Y26Wu1pTLpA2Hu6pOxD6S
jyc2nwpsSlLBPxzJBfsLQ/0MsWFI82or+w32lHhPLg9UsFt+bJDeZQzKb0cvgviw
Gv3g473GlzHpGooh2obPRmjqzBY33+elH+T7Pm+z7ueGnsioK7ukrUYKRSDbwyLs
WVx1OjUfy7+cfwXbnjehH+3j5Omx/50MqggS8Gg5pBsElmfYrpFYLxmWcSk7PVCi
pbJiif6g82IPzEqi2KRKggELcMqlIhiL9nLK86DmavbJkcBJKfo45Rwhyi/nZbOJ
4qMH9ckaY5Nbkx/lBT6g7d529qPRk2wZYjYfjFmPAv9rDKGU75qI7hAozfOl/PmN
n74Bgw2gOGI0JGLG7+ic
=/3+Q
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3106-1
October 20, 2016

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.04 LTS

Summary:

The system could be made to run programs as an administrator.

Software Description:
– linux: Linux kernel

Details:

It was discovered that a race condition existed in the memory manager of
the Linux kernel when handling copy-on-write breakage of private read-only
memory mappings. A local attacker could use this to gain administrative
privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
linux-image-4.4.0-45-generic 4.4.0-45.66
linux-image-4.4.0-45-generic-lpae 4.4.0-45.66
linux-image-4.4.0-45-lowlatency 4.4.0-45.66
linux-image-4.4.0-45-powerpc-e500mc 4.4.0-45.66
linux-image-4.4.0-45-powerpc-smp 4.4.0-45.66
linux-image-4.4.0-45-powerpc64-emb 4.4.0-45.66
linux-image-4.4.0-45-powerpc64-smp 4.4.0-45.66

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
http://www.ubuntu.com/usn/usn-3106-1
CVE-2016-5195

Package Information:
https://launchpad.net/ubuntu/+source/linux/4.4.0-45.66

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJYCC8iAAoJEC8Jno0AXoH0VzkP/jO5++sGjMDG4xPlBG3CqUTt
uZb4LPlXFIWx7zM1P9IYuChIg5P57ZrMbgm4Q/b3Dh9eD0fFE3EToYlN2ycgKJmU
dQnpFUFLLSZYoyrmTdbBKpGDgTLfOhpEVLLgWEGGd7fam0ESdl3qVYyCu87e5dfs
Lv4/x8qqEtpj2W8SbCQ84BKC92yEifBJ3XMUe63PiLCLZSGYb74WNHec3DMnzhOX
Vb3pAXK3IEOHd5Q0FKXxHraU+biBehfEwFKYWSIG2e+wn5B/fQVX/d3cn9Ivug3P
7bV4irj2QoFy0TXBQ27fPbzOcxcPKdO6wrzsW7dZ7PA2xQN4Zq4pMZ2jLQGOnAsO
M5YX4w1IhEHFmadAdD52kpyENASgY7tbq/tGjVEuIz9jtsg2+6PXxs++zTHinw8w
tBFkEtHkRzYf6FU/WUIqPpjGP2p+QGyQsAtn9OSTdXG8EBmH69sO3lPJ0yie/wmL
u5D21qu/lrJS1jCYklkPkDaUCarosIhkKTdrXcQ0XyQb8Y8CnOPDIv3i4BNnzxUT
KfXolafQCFmoqCrk91OsyEtAVmUz+JnqrUy3NRVqBN+DWAEyVz6bfANLYAkkIYjz
vaNbB3wwyrMH2KhLguSngxJJgxALDn8yK+Zy930NezW1DJDZgRMPAq+Obdrz8mzc
WiYNlTq+7DAvTGatb3M+
=bCA1
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3105-1
October 20, 2016

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 LTS

Summary:

The system could be made to run programs as an administrator.

