Willkommen auf der Seite mit Neuigkeiten und Informationen des aktuellen Monates rund um die Thematik der IT, IT-Sicherheit und meinem eigenen kleinen Webprojekt.
Hier finden Sie eine kleine Auswahl an externen Feeds wieder mit denen sich nicht nur Administratoren aus den Welten von Microsoft® und Linux® beschäftigen sollten, zudem spezifisch zu Ubuntu und Kubuntu.
Ebenfalls haben Sie die Möglichkeit die aktuellen Nachrichten über die Veröffentlichung neuer Artikel unter HowTo's, ... zu meiner Webseite mittels einem Feedreader zu abonieren im Format RSS 2.0 und im Nachrichtenarchiv in den Listen der News herum zu stöbern.
Im gleichen WLAN konnten Angreifer den mobilen Firefox-Browser unter Android beliebige Webseiten oder andere Apps öffnen lassen - ohne Nutzerinteraktion. (Firefox, WLAN)
Bei einem Ransomware-Angriff auf die argentinische Einwanderungsbehörde wurden Passdaten kopiert. Rund 12.000 Betroffene stammen aus Deutschland. (Ransomware, Datenschutz)
Nach mehreren Corona-Fällen in einer Kneipe suchen die Behörden rund 100 Personen, die falsche Angaben auf der Kontaktliste gemacht haben. (Coronavirus, Datenschutz)
Ein Ransomware-Angriff auf die Uniklinik Düsseldorf, der zu einem Todesfall führte, erfolgte über die "Shitrix" genannte Lücke in Citrix-Geräten (Citrix, Netzwerk)
Nach einem Urteil des Bundesverfassungsgerichts zur Bestandsdatenauskunft könnte auch das Gesetz gegen Hasskriminalität verfassungswidrig sein. (Netzwerkdurchsetzungsgesetz, Datenschutz)
Die Neuausstattung der IT-Systeme von Bundesbehörden wird durch interne Widerständen, Personalmangel und schlechter Netzverbindung verzögert. (Bundesregierung, Security)
Bei einem Reconnect müssen sich Bluetooth-Geräte nicht zwangsweise authentifizieren. Ein Forscherteam konnte sich so als ein BLE-Gerät ausgeben. (Bluetooth, Android)
Nach Problemen mit Briefwahlunterlagen in Nordrhein-Westfalen fordert der Bitkom zeitgemäße Alternativen - diese sind jedoch umstritten. (Software, CCC)
Die Sicherheitslücke Zerologon nutzt einen Fehler in Netlogon aus und involviert die Zahl Null auf kreative Weise - um Passwörter zu ändern. (Sicherheitslücke, Applikationen)
Die EU-Kommission möchte die E2E-Verschlüsselung von Messengern wie Whatsapp mit Uploadfiltern aushebeln. Das gefährdet unsere Demokratie. Ein IMHO von Moritz Tremmel (Ende-zu-Ende-Verschlüsselung, Vorratsdatenspeicherung)
Gleich zwei Malvertising-Netzwerke nutzen laut Malwarebytes Sicherheitslücken obsoleter Programme aus: Adobe Flash und Internet Explorer. (Malware, Virus)
Mit einer Blurtooth genannten Sicherheitslücke lassen sich unter bestimmten Bedingungen die Schlüssel einer Bluetooth-Verbindung austauschen. (Bluetooth, Datenschutz)
Das neue Gesetz soll vor allem kleine Unternehmen vor Abzocke mit Abmahnungen schützen, beispielsweise beim Verstoß gegen die DSGVO. (Abmahnung, Datenschutz)
Angepasste Windows-10-Designs können auf Hintergrundbilder im Netz zugreifen. Dies lässt sich nutzen, um Accountdaten in Hashes abzugreifen. (Windows 10, Server)
15.000 PDF-Seiten reichen nicht: Die Erben einer 15-Jährigen müssen laut BGH genauso auf ihr Facebook-Konto zugreifen dürfen wie das Mädchen selbst. (Facebook, Soziales Netz)
Mit einem Buffer Overflow im Linux-Kernel lässt sich ein System durch lokale Nutzer zum Absturz bringen, eine Rechteausweitung ist wohl möglich. (Linux-Kernel, Linux)
Cisco hat eine Sicherheitslücke in seinem Jabber-Client für Windows geschlossen. Diese hat Angreifern ermöglicht, per Textnachricht Code auszuführen. (Jabber, Instant Messenger)
Die Anti-Tracking-Technik soll in iOS 14 eingebaut und im kommenden Jahr von Apple aktiviert werden. Zuvor hat es Kritik von Facebook gegeben. (Apple, Datenschutz)
Das Team des Krypto-Messengers bekommt Unterstützung von einer Investmentfirma und will Threema künftig als Open Source bereitstellen. (Threema, Instant Messenger)
Nach offenen RISC-V-Kernen und Hardware-Security bietet Western Digital auch externe SSDs mit eigener App-Verschlüsselung an. (Western Digital, Verschlüsselung)
24 Ermittlungsverfahren wegen missbräuchlicher Datenabfragen durch Polizisten gab es seit 2016 in Sachsen-Anhalt. Genaue Kontrolle ist schwierig. (Polizei, Datenschutz)
Bei älteren Versionen von File Manager lässt sich Schadcode auf Wordpress-Seiten einschleusen. Angreifer nutzen die Lücke aktiv aus. (Wordpress, Sicherheitslücke)
Der Mobilfunkbetreiber Telefónica Deutschland setzt bei seinem 5G-Kernnetz auf Server in Deutschland. Doch die gehören Amazon aus den USA. (AWS, Microsoft)
E-Mails einige Abgeordneter des norwegischen Parlaments wurden offenbar gehackt. Das genaue Ausmaß des Datenabflusses ist bisher unklar. (Hacker, Security)
Die Linux-Community diskutiert konkrete Umsetzungsideen für Kernel-Module in Rust. In Details zeigen sich aber viele Schwierigkeiten. (Linux-Kernel, Programmiersprache)
Die Verantwortlichen für den Angriff auf die Uniklinik sitzen laut Justizministerium möglicherweise in Russland. Die Ermittlungen und Aufräumarbeiten dauern an.
Googles Cloud-Anwendungsplattform App Engine bietet Kriminellen beim Generieren schädlicher Links viel Freiraum, den diese im Zuge aktiver Angriffe auskosten.
Wer das Plugin erst vor ein paar Wochen aktualisiert hat, sollte den Update-Prozess nochmals anwerfen: Die Entwickler haben eine weitere Lücke geschlossen.
