Sign up to save your podcasts
Or
Share Episode 66
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Episode 66
Overview
This week we cover security updates for Django, runC and SQLite, plus Alex
and Joe discuss the AMD speculative execution Take A Way attack and we
look at some recent blog posts by the team too.
This week in Ubuntu Security Updates
16 unique CVEs addressed
[USN-4296-1] Django vulnerability [00:49]
the backend - Oracle provides a tolerance parameter which can be used
when doing GIS queries and this was not properly sanitised before use so
could allow SQL injection
[USN-4297-1] runC vulnerabilities [01:30]
containers - can replace /proc on one container with a symlink inside of
the shared mount - when this gets cleaned up other parts of /proc can end
mounted within the shared mount and this could be used for privilege
escalation since if outside of /proc then regular users might be able to
write to sensitive parts of /proc - fixed by having runc validate that
the target for mounting /proc or /sys must either not exist or must be a
directory to avoid symlink attacks etc
the target of a mount and so could end up mounting a malicious image over
/proc - instead add more explicit checks on whether the dest of a mount
is /proc and only allow this if the source is also a procfs
[USN-4298-1] SQLite vulnerabilities [03:09]
parts of SQLite including handling of shadow tables, corrupt records,
parsing, ZIP archives and column optimisations. Most of these were
detected by fuzzing and so are unlikely to be an issue unless handling
untrusted SQLite databases or untrusted query inputs.
Goings on in Ubuntu Security Community
Alex and Joe discuss AMD Take A Way attack [04:10]
Blog posts [19:08]
Hiring [20:21]
Robotics Security Engineer
Security Engineer - Certifications (FIPS, Common Criteria)
Ubuntu Security Engineer
Get in contact
View all episodes
By Ubuntu Security Team
4.8
1010 ratings
Overview
This week we cover security updates for Django, runC and SQLite, plus Alex
and Joe discuss the AMD speculative execution Take A Way attack and we
look at some recent blog posts by the team too.
This week in Ubuntu Security Updates
16 unique CVEs addressed
[USN-4296-1] Django vulnerability [00:49]
the backend - Oracle provides a tolerance parameter which can be used
when doing GIS queries and this was not properly sanitised before use so
could allow SQL injection
[USN-4297-1] runC vulnerabilities [01:30]
containers - can replace /proc on one container with a symlink inside of
the shared mount - when this gets cleaned up other parts of /proc can end
mounted within the shared mount and this could be used for privilege
escalation since if outside of /proc then regular users might be able to
write to sensitive parts of /proc - fixed by having runc validate that
the target for mounting /proc or /sys must either not exist or must be a
directory to avoid symlink attacks etc
the target of a mount and so could end up mounting a malicious image over
/proc - instead add more explicit checks on whether the dest of a mount
is /proc and only allow this if the source is also a procfs
[USN-4298-1] SQLite vulnerabilities [03:09]
parts of SQLite including handling of shadow tables, corrupt records,
parsing, ZIP archives and column optimisations. Most of these were
detected by fuzzing and so are unlikely to be an issue unless handling
untrusted SQLite databases or untrusted query inputs.
Goings on in Ubuntu Security Community
Alex and Joe discuss AMD Take A Way attack [04:10]
Blog posts [19:08]
Hiring [20:21]
Robotics Security Engineer
Security Engineer - Certifications (FIPS, Common Criteria)
Ubuntu Security Engineer
Get in contact