Software Description:
– linux: Linux kernel

Details:

It was discovered that a race condition existed in the memory manager of
the Linux kernel when handling copy-on-write breakage of private read-only
memory mappings. A local attacker could use this to gain administrative
privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
linux-image-3.13.0-100-generic 3.13.0-100.147
linux-image-3.13.0-100-generic-lpae 3.13.0-100.147
linux-image-3.13.0-100-lowlatency 3.13.0-100.147
linux-image-3.13.0-100-powerpc-e500 3.13.0-100.147
linux-image-3.13.0-100-powerpc-e500mc 3.13.0-100.147
linux-image-3.13.0-100-powerpc-smp 3.13.0-100.147
linux-image-3.13.0-100-powerpc64-emb 3.13.0-100.147
linux-image-3.13.0-100-powerpc64-smp 3.13.0-100.147

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
http://www.ubuntu.com/usn/usn-3105-1
CVE-2016-5195

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.13.0-100.147

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJYCC8QAAoJEC8Jno0AXoH0rhAP+wWWFsGGrAgRd6hii1RUrGkt
tPnEypwohEMWtrIWaU24xDI3MoykYq29W78jVbCj5YkF6aLt5ydbaR0ypK7KGjue
wdAfZoj1Tq6ZEmhTzN9bdRZrUSmne/ZmvlkO1b/0oER8w74m2vXxU9E8FfXoGYaQ
9DKLEUSLrZCj8+IXdwIVTt+4MdTqRje/GmWF3s5fT/Eobn/ouS/B8Rh2I7cetsTI
GOmo3SksTWXsSNbTLvNt4HEFn7OpS2TBIdaZU7lAFk7Yzzr50excfx5zOfQ3bOqx
9OGYIpQwCdfAkkaM9pX1N5L5J+kKgNDQ8caN3rPVQjX/LkbqFARF+fiheS7c+Ovc
SHNzuUSA7XUi3ri8GRA/XK5S6AXhrIMURP2pgwxgd0QAsHGadQ3usZlctSUxhgAT
p6gj8RHbwieJlrEO823UJPmicZaTuUzC70uiFJBU+LVxB5aY93T40ZOLO8Xoe8Ie
Zde07IVZgV12/Zq9suXBSYObXErsWWjLKJolKUsIHg7Vj1Iu144FpE2bXojRPwC9
AdEPOhirpaG1rRJRWYdWMbX9s/kMlET/BsMdsHgqhwdhE6A89/DOr0dQkzPdLcGd
rP9bYOsnHFZgrtdhokV6d02gPpBJetIlmMQicULf4B3rPjis6VZB2Zb8g6uCOAt/
eDIP2go+4mHTnhWyUdWu
=rvQ+
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3105-2
October 20, 2016

linux-lts-trusty vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.04 LTS

Summary:

The system could be made to run programs as an administrator.

Software Description:
– linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise

Details:

USN-3105-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu
12.04 LTS.

It was discovered that a race condition existed in the memory manager of
the Linux kernel when handling copy-on-write breakage of private read-only
memory mappings. A local attacker could use this to gain administrative
privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.13.0-100-generic 3.13.0-100.147~precise1
linux-image-3.13.0-100-generic-lpae 3.13.0-100.147~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
http://www.ubuntu.com/usn/usn-3105-2
http://www.ubuntu.com/usn/usn-3105-1
CVE-2016-5195