Twitter will Angriffe auf Konten von Politikern, Institutionen und Journalisten vor der US-Wahl im November verhindern und trifft präventive Maßnahmen.
Nach einem Ransomware-Angriff verweigerte die argentinische Einwanderungsbehörde die Lösegeldzahlung. Passdaten, auch von 12.000 Deutschen, landeten im Netz.
Die VMware-Entwickler haben mehrere Sicherheitslücken in Fusion, Horizon Client, Player und Workstation geschlossen. Einige Updates stehen aber noch aus.
Der IT-Ausfall an der Uniklinik geht tatsächlich auf einen Hackerangriff zurück. Die Erpresser zogen sich zurück. Es wird wegen eines Todesfalls ermittelt.
Wenn Angreifer Computer schon vor dem Windows-Start drangsalieren, hat das fatale Folgen und AV-Software ist oft machtlos. Die NSA gibt Tipps zur Absicherung.
Seit Anfang voriger Woche hat IBM eine ganze Reihe von Lücken aus seinem Produktportfolio beseitigt – darunter einige mit hohem bis kritischem Schweregrad.
Auf Citrix ADC und Netscaler Gateways sind offenbar über die Shitrix-Lücke Anfang des Jahres Backdoors installiert worden, durch die Ransomware gelangen kann.
Der Support für Version 1.x der Onlineshop-Software Magento endete im Juni 2020. Eine aktuelle "Magecart"-Angriffskampagne zielt nun auf veraltete Shops.
Die Auswahl wächst: Neue FIDO2-Authenticator zum sicheren Einloggen mit und ohne Passwort sind jetzt lieferbar. Darunter der lange angekündigte Yubikey 5C NFC.
Das Security Compliance Toolkit umfasst in der neuen Version 1.0 mehrere Programme zum Verwalten der Sicherheitsrichtlinien von Windows-Clients und -Servern.
Experten zeigen im Auftrag der EU-Kommission Ansätze auf, um Material zu sexuellem Kindesmissbrauch in durchgängig verschlüsselter Kommunikation aufzudecken.
Betreiber von Satelliten und Raumschiffen sollen ihre Systeme laut Trumps Anordnung besser vor Hackerangriffen und elektronischen Störmaßnahmen schützen.
Lernen Sie, wie man mithilfe des IT-Grundschutzes des BSI IT-Systeme systematisch absichert, und erwerben Sie optional das Zertifikat Grundschutz-Praktiker.
Unternehmen können ihre Nextcloud-Instanz von nun an mit Kasperskys Scan Engine ausstatten. So soll sich Malware nicht von einem Client zum nächsten ausbreiten.
Aufgrund von aktuellen Attacken sollten Besitzer eines Netzwerkspeichers (NAS) von Qnap sicherstellen, dass die aktuelle Firmware-Version installiert ist.
A back-end server associated with Microsoft Bing exposed sensitive data of the search engine's mobile application users, including search queries, device details, and GPS coordinates, among others. The logging database, however, doesn't include any personal details such as names or addresses. The data leak, discovered by Ata Hakcil of WizCase on September 12, is a massive 6.5TB cache of log
A UK man who threatened to publicly release stolen confidential information unless the victims agreed to fulfill his digital extortion demands has finally pleaded guilty on Monday at U.S. federal district court in St. Louis, Missouri. Nathan Francis Wyatt , 39, who is a key member of the infamous international hacking group 'The Dark Overlord,' has been sentenced to five years in prison and
German authorities last week disclosed that a ransomware attack on the University Hospital of Düsseldorf (UKD) caused a failure of IT systems, resulting in the death of a woman who had to be sent to another hospital that was 20 miles away. The incident marks the first recorded casualty as a consequence of cyberattacks on critical healthcare facilities, which has ramped up in recent months. The
The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security (MOIS) for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors. According to the U.S. Treasury and the Federal Bureau of Investigation (FBI), the sanctions target
Dear Android users, if you use the Firefox web browser on your smartphones, make sure it has been updated to version 80 or the latest available version on the Google Play Store. ESET security researcher Lukas Stefanko yesterday tweeted an alert demonstrating the exploitation of a recently disclosed high-risk remote command execution vulnerability affecting the Firefox app for Android. Discovered
Capping off a busy week of charges and sanctions against Iranian hackers, a new research offers insight into what's a six-year-long ongoing surveillance campaign targeting Iranian expats and dissidents with an intention to pilfer sensitive information. The threat actor, suspected to be of Iranian origin, is said to have orchestrated the campaign with at least two different moving parts — one for
After a long wait and months of beta testing, Google last week finally released Android 11, the latest version of the Android mobile operating system—with features offering billions of its users more control over their data security and privacy. Android security is always a hot topic and almost always for the wrong reason, including Google's failure to prevent malicious apps from being
The US Department of Justice (DoJ) on Tuesday indicted two hackers for their alleged involvement in defacing several websites in the country following the assassination of Iranian major general Qasem Soleimani earlier this January. Behzad Mohammadzadeh (aka Mrb3hz4d), 19, and Marwan Abusrour (aka Mrwn007), 25, have been charged with conspiracy to commit intentional damage to a protected
Did you ever try extracting any information from any website? Well, if you have then you have surely enacted web scraping functions without even knowing it! To put in simpler terms, Web scraping, or also known as web data extraction, is the process of recouping or sweeping data from web-pages. It is a much faster and easier process of retrieving data without undergoing the time-consuming
Immediately after revealing criminal charges against 5 Chinese and 2 Malaysian hackers, the United States government yesterday also made two separate announcements charging two Iranian and two Russian hackers and added them to the FBI's most-wanted list. The two Russian nationals—Danil Potekhin and Dmitrii Karasavidi—are accused of stealing $16.8 million worth of cryptocurrencies in a series of
The United States government today announced charges against 5 alleged members of a Chinese state-sponsored hacking group and 2 Malaysian hackers that are responsible for hacking more than 100 companies throughout the world. Named as APT41 and also known as 'Barium,' 'Winnti, 'Wicked Panda,' and 'Wicked Spider,' the cyber-espionage group has been operating since at least 2012 and is not just
A group of researchers has detailed a new timing vulnerability in Transport Layer Security (TLS) protocol that could potentially allow an attacker to break the encryption and read sensitive communication under specific conditions. Dubbed "Raccoon Attack," the server-side attack exploits a side-channel in the cryptographic protocol (versions 1.2 and lower) to extract the shared secret key used
Most cybersecurity professionals fully anticipated that cybercriminals would leverage the fear and confusion surrounding the Covid-19 pandemic in their cyberattacks. Of course, malicious emails would contain subjects relating to Covid-19, and malicious downloads would be Covid-19 related. This is how cybercriminals operate. Any opportunity to maximize effectiveness, no matter how contemptible
In a new report into the global cybersecurity industry's exposure on the Dark Web this year, global application security company, ImmuniWeb, uncovered that 97% of leading cybersecurity companies have data leaks or other security incidents exposed on the Dark Web, while on average, there are over 4,000 stolen credentials and other sensitive data exposed per cybersecurity company. Even the
