Sign up to save your podcasts
Or
Share Episode 54
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 54
Overview
Security updates for DPDK, Linux kernel, QEMU, ImageMagick, Ghostscript and
more, plus Joe and Alex talk about how to get into information security.
This week in Ubuntu Security Updates
89 unique CVEs addressed
[USN-4189-1] DPDK vulnerability [01:00]
triggered by a malicious master or a container with access to the
vhost_user socket
[USN-4190-1] libjpeg-turbo vulnerabilities [01:41]
[USN-4183-2] Linux kernel vulnerability [02:48]
one was based on an in-flight patch that got changed at the last minute
before the CRD - part of this fix is to whitelist certain commands to the
command-streamer, and this is done via a bitmask - this used a memset()
to zero it out but assumed the size of the underlying data was 32-bit -
so on 64-bit platforms this becomes a 64-bit size and so half the bitmask
is not zeroed out - meaning the whitelist may be able to be bypassed -
this fix includes the final upstream fix
[USN-4184-2] Linux kernel vulnerability and regression [04:37]
introduced in last week’s kernel - KVM guests would fail to launch if
extended page tables were disabled or not supported.
[USN-4185-3] Linux kernel vulnerability and regression [05:05]
[USN-4186-3] Linux kernel vulnerability [05:22]
[USN-4191-1, USN-4191-2] QEMU vulnerabilities [05:32]
possible code exec
could be used to bypass ACL restrictions
LSI SCSI adaptor emulator
[USN-4192-1] ImageMagick vulnerabilities [06:48]
just need to display or process a malicious image via ImageMagick to
trigger - interestingly, seems to be noticed - some applications (Emacs)
chose not to automatically link against and use ImageMagick now as a
result of all the various vulnerablilties which keep being found in it…
[USN-4193-1] Ghostscript vulnerability [08:13]
rewrote the SAFER sandbox - but older versions are - allows a malicious
postscript file to bypass the sandbox and access files or execute
commands etc.
[USN-4194-1] postgresql-common vulnerability [09:17]
command - allows to create a dir as postgres user - say
/usr/lib/sudo/haswell - then dump a shared lib there which will be loaded
by sudo to gain a root shell - by specifying this as the
stats_temp_directory in the config
[USN-4195-1] MySQL vulnerabilities [11:07]
xenial, bionic and disco - 5.7.28 - for more details see upstream notices
[USN-4196-1] python-ecdsa vulnerabilities [11:42]
DER encoding but also might raise exceptions unexpectedly on valid input
so would cause a DoS
Goings on in Ubuntu Security Community
Joe and Alex discuss how to get into infosec [12:18]
Get in contact
View all episodes
By Ubuntu Security Team
4.8
1010 ratings
Overview
Security updates for DPDK, Linux kernel, QEMU, ImageMagick, Ghostscript and
more, plus Joe and Alex talk about how to get into information security.
This week in Ubuntu Security Updates
89 unique CVEs addressed
[USN-4189-1] DPDK vulnerability [01:00]
triggered by a malicious master or a container with access to the
vhost_user socket
[USN-4190-1] libjpeg-turbo vulnerabilities [01:41]
[USN-4183-2] Linux kernel vulnerability [02:48]
one was based on an in-flight patch that got changed at the last minute
before the CRD - part of this fix is to whitelist certain commands to the
command-streamer, and this is done via a bitmask - this used a memset()
to zero it out but assumed the size of the underlying data was 32-bit -
so on 64-bit platforms this becomes a 64-bit size and so half the bitmask
is not zeroed out - meaning the whitelist may be able to be bypassed -
this fix includes the final upstream fix
[USN-4184-2] Linux kernel vulnerability and regression [04:37]
introduced in last week’s kernel - KVM guests would fail to launch if
extended page tables were disabled or not supported.
[USN-4185-3] Linux kernel vulnerability and regression [05:05]
[USN-4186-3] Linux kernel vulnerability [05:22]
[USN-4191-1, USN-4191-2] QEMU vulnerabilities [05:32]
possible code exec
could be used to bypass ACL restrictions
LSI SCSI adaptor emulator
[USN-4192-1] ImageMagick vulnerabilities [06:48]
just need to display or process a malicious image via ImageMagick to
trigger - interestingly, seems to be noticed - some applications (Emacs)
chose not to automatically link against and use ImageMagick now as a
result of all the various vulnerablilties which keep being found in it…
[USN-4193-1] Ghostscript vulnerability [08:13]
rewrote the SAFER sandbox - but older versions are - allows a malicious
postscript file to bypass the sandbox and access files or execute
commands etc.
[USN-4194-1] postgresql-common vulnerability [09:17]
command - allows to create a dir as postgres user - say
/usr/lib/sudo/haswell - then dump a shared lib there which will be loaded
by sudo to gain a root shell - by specifying this as the
stats_temp_directory in the config
[USN-4195-1] MySQL vulnerabilities [11:07]
xenial, bionic and disco - 5.7.28 - for more details see upstream notices
[USN-4196-1] python-ecdsa vulnerabilities [11:42]
DER encoding but also might raise exceptions unexpectedly on valid input
so would cause a DoS
Goings on in Ubuntu Security Community
Joe and Alex discuss how to get into infosec [12:18]
Get in contact