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-trusty/3.13.0-100.147~precise1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJYCDndAAoJEC8Jno0AXoH03u8P+QGTo3X5fQJQO7/btOQdZe+A
5bcuKn82baC8khlOvOERf52WWgBqH0v5PIgnMwWaNeLUmtleJBP5qxqgXBLXonA2
WLSP3KURLMuiEamny1L0AIA1YAl93Kl1o8cPrPGniY5Cpg4TZMbaiuJ/2Ybq92MN
CbHOyqygcvYuNxnTtT2g8ZCHnecfwQCtw4qogTBEUd29HwAfKdVm18ldWr2q02LF
AR7/Gd3NGz40cU52aQCj9KI406zLnYV6XcmqZDEYoClSFdYe1NtlMZ3AvObp7wHu
n4hI/M/ff3Yk4g1/IKWTr8GqmRuu98uXGU+ZnUB0fkHBP3+KRGr5oUjPgkr54fiq
GwzcmRJ+zLZsWnvGl9lNBa/emQK5zhgP4sYdFgzvQL0CE8sh9PF2TDf+h9nLTMpT
QAIJvRsfOn65jadqCP8pVJnR8sKbvV8X7L+DkWEccv4sHRq2wT/F46xt8jlEvo+i
e0c1RD0faFsyNLCf3sNJdrWHAB6RpE6tOH4/y1680jpx0httkqRcMDfOilMikKg6
YCJPrQFhgO5LeleChpiiApGg4BKvGtCfWCTa9XbjZmfjsnPkse3BwRKKEFZUMH/e
XgtFVR8U2VvacV7ShwWs0U5P/IgVffrOXr4gdLHJpTKNdofkPNo0+5COeZHAdFfk
wMbncfgHlHZD9OsmkiTy
=eFq6
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3106-2
October 20, 2016

linux-lts-xenial vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 14.04 LTS

Summary:

The system could be made to run programs as an administrator.

Software Description:
– linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty

Details:

USN-3106-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.

It was discovered that a race condition existed in the memory manager of
the Linux kernel when handling copy-on-write breakage of private read-only
memory mappings. A local attacker could use this to gain administrative
privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
linux-image-4.4.0-45-generic 4.4.0-45.66~14.04.1
linux-image-4.4.0-45-generic-lpae 4.4.0-45.66~14.04.1
linux-image-4.4.0-45-lowlatency 4.4.0-45.66~14.04.1
linux-image-4.4.0-45-powerpc-e500mc 4.4.0-45.66~14.04.1
linux-image-4.4.0-45-powerpc-smp 4.4.0-45.66~14.04.1
linux-image-4.4.0-45-powerpc64-emb 4.4.0-45.66~14.04.1
linux-image-4.4.0-45-powerpc64-smp 4.4.0-45.66~14.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
http://www.ubuntu.com/usn/usn-3106-2
http://www.ubuntu.com/usn/usn-3106-1
CVE-2016-5195

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-45.66~14.04.1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJYCDnrAAoJEC8Jno0AXoH0w6UP/38u6I9fbhavRvg/3/EQoQT6
YmRWqfWKjY2Lrv3Y5z/9TVAKf/3sDe13zDGdEWju2+qFcNjLkCl9ndA6I/PpJgzP
uNHlz64jk/BYoRH9plOt+i8C3lodrSFR2mkPzpzOKl0/OmurMA9LwEmkzsvPhlwc
2Feqe7J568flvajrs/4eI0G+nzMafgWwIAVHNd2NDyLsbEYd6EMgXFF5i6+DR93Z
az02KGIGkQ3c3B/hmgpcjb08VF/2UzncNejvzgQ0g0wbkKzZMc42lf2N/mwbjwG4
O2JDjF8fU/OTBTF7dGxueXlXxvrCanesmXUO0OKmPCRJlFsnd9d7lr/bGFN0uFKG
23S4QV9fw60k7zyfHkYjapiA7+Fzax5Hq/YNf78gn/5jrhJQbLKHxxq/ZTBYescR
XYU84aA0sPmSpQ4efNwE+MqsBE0WYXAvUf23ea6WKi889D6Nr2EJr/IFahFWXSm9
Szp4tkt04gbxZZygZraBjmXu19UYv/BCRzyY9GQ+KB/dDo50Fcdq/IKM3vdpI1bv
o3g8cdCS3y2QzIipCEU1qSjkGzAO2eOzqnf69V0hjubYpiKlDuBT1m50wJysj5yh
COUXkIr+4hG4fhSZqq9uToDX8y9nHlafDLNyThHiG7t7you92MWMvA6pTrGlZAQP
OnTAZXVywljJb1pPV1eb
=vxu2
—–END PGP SIGNATURE—–

AutorTomislav Protega
Cert idNCERT-REF-2016-10-0128-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa quagga

Otkriveno je da je zebra pozadinski program u quagga paketu ranjiv na preljev spremnika na stogu. Nije objavljeno na koji...

Close