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities. "CISA has observed Chinese [Ministry of State Security]-affiliated cyber threat actors operating from the People's Republic of China using commercially available information
Cybersecurity researchers have discovered an entirely new kind of Linux malware dubbed "CDRThief" that targets voice over IP (VoIP) softswitches in an attempt to steal phone call metadata. "The primary goal of the malware is to exfiltrate various private data from a compromised softswitch, including call detail records (CDR)," ESET researchers said in a Thursday analysis. "To steal this
Bluetooth SIG—an organization that oversees the development of Bluetooth standards—today issued a statement informing users and vendors of a newly reported unpatched vulnerability that potentially affects hundreds of millions of devices worldwide. Discovered independently by two separate teams of academic researchers, the flaw resides in the Cross-Transport Key Derivation (CTKD) of devices
Cybercriminals successfully plundered another digital cryptocurrency exchange. European cryptocurrency exchange Eterbase this week disclosed a massive breach of its network by an unknown group of hackers who stole cryptocurrencies worth 5.4 million dollars. Eterbase, which has now entered maintenance mode until the security issue is resolved, described itself as Europe's Premier Digital Asset
IT help desks everywhere are having to adjust to the 'new normal' of supporting mainly remote workers. This is a major shift away from visiting desks across the office and helping ones with traditional IT support processes. Many reasons end-users may contact the helpdesk. However, password related issues are arguably the most common. Since the onset of the global pandemic that began earlier
We have all heard of the "cybersecurity skills gap" — firms' inability to hire and retain high-level cybersecurity talent. I see this gap manifesting in two ways. First, companies that want to hire cybersecurity talent simply cannot find candidates with sufficient skills. Second, companies that cannot afford specialized cybersecurity talent and therefore lack the necessary skills to
A cybercrime group that has previously struck Docker and Kubernetes cloud environments has evolved to repurpose genuine cloud monitoring tools as a backdoor to carry out malicious attacks, according to new research. "To our knowledge, this is the first time attackers have been caught using legitimate third party software to target cloud infrastructure," Israeli cybersecurity firm Intezer said
As part of this month's Patch Tuesday, Microsoft today released a fresh batch of security updates to fix a total of 129 newly discovered security vulnerabilities affecting various versions of its Windows operating systems and related software. Of the 129 bugs spanning its various products — Microsoft Windows, Edge browser, Internet Explorer, ChakraCore, SQL Server, Exchange Server, Office,
Cybersecurity agencies across Asia and Europe have issued multiple security alerts regarding the resurgence of email-based Emotet malware attacks targeting businesses in France, Japan, and New Zealand. "The emails contain malicious attachments or links that the receiver is encouraged to download," New Zealand's Computer Emergency Response Team (CERT) said. "These links and attachments may
Even as Visa issued a warning about a new JavaScript web skimmer known as Baka, cybersecurity researchers have uncovered an authentication flaw in the company's EMV enabled payment cards that permits cybercriminals to obtain funds and defraud cardholders as well as merchants illicitly. The research, published by a group of academics from the ETH Zurich, is a PIN bypass attack that allows the
Cyberattacks on small to medium-sized businesses (SMBs) are continuing at a relentless pace, with the vast majority of data breaches coming from outside the organization. Some believe hackers are aggressively targeting these smaller firms because they believe SMBs lack adequate resources and enterprise-grade security tools, making them easier prey than larger businesses. A new report from
An adversary known for targeting the fintech sector at least since 2018 has switched up its tactics to include a new Python-based remote access Trojan (RAT) that can steal passwords, documents, browser cookies, email credentials, and other sensitive information. In an analysis published by Cybereason researchers yesterday, the Evilnum group has not only tweaked its infection chain but has
Anyone paying attention to the cybersecurity technology market has heard the term XDR - Extended Detection and Response. XDR is a new technology approach that combines multiple protection technologies into a single platform. All the analyst firms are writing about it, and many of the top cybersecurity companies are actively moving into this space. Why is XDR receiving all the buzz? Combining
Networking equipment maker Cisco has released a new version of its Jabber video conferencing and messaging app for Windows that includes patches for multiple vulnerabilities—which, if exploited, could allow an authenticated, remote attacker to execute arbitrary code. The flaws, which were uncovered by Norwegian cybersecurity firm Watchcom during a pentest, affect all currently supported
Cybercriminal groups are constantly evolving to find new ways to pilfer financial information, and the latest trick in their arsenal is to leverage the messaging app Telegram to their benefit. In what's a new tactic adopted by Magecart groups, the encrypted messaging service is being used to send stolen payment details from compromised websites back to the attackers. "For threat actors, this
Starting today, the lifespan of new TLS certificates will be limited to 398 days, a little over a year, from the previous maximum certificate lifetime of 27 months (825 days). In a move that's meant to boost security, Apple, Google, and Mozilla are set to reject publicly rooted digital certificates in their respective web browsers that expire more than 13 months (or 398 days) from their
Cisco has warned of an active zero-day vulnerability in its router software that's being exploited in the wild and could allow a remote, authenticated attacker to carry out memory exhaustion attacks on an affected device. "An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device," Cisco said in an advisory posted over the weekend. "A successful
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Summary
Several security issues were fixed in Ceph.
Software Description
ceph - distributed storage and file system
Details
Adam Mohammed discovered that Ceph incorrectly handled certain CORS ExposeHeader tags. A remote attacker could possibly use this issue to preform an HTTP header injection attack. (CVE-2020-10753)
Lei Cao discovered that Ceph incorrectly handled certain POST requests with invalid tagging XML. A remote attacker could possibly use this issue to cause Ceph to crash, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-12059)
Robin H. Johnson discovered that Ceph incorrectly handled certain S3 requests. A remote attacker could possibly use this issue to perform a XSS attack. (CVE-2020-1760)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Ubuntu 14.04 ESM
Summary
Several security issues were fixed in the Linux kernel.
