Overview
83 unique CVEs addressed across the supported Ubuntu releases.
This week in Ubuntu Security Updates
[USN-3742-3] Linux kernel (Trusty HWE) regressions
Security team issues USNs for package updates caused by regressions in previous security updatesFix for regressions caused by the original kernel update for L1TFCould cause Java applications to fail to start and possible kernel panics onboot for some hardware configurations
[USN-3745-1] wpa_supplicant and hostapd vulnerability
1 CVEs addressed in BionicCVE-2018-14526Researchers analysed WPA2 4-way handshake via symbolic execution to find weaknessesFound a number of issues including a decryption oracleIn this case, the would decrypt but not authenticate frame and then could allow recovery of the group key via a timing side-channelIn theory, allows an unauthenticated attacker to recover WPA2 group key via frame manipulation when used with TKIPNOTE: is not advised to use TKIP in practice anyway (should use WPA2/CCMP) and so should have limited applicabilityIn practice, due to large number of attempts needed to recover the full key, this is impractical (especially given that the group key is changed periodically)https://w1.fi/security/2018-1/unauthenticated-eapol-key-decryption.txthttps://papers.mathyvanhoef.com/woot2018.pdf[USN-3746-1] APT vulnerability
1 CVEs addressed in BionicCVE-2018-0501Dubbed “mirror fail” by the author and even a website - https://mirror.fail/mirror protocol in apt allows to specify a list of mirrors to try rather than just a single mirror in source.listnot enabled by defaultin APT 1.6 this was reworked and a bug introducedon fallback from one mirror to the next, the previous mirrors InRelease file would be used without checking the one from the new mirrorhence failing to authenticate the one from the new mirrorcould potentially allow installation of untrusted packages BUT would need at least two mirrors to be compromised AND for the user to have setup use of multiple mirrors in the first place[USN-3748-1] base-files vulnerability
1 CVEs addressed in BionicCVE-2018-6557Vulnerability in the motd update script via insecure use of temporary filesCould allow DoS or privelege escalation if user has turned off kernel symlink restrictions[USN-3751-1] Spice vulnerability
1 CVEs addressed in Trusty, Xenial, BionicCVE-2018-10873Insufficient bounds checks could allow to crash a server OR client from an authenticated peerRequires authentication[USN-3747-1] OpenJDK 10 vulnerabilities
4 CVEs addressed in BionicCVE-2018-2972CVE-2018-2952CVE-2018-2826CVE-2018-2825Regular Java update to fix multiple vulnerabilities[USN-3749-1] Spidermonkey vulnerabilities
1 CVEs addressed in BionicCVE-2018-5188Regular Spidermonkey update to fix vulnerabilities[USN-3750-1] Pango vulnerability
1 CVEs addressed in BionicCVE-2018-15120Kernel packages updated
[USN-3752-1] Linux kernel vulnerabilities
18 CVEs addressed in BionicCVE-2018-1000204CVE-2018-9415CVE-2018-5814CVE-2018-13406CVE-2018-13405CVE-2018-13094CVE-2018-12904CVE-2018-12233CVE-2018-12232CVE-2018-11506CVE-2018-11412CVE-2018-1120CVE-2018-1108CVE-2018-1093CVE-2018-10881CVE-2018-10840CVE-2018-10323CVE-2018-1000200[USN-3752-2] Linux kernel (HWE) vulnerabilities
18 CVEs addressed in XenialCVE-2018-1000204CVE-2018-9415CVE-2018-5814CVE-2018-13406CVE-2018-13405CVE-2018-13094CVE-2018-12904CVE-2018-12233CVE-2018-12232CVE-2018-11506CVE-2018-11412CVE-2018-1120CVE-2018-1108CVE-2018-1093CVE-2018-10881CVE-2018-10840CVE-2018-10323CVE-2018-1000200[USN-3753-1] Linux kernel vulnerabilities
11 CVEs addressed in XenialCVE-2018-13406CVE-2018-13405CVE-2018-13094CVE-2018-12233CVE-2018-10881CVE-2018-10882CVE-2018-10878CVE-2018-10877CVE-2018-10879CVE-2018-10876CVE-2017-13168[USN-3753-2] Linux kernel (Xenial HWE) vulnerabilities
11 CVEs addressed in TrustyCVE-2018-13406CVE-2018-13405CVE-2018-13094CVE-2018-12233CVE-2018-10881CVE-2018-10882CVE-2018-10878CVE-2018-10877CVE-2018-10879CVE-2018-10876CVE-2017-13168[USN-3754-1] Linux kernel vulnerabilities
53 CVEs addressed in TrustyCVE-2018-10021CVE-2018-1000204CVE-2017-2671CVE-2018-13406CVE-2018-13405CVE-2018-13094CVE-2018-12233CVE-2018-10940CVE-2018-1093CVE-2018-1092CVE-2018-10881CVE-2018-10877CVE-2018-10675CVE-2018-10323CVE-2018-10124CVE-2018-10087CVE-2017-9985CVE-2017-9984CVE-2017-8831CVE-2017-7645CVE-2017-7518CVE-2017-6348CVE-2017-6345CVE-2017-5897CVE-2017-5549CVE-2017-2584CVE-2017-2583CVE-2017-18270CVE-2017-18255CVE-2017-17558CVE-2017-16914CVE-2017-16913CVE-2017-16912CVE-2017-16911CVE-2017-16650CVE-2017-16645CVE-2017-16644CVE-2017-16643CVE-2017-16538CVE-2017-16537CVE-2017-16536CVE-2017-16535CVE-2017-16533CVE-2017-16532CVE-2017-16531CVE-2017-16529CVE-2017-16527CVE-2017-16526CVE-2017-15649CVE-2017-14991CVE-2017-11473CVE-2017-11472CVE-2016-10208Goings on in Ubuntu Security Community
Hiring
Ubuntu Security Manager
https://boards.greenhouse.io/canonical/jobs/1278287Ubuntu Security Engineer
https://boards.greenhouse.io/canonical/jobs/1158266Get in contact
#ubuntu-security on the Libera.Chat IRC network@ubuntu_sec on twitter