Movatterモバイル変換

[USN-2176-1] Linux kernel (Raring HWE) vulnerabilities

• Previous message (by thread):[USN-2175-1] Linux kernel (Quantal HWE) vulnerabilities
• Next message (by thread):[USN-2177-1] Linux kernel (Saucy HWE) vulnerabilities
• Messages sorted by:[ date ][ thread ][ subject ][ author ]

==========================================================================Ubuntu Security Notice USN-2176-1April 26, 2014linux-lts-raring vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 12.04 LTSSummary:Several security issues were fixed in the kernel.Software Description:- linux-lts-raring: Linux hardware enablement kernel from RaringDetails:A flaw was discovered in the Kernel Virtual Machine (KVM) subsystem of theLinux kernel. A guest OS user could exploit this flaw to execute arbitrarycode on the host OS. (CVE-2014-0049)Al Viro discovered an error in how CIFS in the Linux kernel handlesuncached write operations. An unprivileged local user could exploit thisflaw to cause a denial of service (system crash), obtain sensitiveinformation from kernel memory, or possibly gain privileges.(CVE-2014-0069)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 12.04 LTS:  linux-image-3.8.0-39-generic    3.8.0-39.57~precise1After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed. Ifyou use linux-restricted-modules, you have to update that package aswell to get modules which work with the new kernel version. Unless youmanually uninstalled the standard kernel metapackages (e.g. linux-generic,linux-server, linux-powerpc), a standard system upgrade will automaticallyperform this as well.References:http://www.ubuntu.com/usn/usn-2176-1  CVE-2014-0049, CVE-2014-0069Package Information:https://launchpad.net/ubuntu/+source/linux-lts-raring/3.8.0-39.57~precise1-------------- next part --------------A non-text attachment was scrubbed...Name: signature.ascType: application/pgp-signatureSize: 884 bytesDesc: OpenPGP digital signatureURL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20140426/0208224a/attachment.sig>

• Previous message (by thread):[USN-2175-1] Linux kernel (Quantal HWE) vulnerabilities
• Next message (by thread):[USN-2177-1] Linux kernel (Saucy HWE) vulnerabilities
• Messages sorted by:[ date ][ thread ][ subject ][ author ]