Software Description
linux - Linux kernel
linux-aws - Linux kernel for Amazon Web Services (AWS) systems
linux-azure-4.15 - Linux kernel for Microsoft Azure Cloud systems
linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems
linux-gke-4.15 - Linux kernel for Google Container Engine (GKE) systems
linux-oem - Linux kernel for OEM systems
linux-oracle - Linux kernel for Oracle Cloud systems
linux-raspi2 - Linux kernel for Raspberry Pi (V8) systems
linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors
linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems
linux-azure - Linux kernel for Microsoft Azure Cloud systems
linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
linux-hwe - Linux hardware enablement (HWE) kernel
Details
It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-18808)
It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19054)
It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19061)
It was discovered that the AMD Audio Coprocessor driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker with the ability to load modules could use this to cause a denial of service (memory exhaustion). (CVE-2019-19067)
It was discovered that the Atheros HTC based wireless driver in the Linux kernel did not properly deallocate in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19073, CVE-2019-19074)
It was discovered that the F2FS file system in the Linux kernel did not properly perform bounds checking in some situations, leading to an out-of- bounds read. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-9445)
It was discovered that the VFIO PCI driver in the Linux kernel did not properly handle attempts to access disabled memory spaces. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12888)
It was discovered that the cgroup v2 subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2020-14356)
It was discovered that the state of network RNG in the Linux kernel was potentially observable. A remote attacker could use this to expose sensitive information. (CVE-2020-16166)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Ubuntu 14.04 ESM
Summary
Several security issues were fixed in the Linux kernel.
Software Description
linux - Linux kernel
linux-aws - Linux kernel for Amazon Web Services (AWS) systems
linux-raspi2 - Linux kernel for Raspberry Pi (V8) systems
linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors
linux-lts-xenial - Linux hardware enablement kernel from Xenial for Trusty
Details
It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19054)
It was discovered that the Atheros HTC based wireless driver in the Linux kernel did not properly deallocate in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19073, CVE-2019-19074)
Yue Haibing discovered that the Linux kernel did not properly handle reference counting in sysfs for network devices in some situations. A local attacker could possibly use this to cause a denial of service. (CVE-2019-20811)
It was discovered that the F2FS file system in the Linux kernel did not properly perform bounds checking in some situations, leading to an out-of- bounds read. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-9445)
It was discovered that the F2FS file system in the Linux kernel did not properly validate xattr meta data in some situations, leading to an out-of- bounds read. An attacker could use this to construct a malicious F2FS image that, when mounted, could expose sensitive information (kernel memory). (CVE-2019-9453)
It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2020-0067)
It was discovered that the NFS client implementation in the Linux kernel did not properly perform bounds checking before copying security labels in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25212)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 20.04 LTS
Summary
Several security issues were fixed in the Linux kernel.
Software Description
linux - Linux kernel
linux-azure - Linux kernel for Microsoft Azure Cloud systems
linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
linux-oracle - Linux kernel for Oracle Cloud systems
Details
It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-18808)
It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19054)
It was discovered that the VFIO PCI driver in the Linux kernel did not properly handle attempts to access disabled memory spaces. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12888)
It was discovered that the state of network RNG in the Linux kernel was potentially observable. A remote attacker could use this to expose sensitive information. (CVE-2020-16166)
It was discovered that the NFS client implementation in the Linux kernel did not properly perform bounds checking before copying security labels in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25212)
Update instructions
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, l
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Summary
TNEF could be made to crash or write arbitrary files to the filesystem.
Software Description
tnef - Tool to unpack MIME application/ms-tnef attachments
Details
Paul Dreik discovered that TNEF incorrectly handled filenames. If a user were tricked into opening a specially crafted email attachment, an attacker could possibly use this issue to write arbitrary files to the filesystem or cause TNEF crash, resulting in a denial of service. (CVE-2019-18849)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Summary
LibOFX could be made to crash.
Software Description
libofx - client-side implementation of Open Financial Exchange specification
Details
It was discovered that LibOFX did not properly check for errors in certain situations, leading to a NULL pointer dereference. A remote attacker could use this issue to cause a denial of service attack. (CVE-2019-9656)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Summary
noVNC could be made to execute arbitrary code.
Software Description
novnc - HTML5 VNC client - daemon and programs
Details
It was discovered that noVNC did not properly manage certain messages, resulting in the remote VNC server injecting arbitrary HTML into the noVNC web page. An attacker could use this issue to conduct cross-site scripting (XSS) attacks. (CVE-2017-18635)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 20.04 LTS
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Summary
pam_tacplus could be made to expose sensitive information.
Software Description
libpam-tacplus - PAM module for using TACACS+ as an authentication service
Details
It was discovered that pam_tacplus did not properly manage shared secrets if DEBUG loglevel and journald are used. A remote attacker could use this issue to expose sensitive information.
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Summary
Exim SpamAssassin could be made to execute aribitrary code if it received crafted .cf files/rules.
Software Description
sa-exim - SpamAssassin filter for Exim
Details
It was discovered that Exim SpamAssassin does not properly handle configuration strings. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-19920)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Summary
PulseAudio could be made to crash or run programs as your login if it received specially crafted input.
Software Description
pulseaudio - PulseAudio sound server
Details
Ratchanan Srirattanamet discovered that an Ubuntu-specific patch caused PulseAudio to incorrectly handle memory under certain error conditions in the Bluez 5 module. An attacker could use this issue to cause PulseAudio to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-15710)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Summary
Email-Address-List could be made to remotely exhaust resources if it received specially crafted email data.
Software Description
libemail-address-list-perl - RFC close address list parsing
Details
It was discovered that Email-Address-List does not properly parse email addresses during email-ingestion. A remote attacker could use this issue to cause an algorithmic complexity attack, resulting in a denial of service. (CVE-2018-18898)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Summary
xawtv could be made to expose sensitive information and escalate user privileges if it received specially crafted input.
Software Description
xawtv - X11 program for watching TV
Details
Matthias Gerstner discovered that xawtv incorrectly handled opening files. A local attacker could possibly use this issue to open and write to arbitrary files and escalate privileges. (CVE-2020-13696)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 18.04 LTS
Summary
GnuPG could be made to expose sensitive information.
Software Description
gnupg2 - GNU privacy guard - a free PGP replacement
Details
It was discovered that GnuPG signatures could be forged when the SHA-1 algorithm is being used. This update removes validating signatures based on SHA-1 that were generated after 2019-01-19. In environments where this is still required, a new option –allow-weak-key-signatures can be used to revert this behaviour.
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Summary
Pure-FTPd could be made to expose sensitive information if it recieved specially crafted input.
