Sign up to save your podcasts
Or
Share Episode 134
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 134
Overview
It’s release week! As Ubuntu 21.10 Impish Indri is released we take a look at some of the new security features it brings, plus we cover security updates for containerd, MongoDB, Mercurial, docker.io and more.
This week in Ubuntu Security Updates
58 unique CVEs addressed
[USN-5095-1] Apache Commons IO vulnerability [00:46]
should remove relative path components like ../ but if contained leading
double-slashes this would fail - and the original path would be returned
without alteration - so could then possibly get relative directory
traversal to the parent directory depending on how this returned value
was used.
[USN-5096-1] Linux kernel (OEM) vulnerabilities
[USN-5091-2] Linux kernel (Raspberry Pi) vulnerabilities
[USN-5094-2] Linux kernel (Raspberry Pi) vulnerabilities
[USN-5106-1] Linux kernel (OEM) vulnerabilities [01:36]
memory - code execution
[USN-4973-2] Python vulnerability [02:18]
with this fix got dropped in an intervening SRU where 3.8.10 got
backported to 20.04 (LP: #1928057)
[USN-5099-1] Imlib2 vulnerability [03:11]
colors declared in its color map - fixed to error out in this case
[USN-5100-1] containerd vulnerability [03:43]
allows an unprivileged Linux user to traverse directory contents and
execute programs in these dirs. If a container image was created with
setuid executables then that user on the Linux host could execute these
setuid binaries and gain root privileges on the host.
[USN-5101-1] MongoDB vulnerability [04:34]
specify a negative size when decompressed - an insufficient amount of
memory would then get allocated and lead to a possible OOB write
this update
[USN-5102-1] Mercurial vulnerabilities [05:10]
so could could allow an attacker to write arbitrary files to the victim’s
filesystem outside the repo
[USN-5097-1] LedgerSMB vulnerabilities
[USN-5098-1] bl vulnerability
[USN-5103-1] docker.io vulnerability
making changes to existing files on the host filesystem - doesn’t
actually allow to read/modify or execute files on the host but could make
them readable/change perms etc and expose info on the host
[USN-5104-1] Squid vulnerability
[USN-5105-1] Bottle vulnerability
[USN-5022-3] MySQL vulnerabilities
[USN-5107-1] Firefox vulnerabilities [06:47]
specially crafted website, an attacker could potentially exploit these to
cause a denial of service, spoof another origin, or execute arbitrary
code.”
[USN-5108-1] libntlm vulnerability [07:32]
fixed size buffer in various functions - fixed to truncate size to fit
within the buffer if too big to avoid overflowing the buffer
[USN-5078-3] Squashfs-Tools vulnerability [07:54]
squashfs 2.x filesystems - would fail to actually sort entries as
expected - thanks to Salvatore Bonaccorso from the Debian security team
for bringing this to our attention
Goings on in Ubuntu Security Community
Ubuntu 21.10 (Impish Indri) released [09:08]
Hiring [13:12]
Security Product Manager
Get in contact
View all episodes
By Ubuntu Security Team
4.8
1010 ratings
Overview
It’s release week! As Ubuntu 21.10 Impish Indri is released we take a look at some of the new security features it brings, plus we cover security updates for containerd, MongoDB, Mercurial, docker.io and more.
This week in Ubuntu Security Updates
58 unique CVEs addressed
[USN-5095-1] Apache Commons IO vulnerability [00:46]
should remove relative path components like ../ but if contained leading
double-slashes this would fail - and the original path would be returned
without alteration - so could then possibly get relative directory
traversal to the parent directory depending on how this returned value
was used.
[USN-5096-1] Linux kernel (OEM) vulnerabilities
[USN-5091-2] Linux kernel (Raspberry Pi) vulnerabilities
[USN-5094-2] Linux kernel (Raspberry Pi) vulnerabilities
[USN-5106-1] Linux kernel (OEM) vulnerabilities [01:36]
memory - code execution
[USN-4973-2] Python vulnerability [02:18]
with this fix got dropped in an intervening SRU where 3.8.10 got
backported to 20.04 (LP: #1928057)
[USN-5099-1] Imlib2 vulnerability [03:11]
colors declared in its color map - fixed to error out in this case
[USN-5100-1] containerd vulnerability [03:43]
allows an unprivileged Linux user to traverse directory contents and
execute programs in these dirs. If a container image was created with
setuid executables then that user on the Linux host could execute these
setuid binaries and gain root privileges on the host.
[USN-5101-1] MongoDB vulnerability [04:34]
specify a negative size when decompressed - an insufficient amount of
memory would then get allocated and lead to a possible OOB write
this update
[USN-5102-1] Mercurial vulnerabilities [05:10]
so could could allow an attacker to write arbitrary files to the victim’s
filesystem outside the repo
[USN-5097-1] LedgerSMB vulnerabilities
[USN-5098-1] bl vulnerability
[USN-5103-1] docker.io vulnerability
making changes to existing files on the host filesystem - doesn’t
actually allow to read/modify or execute files on the host but could make
them readable/change perms etc and expose info on the host
[USN-5104-1] Squid vulnerability
[USN-5105-1] Bottle vulnerability
[USN-5022-3] MySQL vulnerabilities
[USN-5107-1] Firefox vulnerabilities [06:47]
specially crafted website, an attacker could potentially exploit these to
cause a denial of service, spoof another origin, or execute arbitrary
code.”
[USN-5108-1] libntlm vulnerability [07:32]
fixed size buffer in various functions - fixed to truncate size to fit
within the buffer if too big to avoid overflowing the buffer
[USN-5078-3] Squashfs-Tools vulnerability [07:54]
squashfs 2.x filesystems - would fail to actually sort entries as
expected - thanks to Salvatore Bonaccorso from the Debian security team
for bringing this to our attention
Goings on in Ubuntu Security Community
Ubuntu 21.10 (Impish Indri) released [09:08]
Hiring [13:12]
Security Product Manager
Get in contact