Ubuntu Security Podcast

Episode 61

Listen Later
Overview

Joe is back to discuss a recent breach against Wawa, plus we detail

security updates from the past week including Apache Solr, OpenStack
Keystone, Sudo, Django and more.

This week in Ubuntu Security Updates

23 unique CVEs addressed

[USN-4259-1] Apache Solr vulnerability [00:50]
  • 1 CVEs addressed in Xenial
    • CVE-2017-12629
    • Enterprise search server based on Lucene with XML/HTTP and JSON APIs
    • Was vulnerable to an XML External Entity (XXE) attack - XML can include a
      • reference to another XML resource which might then be fetched - this
      could then be combined with another flaw (use of Config API to obtain
      access to the RunExecutableListener class) to allow remote code fetched
      from the remote XML
      [USN-4261-1] WebKitGTK+ vulnerabilities [01:44]
      • 3 CVEs addressed in Bionic, Eoan
        • CVE-2019-8846
        • CVE-2019-8844
        • CVE-2019-8835
        • Various memory management issues which could be triggered via a malicious
          • websites - possible remote code execution as a result
          [USN-4262-1] OpenStack Keystone vulnerability [02:13]
          • 1 CVEs addressed in Eoan
            • CVE-2019-19687
            • Keystone provides identity services (client authentication etc) for
              • OpenStack
            • credentials API allowed any user with a role on a project to list all
              • credentials when enforce_scope was false - so could view other users
              credentials.
            • Was introduced in keystone 15 so didn’t affect bionic or older releases -
              • only eoan
              [LSN-0062-1] Linux kernel vulnerability [03:01]
              • 7 CVEs addressed in Xenial and Bionic
                • CVE-2019-18885
                • CVE-2019-14901
                • CVE-2019-14897
                • CVE-2019-14896
                • CVE-2019-14895
                • CVE-2019-14615
                • CVE-2019-2214
                • Heap and stack buffer overflows in Marvell Wifi drivers, Intel GPU info
                  • leak on context switch, binder IPC heap buffer overflow
                  [USN-4263-1] Sudo vulnerability [03:50]
                  • 1 CVEs addressed in Xenial, Bionic, Eoan
                    • CVE-2019-18634
                    • Lots of press around this but most people would not be vulnerable since
                      • need to run in an non-default configuration
                    • When pwfeedback enabled in /etc/sudoers, stack buffer overflow able to be
                      • triggered in sudo during password authentication
                    • Not enabled by default in Ubuntu
                      • [USN-4264-1] Django vulnerability [05:00]
                      • 1 CVEs addressed in Bionic, Eoan
                        • CVE-2020-7471
                        • Possible SQL injection via the PostgreSQL module if was using the
                          • StringAgg instance
                        • Fixed to sanitize the input before processing it
                          • [USN-4265-1, USN-4265-2] SpamAssassin vulnerabilities [05:29]
                          • 2 CVEs addressed in Precise ESM, Trusty ESM, Xenial, Bionic, Eoan
                            • CVE-2020-1931
                            • CVE-2020-1930
                            • Episode 59 - possible RCE via crafted CF file - 2 more similar
                              • vulnerabilities fixed - again upstream advise should only use trusted
                              update channels or 3rd parted .cf files
                              [USN-4266-1] GraphicsMagick vulnerabilities [06:37]
                              • 7 CVEs addressed in Xenial
                                • CVE-2017-18231
                                • CVE-2017-18230
                                • CVE-2017-18229
                                • CVE-2017-18219
                                • CVE-2017-17915
                                • CVE-2017-17913
                                • CVE-2017-17912
                                • Episode 55, Episode 57, Episode 59, Episode 60
                                • NULL ptr dereferences -> crash, DoS
                                • Large memory allocation -> crash, DoS
                                • Heap + stack based buffer over-read and over-writes too
                                  • Goings on in Ubuntu Security Community
                                  Joe and Alex discuss recent Wawa breach [07:26]
                                  • https://krebsonsecurity.com/2020/01/wawa-breach-may-have-compromised-more-than-30-million-payment-cards/
                                    • Get in contact
                                    • [email protected]
                                    • #ubuntu-security on the Libera.Chat IRC network
                                    • ubuntu-hardened mailing list
                                    • Security section on discourse.ubuntu.com
                                    • @ubuntu_sec on twitter
                                      • ...more
                                      View all episodesView all episodes
                                      Download on the App Store
                                      Ubuntu Security PodcastBy Ubuntu Security Team
                                      • 4.8
                                      • 4.8
                                      • 4.8
                                      • 4.8
                                      • 4.8

                                      4.8

                                      10 ratings