Software Description
pure-ftpd - Secure and efficient FTP server
Details
Antonio Norales discovered that Pure-FTPd incorrectly handled directory aliases. An attacker could possibly use this issue to access sensitive information. (CVE-2020-9274)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Summary
apng2gif could be made to expose sensitive information if it opened a specifically crafted APNG file.
Software Description
apng2gif - tool for converting APNG images to animated GIF format
Details
Dileep Kumar Jallepalli discovered that apng2gif incorrectly handled loading APNG files. An attacker could exploit this with a crafted APNG file to access sensitive information. (CVE-2017-6960)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 14.04 ESM
Summary
Samba would allow unintended access to files over the network.
Software Description
samba - SMB/CIFS file, print, and login server for Unix
Details
USN-4510-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin.
This update fixes the issue by changing the "server schannel" setting to default to "yes", instead of "auto", which will force a secure netlogon channel. This may result in compatibility issues with older devices. A future update may allow a finer-grained control over this setting.
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 18.04 LTS
Summary
util-linux could be made to run programs when performing bash completion.
Software Description
util-linux - miscellaneous system utilities
Details
It was discovered that the umount bash completion script shipped in util-linux incorrectly handled certain mountpoints. If a local attacker were able to create arbitrary mountpoints, another user could be tricked into executing arbitrary code when attempting to run the umount command with bash completion.
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 20.04 LTS
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Summary
QEMU could be made to crash or run programs.
Software Description
qemu - Machine emulator and virtualizer
Details
Ziming Zhang, Xiao Wei, Gonglei Arei, and Yanyu Zhang discovered that QEMU incorrectly handled certain USB packets. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile.
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Summary
Samba would allow unintended access to files over the network.
Software Description
samba - SMB/CIFS file, print, and login server for Unix
Details
Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin.
This update fixes the issue by changing the "server schannel" setting to default to "yes", instead of "auto", which will force a secure netlogon channel. This may result in compatibility issues with older devices. A future update may allow a finer-grained control over this setting.
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 14.04 ESM
Summary
Several security issues were fixed in Perl DBI module.
Software Description
libdbi-perl - Perl Database Interface (DBI)
Details
It was discovered that Perl DBI module incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2013-7490)
It was discovered that Perl DBI module incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information. (CVE-2014-10401)
Update instructions
The problem can be corrected by updating your system to the following package versions:
It was discovered that StoreBackup did not properly manage lock files. A local attacker could use this issue to cause a denial of service or escalate privileges and run arbitrary code. (CVE-2020-7040)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Summary
ncmpc could be made to crash if it received a long chat message.
Software Description
ncmpc - ncurses-based audio player
Details
It was discovered that ncmpc incorrectly handled long chat messages. A remote attacker could possibly exploit this with a crafted chat message, causing ncmpc to crash, resulting in a denial of service. (CVE-2018-9240)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Summary
MCabber could be made to modify the roster and intercept messages if it received specially crafted XMPP packets.
Software Description
mcabber - small Jabber (XMPP) console client
Details
It was discovered that MCabber does not properly manage roster pushes. An attacker could possibly use this issue to remotely perform man-in-the-middle attacks. (CVE-2016-9928).
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 18.04 LTS
Summary
Attachments with specially crafted filenames could bypass filename-based mail attachment filters.
Software Description
libphp-phpmailer - full featured email transfer class for PHP
Details
Elar Lang discovered that PHPMailer did not properly escape double quote characters in filenames. A remote attacker could possibly exploit this with a crafted filename to bypass attachment filters that are based on matching filename extensions. (CVE-2020-13625)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Summary
Several security issues were fixed in OpenSSL.
Software Description
openssl1.0 - Secure Socket Layer (SSL) cryptographic library and tools
openssl - Secure Socket Layer (SSL) cryptographic library and tools
Details
Robert Merget, Marcus Brinkmann, Nimrod Aviram, and Juraj Somorovsky discovered that certain Diffie-Hellman ciphersuites in the TLS specification and implemented by OpenSSL contained a flaw. A remote attacker could possibly use this issue to eavesdrop on encrypted communications. This was fixed in this update by removing the insecure ciphersuites from OpenSSL. (CVE-2020-1968)
Cesar Pereida García, Sohaib ul Hassan, Nicola Tuveri, Iaroslav Gridin, Alejandro Cabrera Aldaya, and Billy Brumley discovered that OpenSSL incorrectly handled ECDSA signatures. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-1547)
Guido Vranken discovered that OpenSSL incorrectly performed the x86_64 Montgomery squaring procedure. While unlikely, a remote attacker could possibly use this issue to recover private keys. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-1551)
Bernd Edlinger discovered that OpenSSL incorrectly handled certain decryption functions. In certain scenarios, a remote attacker could possibly use this issue to perform a padding oracle attack and decrypt traffic. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-1563)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 20.04 LTS
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Summary
websocket-extensions could be made to exhaust the server’s capacity to process incoming requests if it received specially crafted requests.
Software Description
ruby-websocket-extensions - Generic extension manager for WebSocket connections
Details
It was discovered that websocket-extensions does not properly parse special headers. A remote attacker could use this issue to cause regex backtracking, resulting in a denial of service. (CVE-2020-7663)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Summary
LuaJIT could be made crash or expose sensitive information if it received specially crafted input.
Software Description
luajit - Just in time compiler for Lua programming language version 5.1
Details
It was discovered that an out-of-bounds read existed in LuaJIT. An attacker could use this to cause a denial of service (application crash) or possibly expose sensitive information. (CVE-2020-15890)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Summary
bsdiff could be made to crash or run programs as your login if it opened a specially crafted file.
Software Description
bsdiff - generate/apply a patch between two binary files
Details
It was discovered that bsdiff mishandled certain input. If a user were tricked into opening a malicious file, an attacker could cause bsdiff to crash or potentially execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Summary
Loofah could be made to perform XSS attacks if a crafted SVG element is republished
Software Description
ruby-loofah - manipulation and transformation of HTML/XML documents and fragments
Details
It was discovered that Loofah does not properly sanitize JavaScript in sanitized output. An attacker could possibly use this issue to perform XSS attacks. (CVE-2019-15587)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Summary
MilkyTracker could be made to crash or run programs as your login if it opened a specially crafted file.
Software Description
milkytracker - music creation tool inspired by Fast Tracker 2
Details
It was discovered that MilkyTracker did not properly handle certain input. If a user were tricked into opening a malicious file, an attacker could cause MilkyTracker to crash or potentially execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Summary
Several security issues were fixed in OpenJPEG.
