January 09, 2020

Episode 58

20 minutes

Overview

In the first episode for 2020, we look at security updates for Django and

the Linux kernel, plus Alex and Joe discuss security and privacy aspects of

smart assistant connected devices.

This week in Ubuntu Security Updates

34 unique CVEs addressed

[USN-4224-1] Django vulnerability [00:51]

1 CVEs addressed in Xenial, Bionic, Disco, Eoan

CVE-2019-19844

Account takeover via password reset - when comparing email addresses,

would not do a proper unicode comparison - and so could specify an email

address which appears equal to an existing users email address (after

unicode case and character transmformation) and would then get sent a

token to reset their accounts password to your doppleganger email

address. Fix includes doing both a proper unicode case comparison AND

sending the password reset token to the email address to the one

registered against the user account, not the one input to the password

reset field.

[USN-4225-1] Linux kernel vulnerabilities [02:25]

5.3 kernel

18 CVEs addressed in Bionic (Azure and GCP edge), Eoan

CVE-2019-18813

CVE-2019-19807

UAF in ALSA timer implementation - local user - crash (DoS) / ACE

CVE-2019-19534

CVE-2019-19529

CVE-2019-19524

CVE-2019-19072

Memory leak in tracing subsystem -> DoS

CVE-2019-19055

CVE-2019-19052

CVE-2019-19051

CVE-2019-19047

CVE-2019-19045

CVE-2019-19044

CVE-2019-18660

SpectreRSB mitigations not properly enforced on PPC

CVE-2019-16231

CVE-2019-14897

CVE-2019-14896

2 heap overflows in Marvell Libertas Wifi Driver - OTA - crash / ACE

CVE-2019-14901

CVE-2019-14895

2 heap overflows in Marvell Wifi-Ex Driver - OTA - crash / ACE

[USN-4226-1] Linux kernel vulnerabilities [03:58]

5.0 kernel

28 CVEs addressed in Bionic (AWS & Oracle Edge, Azure, GKE), Disco

CVE-2019-18813

CVE-2019-17075

CVE-2019-2214

Binder IPC OOB write - crash, ACE

CVE-2019-19922

CVE-2019-19534

CVE-2019-19532

CVE-2019-19529

CVE-2019-19526

CVE-2019-19524

CVE-2019-19083

CVE-2019-19075

CVE-2019-19072

Memory leak in tracing subsystem -> DoS

CVE-2019-19067

CVE-2019-19065

CVE-2019-19060

CVE-2019-19055

CVE-2019-19052

CVE-2019-19048

Memory leak in virtualbox guest driver -> DoS

CVE-2019-19045

CVE-2019-18660

SpectreRSB mitigations not properly enforced on PPC

CVE-2019-17133

Wifi stack failed to validate SSID IE length - buffer overflow

CVE-2019-16233

CVE-2019-16231

CVE-2019-14897

CVE-2019-14896

2 heap overflows in Marvell Libertas Wifi Driver - OTA - crash / ACE

CVE-2019-14901

CVE-2019-14895

2 heap overflows in Marvell Wifi-Ex Driver - OTA - crash / ACE

CVE-2019-10220

Kernel CIFS impl failed to sanitize paths returned from SMB server -

malicious server could overwrite arbitrary files on the client

[USN-4227-1, USN-4227-2] Linux kernel vulnerabilities [05:36]

14 CVEs addressed in Xenial, Bionic, Trusty ESM (Azure)

CVE-2019-19807

UAF in ALSA timer implementation - local user - crash (DoS) / ACE

CVE-2019-19534

CVE-2019-19529

CVE-2019-19524

CVE-2019-19083

CVE-2019-19052

CVE-2019-19045

CVE-2019-18660

SpectreRSB mitigations not properly enforced on PPC

CVE-2019-16233

CVE-2019-16231

CVE-2019-14897

CVE-2019-14896

2 heap overflows in Marvell Libertas Wifi Driver - OTA - crash / ACE

CVE-2019-14901

CVE-2019-14895

2 heap overflows in Marvell Wifi-Ex Driver - OTA - crash / ACE

[USN-4228-1, USN-4228-2] Linux kernel vulnerabilities [06:17]

8 CVEs addressed in Xenial, Trusty ESM (Xenial HWE)

CVE-2019-19534

CVE-2019-19524

CVE-2019-19052

CVE-2019-18660

SpectreRSB mitigations not properly enforced on PPC

CVE-2019-14897

CVE-2019-14896

2 heap overflows in Marvell Libertas Wifi Driver - OTA - crash / ACE

CVE-2019-14901

CVE-2019-14895

2 heap overflows in Marvell Wifi-Ex Driver - OTA - crash / ACE

[LSN-0061-1] Linux kernel vulnerability [06:38]

5 CVEs addressed in Bionic & Xenial

CVE-2019-15794

OverlayFS & ShiftFS reference counting issue - Episode 55

CVE-2019-14901

CVE-2019-14895

2 heap overflows in Marvell Wifi-Ex Driver - OTA - crash / ACE

CVE-2019-14897

CVE-2019-14896

2 heap overflows in Marvell Libertas Wifi Driver - OTA - crash / ACE

Goings on in Ubuntu Security Community

Alex and Joe discuss connected devices and smart assistants [07:25]

Get in contact

[email protected]

#ubuntu-security on the Libera.Chat IRC network

ubuntu-hardened mailing list

Security section on discourse.ubuntu.com

@ubuntu_sec on twitter

...more

View all episodes

By Ubuntu Security Team

4.8

1010 ratings