You are here
Home > Preporuke > Sigurnosni nedostatak jezgre operacijskog sustava

Sigurnosni nedostatak jezgre operacijskog sustava

by ncert - 0

==========================================================================
Ubuntu Security Notice USN-3313-1
June 06, 2017

linux, linux-raspi2 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.10

Summary:

The system could be made to run programs as an administrator.

Software Description:
– linux: Linux kernel
– linux-raspi2: Linux kernel for Raspberry Pi 2

Details:

It was discovered that a buffer overflow existed in the trace subsystem in
the Linux kernel. A privileged local attacker could use this to execute
arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
linux-image-4.8.0-1038-raspi2 4.8.0-1038.41
linux-image-4.8.0-54-generic 4.8.0-54.57
linux-image-4.8.0-54-generic-lpae 4.8.0-54.57
linux-image-4.8.0-54-lowlatency 4.8.0-54.57
linux-image-4.8.0-54-powerpc-e500mc 4.8.0-54.57
linux-image-4.8.0-54-powerpc-smp 4.8.0-54.57
linux-image-4.8.0-54-powerpc64-emb 4.8.0-54.57
linux-image-generic 4.8.0.54.66
linux-image-generic-lpae 4.8.0.54.66
linux-image-lowlatency 4.8.0.54.66
linux-image-powerpc-e500mc 4.8.0.54.66
linux-image-powerpc-smp 4.8.0.54.66
linux-image-powerpc64-emb 4.8.0.54.66
linux-image-raspi2 4.8.0.1038.42

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://www.ubuntu.com/usn/usn-3313-1
CVE-2017-0605

Package Information:
https://launchpad.net/ubuntu/+source/linux/4.8.0-54.57
https://launchpad.net/ubuntu/+source/linux-raspi2/4.8.0-1038.41

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJZN5meAAoJEC8Jno0AXoH0Z7gP/1BhDorz36iCE92V5KsWrA33
sRd/9fm/kjD67nXIXQtfSNfMo605AnZmFLIQ63La+AVp2NXsq7JdU6+FFdqItm2M
ZEWdKlF1yRwja5NAAJ4DjrPtU+HicIei3ONlxi+wINBdwbDL1TxfUQDvBL+VNT1u
u5OQVAUSZgbKU+B7UOm0w8g0i35Iv7XIbZCybX17cgogBJhIWh1x/0lUH+WAG0f3
/cZ2TCxmDEn3EL3J6k7u8Pm0urJlZ8uoR2SzOWWCJg88EkDKW24o/9jzhZNVsGKg
cdqFl/sF2vWPt0po4VCCzMmHXPIg3MbNq/pFmLhgJrq3Y/EefdjHj87xmaSgAhNk
5RCFCP6/NGk5Eib/cw3PTqE1yQJvwdHPMXGvmPpcTi9ePj5L3P1Qh34q8Ihrwy8W
Y8hyW74uUQ07+tEGg+HsHRa6tonyxIOCU6Dq93MO9Ddq0ey/1xmces1YkihVdJP+
uZQLSQNuKIhr4vx38T91Dtb+WJ5jbBVspjD13TyBdhiQjZA8hxgzFaIL5AJBU0IP
wjIUoPqBx33aPPNBuYn3IiIJHzytreLWqWLiiIP1YRoVm68k+QTxv8nzIdcHjf21
rVzNBbjS/ShwCU889OsARxz7FInaPZFLjfaP2VycoFW3WOci1SvYfVWlADiyn5nH
YCVVfAHA9x1iIYmiTU5M
=5MlI
—–END PGP SIGNATURE—–

ncert
Top
More in Preporuke
Sigurnosni nedostaci jezgre operacijskog sustava

Otkriveni su sigurnosni nedostaci kod više verzija jezgre operacijskog sustava Ubuntu 16.04. Otkriveni nedostaci potencijalnim napadačima omogućuju otkrivanje osjetljivih informacija,...

Close