Software Description
openjpeg2 - Open-source JPEG 2000 codec written in C language
Details
It was discovered that OpenJPEG incorrectly handled certain image files. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-9112)
It was discovered that OpenJPEG did not properly handle certain input. If OpenJPEG were supplied with specially crafted input, it could be made to crash or potentially execute arbitrary code. (CVE-2018-20847, CVE-2018-21010, CVE-2020-6851, CVE-2020-8112, CVE-2020-15389)
It was discovered that OpenJPEG incorrectly handled certain BMP files. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2019-12973)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Summary
Apache XML-RPC could be made to execute arbitrary code if it received specially crafted data by a malicious XML-RPC server.
Software Description
libxmlrpc3-java - XML-RPC implementation in Java
Details
It was discovered that Apache XML-RPC (aka ws-xmlrpc) does not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-17570)
Update instructions
The problem can be corrected by updating your system to the following package versions:
It was discovered that Apache Log4j does not properly deserialize untrusted data. An attacker could possibly use this issue to remotely execute arbitrary code. (CVE-2019-17571)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 20.04 LTS
Summary
gupnp could be made to expose sensitive information or perform network attacks if it received specially crafted network traffic.
Software Description
gupnp - framework for creating UPnP devices and control points
Details
It was discovered that GUPnP incorrectly handled certain subscription requests. A remote attacker could possibly use this issue to exfiltrate data or use GUPnP to perform DDoS attacks.
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Ubuntu 18.04 LTS
Ubuntu 20.04 LTS
Summary
A security issue was fixed in the 4.15 kernel. This issue affects the 5.4 kernel as well, but a livepatch is not yet available. While work is continuing to develop livepatches for all affected kernels, due to the severity of the issue, we are releasing patches as they become ready.
Software Description
linux - Linux kernel
linux-aws - Linux kernel for Amazon Web Services (AWS) systems
linux-oem - Linux kernel for OEM systems
Details
Or Cohen discovered that the AF_PACKET implementation in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-14386)
Update instructions
The problem can be corrected by updating your kernel livepatch to the following versions:
Ubuntu 18.04 LTS
aws - 71.1
generic - 71.1
lowlatency - 71.1
oem - 71.1
A mitigation is available if your kernel is affected, did not yet receive a livepatch, and rebooting into the most recently released kernel is not practical. If your system does not require the use of unprivileged user namespaces, you may disable them and mitigate the problem using the following command:
sudo sysctl kernel.unprivileged_userns_clone=0
Support Information
Kernels older than the levels listed below do not receive livepatch updates. If you are running a kernel version earlier than the one listed below, please upgrade your kernel as soon as possible.
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 14.04 ESM
Summary
Several security issues were fixed in X.Org X Server.
Software Description
xorg-server - X.Org X11 server
Details
USN-4488-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update and also the update from USN-4490-1 for Ubuntu 14.04 ESM.
Original advisory details:
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14346)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly initialized memory. A local attacker could possibly use this issue to obtain sensitive information. (CVE-2020-14347)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSelectEvents function. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14361)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XRecordRegisterClients function. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14362)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSetNames function. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14345)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 20.04 LTS
Summary
GnuTLS could be made to crash or run programs if it received specially crafted network traffic.
Software Description
gnutls28 - GNU TLS library
Details
It was discovered that GnuTLS incorrectly handled certain alerts when being used with TLS 1.3 servers. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 14.04 ESM
Ubuntu 12.04 ESM
Summary
Several security issues were fixed in libx11.
Software Description
libx11 - None
Details
USN-4487-1 fixed several vulnerabilities in libx11. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM.
Original advisory details:
Todd Carson discovered that libx11 incorrectly handled certain memory operations. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14344)
Jayden Rivers discovered that libx11 incorrectly handled locales. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14363)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 20.04 LTS
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Summary
X.Org X Server could be made to crash or run programs if it received specially crafted input.
Software Description
xorg-server - X.Org X11 server
xorg-server-hwe-18.04 - X.Org X11 server
xorg-server-hwe-16.04 - X.Org X11 server
Details
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSetNames function. A local attacker could possibly use this issue to escalate privileges.
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 20.04 LTS
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Ubuntu 14.04 ESM
Summary
The system could be made to crash or run programs as an administrator.
Software Description
linux - Linux kernel
linux-aws - Linux kernel for Amazon Web Services (AWS) systems
linux-azure - Linux kernel for Microsoft Azure Cloud systems
linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
linux-kvm - Linux kernel for cloud environments
linux-oracle - Linux kernel for Oracle Cloud systems
linux-raspi - Linux kernel for Raspberry Pi (V8) systems
linux-aws-5.3 - Linux kernel for Amazon Web Services (AWS) systems
linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems
linux-azure-4.15 - Linux kernel for Microsoft Azure Cloud systems
linux-azure-5.4 - Linux kernel for Microsoft Azure cloud systems
linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems
linux-gcp-5.4 - Linux kernel for Google Cloud Platform (GCP) systems
linux-gke-4.15 - Linux kernel for Google Container Engine (GKE) systems
linux-gke-5.0 - Linux kernel for Google Container Engine (GKE) systems
linux-gke-5.3 - Linux kernel for Google Container Engine (GKE) systems
linux-hwe - Linux hardware enablement (HWE) kernel
linux-hwe-5.4 - Linux hardware enablement (HWE) kernel
linux-oem - Linux kernel for OEM systems
linux-oem-osp1 - Linux kernel for OEM systems
linux-oracle-5.4 - Linux kernel for Oracle Cloud systems
linux-raspi-5.4 - Linux kernel for Raspberry Pi (V8) systems
linux-raspi2 - Linux kernel for Raspberry Pi (V8) systems
linux-raspi2-5.3 - Linux kernel for Raspberry Pi (V8) systems
linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors
linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems
Details
Or Cohen discovered that the AF_PACKET implementation in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 20.04 LTS
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Summary
USN-4474-1 caused some minor regressions in Firefox.
Software Description
firefox - Mozilla Open Source web browser
Details
USN-4474-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, trick the user in to installing a malicious extension, spoof the URL bar, leak sensitive information between origins, or execute arbitrary code. (CVE-2020-15664, CVE-2020-15665, CVE-2020-15666, CVE-2020-15670)
It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-12400, CVE-2020-12401, CVE-2020-6829)
A data race was discovered when importing certificate information in to the trust store. An attacker could potentially exploit this to cause an unspecified impact. (CVE-2020-15668)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Ubuntu 14.04 ESM
Summary
Several security issues were fixed in the Linux kernel.
