Ubuntu 6581 Published by

The following updates has been released for Ubuntu Linux:

LSN-0045-1: Linux kernel vulnerability
USN-3817-2: Python vulnerabilities
USN-3824-1: OpenJDK 7 vulnerabilities



LSN-0045-1: Linux kernel vulnerability

==========================================================================
Kernel Live Patch Security Notice 0045-1
November 13, 2018

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu:

| Series | Base kernel | Arch | flavors |
|------------------+--------------+----------+------------------|
| Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic |
| Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency |
| Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic |
| Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency |
| Ubuntu 18.04 LTS | 4.15.0 | amd64 | generic |
| Ubuntu 18.04 LTS | 4.15.0 | amd64 | lowlatency |

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

It was discovered that the generic SCSI driver in the Linux kernel did not
properly enforce permissions on kernel memory access. A local attacker
could use this to expose sensitive information or possibly elevate
privileges. (CVE-2017-13168)

Wen Xu discovered that the ext4 filesystem implementation in the Linux
kernel did not properly ensure that xattr information remained in inode
bodies. An attacker could use this to construct a malicious ext4 image
that, when mounted, could cause a denial of service (system crash).
(CVE-2018-10880)

It was discovered that an integer overflow existed in the HID Bluetooth
implementation in the Linux kernel that could lead to a buffer overwrite.
An attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2018-9363)

It was discovered that an integer overflow existed in the CD-ROM driver of
the Linux kernel. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2018-16658)

Update instructions:

The problem can be corrected by updating your livepatches to the following
versions:

| Kernel | Version | flavors |
|--------------------------+----------+--------------------------|
| 4.4.0-133.159 | 45.1 | generic, lowlatency |
| 4.4.0-133.159~14.04.1 | 45.1 | lowlatency, generic |
| 4.4.0-134.160 | 45.1 | generic, lowlatency |
| 4.4.0-134.160~14.04.1 | 45.1 | lowlatency, generic |
| 4.4.0-135.161~14.04.1 | 45.1 | lowlatency, generic |
| 4.4.0-137.163~14.04.1 | 45.1 | generic, lowlatency |
| 4.4.0-138.164 | 45.1 | generic, lowlatency |
| 4.4.0-138.164~14.04.1 | 45.1 | lowlatency, generic |
| 4.15.0-32.35 | 45.1 | lowlatency, generic |
| 4.15.0-32.35~16.04.1 | 45.1 | generic, lowlatency |
| 4.15.0-33.36 | 45.1 | lowlatency, generic |
| 4.15.0-33.36~16.04.1 | 45.1 | lowlatency, generic |
| 4.15.0-34.37 | 45.1 | generic, lowlatency |
| 4.15.0-34.37~16.04.1 | 45.1 | lowlatency, generic |
| 4.15.0-36.39 | 45.1 | generic, lowlatency |
| 4.15.0-36.39~16.04.1 | 45.1 | generic, lowlatency |
| 4.15.0-38.41 | 45.1 | lowlatency, generic |
| 4.15.0-38.41~16.04.1 | 45.1 | lowlatency, generic |

References:
CVE-2017-13168, CVE-2018-10880, CVE-2018-9363, CVE-2018-16658


--


USN-3817-2: Python vulnerabilities


==========================================================================
Ubuntu Security Notice USN-3817-2
November 15, 2018

python2.7 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 ESM

Summary:

Several security issues were fixed in Python.

Software Description:
- python2.7: An interactive high-level object-oriented language

Details:

USN-3817-1 fixed a vulnerability in Python. This update provides
the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 It was discovered that Python incorrectly handled large amounts of
 data. A remote attacker could use this issue to cause Python to crash,
 resulting in a denial of service, or possibly execute arbitrary code.
 (CVE-2018-1000030)

 It was discovered that Python incorrectly handled running external
 commands in the shutil module. A remote attacker could use this issue
 to cause Python to crash, resulting in a denial of service, or
 possibly execute arbitrary code. (CVE-2018-1000802)

 It was discovered that Python incorrectly used regular expressions
 vulnerable to catastrophic backtracking. A remote attacker could
 possibly use this issue to cause a denial of service. (CVE-2018-1060,
 CVE-2018-1061)

 It was discovered that Python failed to initialize Expat's hash salt.
 A remote attacker could possibly use this issue to cause hash
 collisions, leading to a denial of service. (CVE-2018-14647)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  python2.7 2.7.3-0ubuntu3.11
  python2.7-minimal 2.7.3-0ubuntu3.11

In general, a standard system update will make all the necessary
changes.

References:
  https://usn.ubuntu.com/usn/usn-3817-2
  https://usn.ubuntu.com/usn/usn-3817-1
  CVE-2018-1000030, CVE-2018-1000802, CVE-2018-1060, CVE-2018-1061,
  CVE-2018-14647

USN-3824-1: OpenJDK 7 vulnerabilities


==========================================================================
Ubuntu Security Notice USN-3824-1
November 16, 2018

openjdk-7 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in OpenJDK 7.

Software Description:
- openjdk-7: Open Source Java implementation

Details:

It was discovered that the Security component of OpenJDK did not properly
ensure that manifest elements were signed before use. An attacker could
possibly use this to specially construct an untrusted Java application or
applet that could escape sandbox restrictions. (CVE-2018-3136)

Artem Smotrakov discovered that the HTTP client redirection handler
implementation in OpenJDK did not clear potentially sensitive information
in HTTP headers when following redirections to different hosts. An attacker
could use this to expose sensitive information. (CVE-2018-3139)

It was discovered that the Java Naming and Directory Interface (JNDI)
implementation in OpenJDK did not properly enforce restrictions specified
by system properties in some situations. An attacker could potentially use
this to execute arbitrary code. (CVE-2018-3149)

It was discovered that the Hotspot component of OpenJDK did not properly
perform access checks in certain cases when performing field link
resolution. An attacker could use this to specially construct an untrusted
Java application or applet that could escape sandbox restrictions.
(CVE-2018-3169)

Felix Dörre discovered that the Java Secure Socket Extension (JSSE)
implementation in OpenJDK did not ensure that the same endpoint
identification algorithm was used during TLS session resumption as during
initial session setup. An attacker could use this to expose sensitive
information. (CVE-2018-3180)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
icedtea-7-jre-jamvm 7u181-2.6.14-0ubuntu0.3
openjdk-7-jdk 7u181-2.6.14-0ubuntu0.3
openjdk-7-jre 7u181-2.6.14-0ubuntu0.3
openjdk-7-jre-headless 7u181-2.6.14-0ubuntu0.3
openjdk-7-jre-lib 7u181-2.6.14-0ubuntu0.3

This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any Java
applications or applets to make all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3824-1
CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3169,
CVE-2018-3180

Package Information:
https://launchpad.net/ubuntu/+source/openjdk-7/7u181-2.6.14-0ubuntu0.3