Debian 10265 Published by

The following updates has been released for Debian GNU/Linux:

Debian GNU/Linux 8 LTS:
DLA 1538-1: tinc security update
DLA 1539-1: samba security update

Debian GNU/Linux 9:
DSA 4312-1: tinc security update
DSA 4313-1: linux security update



DLA 1538-1: tinc security update

Package : tinc
Version : 1.0.24-2+deb8u1
CVE ID : CVE-2018-16737 CVE-2018-16758

Several vulnerabilities were discovered in tinc, a Virtual Private
Network (VPN) daemon. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2018-16737

Michael Yonli discovered a flaw in the implementation of the
authentication protocol that could allow a remote attacker to
establish an authenticated, one-way connection with another node.

CVE-2018-16758

Michael Yonli discovered that a man-in-the-middle that has
intercepted a TCP connection might be able to disable encryption of
UDP packets sent by a node.

For Debian 8 "Jessie", these problems have been fixed in version
1.0.24-2+deb8u1.

We recommend that you upgrade your tinc packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

--


DLA 1539-1: samba security update

Package : samba
Version : 4.2.14+dfsg-0+deb8u10
CVE ID : CVE-2018-10858 CVE-2018-10919

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,
print, and login server for Unix. The Common Vulnerabilities and
Exposures project identifies the following issues:

CVE-2018-10858

Svyatoslav Phirsov discovered that insufficient input validation in
libsmbclient allowed a malicious Samba server to write to the
client's heap memory.

CVE-2018-10919

Phillip Kuhrt discovered that Samba when acting as an Active Domain
controller disclosed some sensitive attributes.

For Debian 8 "Jessie", these problems have been fixed in version
4.2.14+dfsg-0+deb8u10.

We recommend that you upgrade your samba packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



DSA 4312-1: tinc security update




- -------------------------------------------------------------------------
Debian Security Advisory DSA-4312-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
October 08, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : tinc
CVE ID : CVE-2018-16738 CVE-2018-16758

Several vulnerabilities were discovered in tinc, a Virtual Private
Network (VPN) daemon. The Common Vulnerabilities and Exposures project
identifies the following problems:

CVE-2018-16738

Michael Yonli discovered a flaw in the implementation of the
authentication protocol that could allow a remote attacker to
establish an authenticated, one-way connection with another node.

CVE-2018-16758

Michael Yonli discovered that a man-in-the-middle that has
intercepted a TCP connection might be able to disable encryption of
UDP packets sent by a node.

For the stable distribution (stretch), these problems have been fixed in
version 1.0.31-1+deb9u1.

We recommend that you upgrade your tinc packages.

For the detailed security status of tinc please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/tinc

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/



DSA 4313-1: linux security update




- -------------------------------------------------------------------------
Debian Security Advisory DSA-4313-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
October 08, 2018 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2018-15471 CVE-2018-18021

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

CVE-2018-15471 (XSA-270)

Felix Wilhelm of Google Project Zero discovered a flaw in the hash
handling of the xen-netback Linux kernel module. A malicious or
buggy frontend may cause the (usually privileged) backend to make
out of bounds memory accesses, potentially resulting in privilege
escalation, denial of service, or information leaks.

https://xenbits.xen.org/xsa/advisory-270.html

CVE-2018-18021

It was discovered that the KVM subsystem on the arm64 platform does
not properly handle the KVM_SET_ON_REG ioctl. An attacker who can
create KVM based virtual machines can take advantage of this flaw
for denial of service (hypervisor panic) or privilege escalation
(arbitrarily redirect the hypervisor flow of control with full
register control).

For the stable distribution (stretch), these problems have been fixed in
version 4.9.110-3+deb9u6.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/