Software Description
linux - Linux kernel
linux-aws - Linux kernel for Amazon Web Services (AWS) systems
linux-azure-4.15 - Linux kernel for Microsoft Azure Cloud systems
linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems
linux-gke-4.15 - Linux kernel for Google Container Engine (GKE) systems
linux-kvm - Linux kernel for cloud environments
linux-oem - Linux kernel for OEM systems
linux-oracle - Linux kernel for Oracle Cloud systems
linux-raspi2 - Linux kernel for Raspberry Pi (V8) systems
linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors
linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems
linux-azure - Linux kernel for Microsoft Azure Cloud systems
linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
linux-hwe - Linux hardware enablement (HWE) kernel
Details
Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the i915_gem_execbuffer2_ioctl. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2018-20669)
It was discovered that the Kvaser CAN/USB driver in the Linux kernel did not properly initialize memory in certain situations. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-19947)
Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory in some failure conditions. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-20810)
It was discovered that the elf handling code in the Linux kernel did not initialize memory before using it in certain situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2020-10732)
It was discovered that the Linux kernel did not correctly apply Speculative Store Bypass Disable (SSBD) mitigations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10766)
It was discovered that the Linux kernel did not correctly apply Indirect Branch Predictor Barrier (IBPB) mitigations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10767)
It was discovered that the Linux kernel could incorrectly enable Indirect Branch Speculation after it has been disabled for a process via a prctl() call. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10768)
Luca Bruno discovered that the zram module in the Linux kernel did not properly restrict unprivileged users from accessing the hot_add sysfs file. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-10781)
It was discovered that the XFS file system implementation in the Linux kernel did not properly validate meta data in some circumstances. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. (CVE-2020-12655)
It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service. (CVE-2020-12771)
It was discovered that the Virtual Terminal keyboard driver in the Linux kernel contained an integer overflow. A local atta
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 20.04 LTS
Ubuntu 18.04 LTS
Summary
Several security issues were fixed in the Linux kernel.
Software Description
linux - Linux kernel
linux-aws - Linux kernel for Amazon Web Services (AWS) systems
linux-azure - Linux kernel for Microsoft Azure Cloud systems
linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
linux-kvm - Linux kernel for cloud environments
linux-oracle - Linux kernel for Oracle Cloud systems
linux-raspi - Linux kernel for Raspberry Pi (V8) systems
linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems
linux-azure-5.4 - Linux kernel for Microsoft Azure cloud systems
linux-gcp-5.4 - Linux kernel for Google Cloud Platform (GCP) systems
linux-hwe-5.4 - Linux hardware enablement (HWE) kernel
linux-oracle-5.4 - Linux kernel for Oracle Cloud systems
linux-raspi-5.4 - Linux kernel for Raspberry Pi (V8) systems
Details
Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory in some failure conditions. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-20810)
Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Pages. A local attacker with access to DAX storage could use this to gain administrative privileges. (CVE-2020-10757)
It was discovered that the Linux kernel did not correctly apply Speculative Store Bypass Disable (SSBD) mitigations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10766)
It was discovered that the Linux kernel did not correctly apply Indirect Branch Predictor Barrier (IBPB) mitigations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10767)
It was discovered that the Linux kernel could incorrectly enable Indirect Branch Speculation after it has been disabled for a process via a prctl() call. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10768)
Luca Bruno discovered that the zram module in the Linux kernel did not properly restrict unprivileged users from accessing the hot_add sysfs file. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-10781)
It was discovered that the XFS file system implementation in the Linux kernel did not properly validate meta data in some circumstances. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. (CVE-2020-12655)
It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service. (CVE-2020-12771)
It was discovered that the Virtual Terminal keyboard driver in the Linux kernel contained an integer overflow. A local attacker could possibly use this to have an unspecified impact. (CVE-2020-13974)
It was discovered that the cgroup v2 subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2020-14356)
Kyungtae Kim discovered that the USB testing driver in the Linux kernel did not properly deallocate memory on disconnect events. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-15393)
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 14.04 ESM
Summary
Several security issues were fixed in Apport.
Software Description
apport - automatically generate crash reports for debugging
Details
USN-4449-1 fixed several vulnerabilities in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
Ryota Shiga working with Trend Micro´s Zero Day Initiative, discovered that Apport incorrectly dropped privileges when making certain D-Bus calls. A local attacker could use this issue to read arbitrary files. (CVE-2020-11936)
Seong-Joong Kim discovered that Apport incorrectly parsed configuration files. A local attacker could use this issue to cause Apport to crash, resulting in a denial of service. (CVE-2020-15701)
Ryota Shiga working with Trend Micro´s Zero Day Initiative, discovered that Apport incorrectly implemented certain checks. A local attacker could use this issue to escalate privileges and run arbitrary code. (CVE-2020-15702)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 20.04 LTS
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Summary
Several security issues were fixed in X.Org X Server.
Software Description
xorg-server - X.Org X11 server
xorg-server-hwe-18.04 - X.Org X11 server
xorg-server-hwe-16.04 - X.Org X11 server
Details
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14346)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly initialized memory. A local attacker could possibly use this issue to obtain sensitive information. (CVE-2020-14347)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSelectEvents function. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14361)
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XRecordRegisterClients function. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14362)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 20.04 LTS
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Summary
Several security issues were fixed in libx11.
Software Description
libx11 - None
Details
Todd Carson discovered that libx11 incorrectly handled certain memory operations. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14344)
Jayden Rivers discovered that libx11 incorrectly handled locales. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14363)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 18.04 LTS
Summary
The system could be made to crash or run programs as an administrator.
Software Description
linux-aws-5.3 - Linux kernel for Amazon Web Services (AWS) systems
linux-gke-5.3 - Linux kernel for Google Container Engine (GKE) systems
linux-hwe - Linux hardware enablement (HWE) kernel
linux-raspi2-5.3 - Linux kernel for Raspberry Pi (V8) systems
Details
It was discovered that the cgroup v2 subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service or possibly gain administrative privileges.
Update instructions
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 16.04 LTS
Ubuntu 14.04 ESM
Summary
The Linux kernel could be made to crash if it mounted a malicious XFS file system.
Software Description
linux - Linux kernel
linux-aws - Linux kernel for Amazon Web Services (AWS) systems
linux-kvm - Linux kernel for cloud environments
linux-raspi2 - Linux kernel for Raspberry Pi (V8) systems
linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors
linux-lts-xenial - Linux hardware enablement kernel from Xenial for Trusty
Details
Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate meta-data information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service (system crash).
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 20.04 LTS
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Summary
Ark could be made to write files as your login if it opened a specially crafted file.
Software Description
ark - archive utility
Details
Fabian Vogt discovered that Ark incorrectly handled symbolic links in tar archive files. An attacker could use this to construct a malicious tar archive that, when opened, would create files outside the extraction directory.
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 20.04 LTS
Ubuntu 18.04 LTS
Summary
Several security issues were fixed in FreeRDP.
Software Description
freerdp2 - RDP client for Windows Terminal Services
Details
It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 18.04 LTS
Ubuntu 16.04 LTS
Ubuntu 14.04 ESM
Summary
USN-4471-1 introduced a regression in Net-SNMP.
Software Description
net-snmp - SNMP (Simple Network Management Protocol) server and applications
Details
USN-4471-1 fixed a vulnerability in Net-SNMP. The updated introduced a regression making nsExtendCacheTime not settable. This update fixes the problem adding the cacheTime feature flag.
Original advisory details:
Tobias Neitzel discovered that Net-SNMP incorrectly handled certain symlinks. An attacker could possibly use this issue to access sensitive information. (CVE-2020-15861)
It was discovered that Net-SNMP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2020-15862)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 18.04 LTS
Summary
Several security issues were fixed in OpenStack Keystone.
Software Description
keystone - OpenStack identity service
Details
It was discovered that OpenStack Keystone incorrectly handled EC2 credentials. An authenticated attacker with a limited scope could possibly create EC2 credentials with escalated permissions. (CVE-2020-12689, CVE-2020-12691)
It was discovered that OpenStack Keystone incorrectly handled the list of roles provided with OAuth1 access tokens. An authenticated user could possibly end up with more role assignments than intended. (CVE-2020-12690)
It was discovered that OpenStack Keystone incorrectly handled EC2 signature TTL checks. A remote attacker could possibly use this issue to reuse Authorization headers. (CVE-2020-12692)
Update instructions
The problem can be corrected by updating your system to the following package versions:
A security issue affects these releases of Ubuntu and its derivatives:
Ubuntu 20.04 LTS
Summary
Several security issues were fixed in Django.
Software Description
python-django - High-level Python web development framework
Details
It was discovered that Django, when used with Python 3.7 or higher, incorrectly handled directory permissions. A local attacker could possibly use this issue to obtain sensitive information, or escalate permissions.
Update instructions
The problem can be corrected by updating your system to the following package versions:
If you’re a snap developer, you know that snap development is terribly easy. Or rather complex and difficult. Depending on your application code and requirements, it can take a lot of effort putting together the snapcraft.yaml file from which you will build your snap. One of our goals is to make snap development practically easier […]
The web team here at Canonical run two-week iterations. Here are some of the highlights of our completed work from this iteration. Web squad Our Web Squad develops and maintains most of Canonical’s promotional sites like ubuntu.com, canonical.com and more. CloudNative Days Tokyo 2020 This year will see a lot of physical events move to […]
One of the defining features of snaps is their strong security. Snaps are designed to run isolated from the underlying system, with granular control and access to specific resources made possible through a mechanism of interfaces. Think of it as a virtual USB cable – an interface connects a plug with a slot. Security and […]
The myriad of different fields that make up robotics makes QA practices difficult to settle on. Field testing is the go-to, since a functioning robot is often proof enough that a system is working. But online tests are slow. The physical environment must be set up. The entire system has to be in a workable […]
The myriad of different fields that make up robotics makes QA practices difficult to settle on. Field testing is the go-to, since a functioning robot is often proof enough that a system is working. But online tests are slow. The physical environment must be set up. The entire system has to be in a workable […]
So that’s the summer gone (hopefully, that heat was awful). Or winter if that’s where you are. Seasons change and so does the state of robotics. Fortunately, that’s what we’re here for. Before we get into it, as ever, If you’re working on any robotics projects that you’d like us to talk about, be sure […]
You’d think we would be running out of terrible/great (delete as applicable) 80’s songs to try and shoehorn into the titles of these blog posts. Turns out, not quite yet! “How can I help?” is a phrase often used in Open Source projects by enthusiastic users and developers. There are a lot of moving parts […]
You’d think we would be running out of terrible/great (delete as applicable) 80s songs to try and shoehorn into the titles of these blog posts. Turns out, not quite yet! “How can I help?” is a phrase often used in Open Source projects by enthusiastic users and developers. There are a lot of moving parts […]
You’d think we would be running out of terrible/great (delete as applicable) 80s songs to try and shoehorn into the titles of these blog posts. Turns out, not quite yet! “How can I help?” is a phrase often used in Open Source projects by enthusiastic users and developers. There are a lot of moving parts […]
Canonical is the company behind Ubuntu, but who are the people behind Canonical? This blog is the second in a series getting to know some of the different employees that make up our company. For today’s blog, we spoke with Aldo Martinez, a member of our US-based team. Aldo’s passion for artificial intelligence and machine […]
WSLConf returns this week, on September 9th and/or 10th, depending on where you are in the world. WSLConf is the community conference for Windows Subsystem for Linux, WSL. Sessions are planned to reach the growing WSL community around the world. Presenters are joining from Japan, Spain, the US, Brazil, Switzerland, France, and the UK. WSLConf […]
The widespread shift to remote working in response to the COVID-19 pandemic has been a disruptive change for countless businesses; some 13% of organisations say they have faced major disruption (1). But at Canonical, remote working has long been the status quo for many of our teams. In spite of the challenging circumstances in which […]
ROS, the Robot Operating System, is the platform of choice for robot development. However, the breadth and depth of existing documentation can be daunting for the ROS beginner. Where should you start learning about ROS 2 on Ubuntu? All robots based on ROS and ROS 2 are programmed using five simple but core constructs: Nodes […]
The web team here at Canonical run two week iterations. Here are some of the highlights of our completed work from this iteration. Web squad Our Web Squad develops and maintains most of Canonical’s promotional sites like ubuntu.com, canonical.com and more. Update the data privacy Brand new confidentiality privacy notice page from the legal team. […]
Today, HP announced the launch of its Z series of laptops and workstations certified with Ubuntu 20.04 LTS, the latest additions to their popular professional workstation line. Made to drive AI and machine learning and with hardware that is also suited to 3D and virtual reality development, the Z series is an ideal enterprise workstation […]
Another great KubeCon has recently come to an end – which is nothing less than what we expected. After all, that’s why Canonical and Ubuntu have been consistently present at KubeCon & CloudNativeCon EU, to connect with the community. This year, we showcased Canonical’s conformant, interoperable, multi-cloud Kubernetes through our two Kubernetes distributions – Charmed […]
