what you don't know can hurt you

Ubuntu Security Notice USN-4271-1

Ubuntu Security Notice USN-4271-1
Posted Feb 6, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4271-1 - Tim Brown discovered that Mesa incorrectly handled shared memory permissions. A local attacker could use this issue to obtain and possibly alter sensitive information belonging to another user.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2019-5068
MD5 | 2a40e0856add83d9e7c09db82b5e2abf

Ubuntu Security Notice USN-4271-1

Change Mirror Download
==========================================================================
Ubuntu Security Notice USN-4271-1
February 06, 2020

mesa vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 19.10
- Ubuntu 18.04 LTS

Summary:

Mesa could be made to expose sensitive information.

Software Description:
- mesa: free implementation of the EGL API

Details:

Tim Brown discovered that Mesa incorrectly handled shared memory
permissions. A local attacker could use this issue to obtain and possibly
alter sensitive information belonging to another user.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 19.10:
libd3dadapter9-mesa 19.2.8-0ubuntu0~19.10.2
libegl-mesa0 19.2.8-0ubuntu0~19.10.2
libegl1-mesa 19.2.8-0ubuntu0~19.10.2
libgbm1 19.2.8-0ubuntu0~19.10.2
libgl1-mesa-dri 19.2.8-0ubuntu0~19.10.2
libgl1-mesa-glx 19.2.8-0ubuntu0~19.10.2
libglapi-mesa 19.2.8-0ubuntu0~19.10.2
libgles2-mesa 19.2.8-0ubuntu0~19.10.2
libglx-mesa0 19.2.8-0ubuntu0~19.10.2
libosmesa6 19.2.8-0ubuntu0~19.10.2
libwayland-egl1-mesa 19.2.8-0ubuntu0~19.10.2
libxatracker2 19.2.8-0ubuntu0~19.10.2
mesa-opencl-icd 19.2.8-0ubuntu0~19.10.2
mesa-va-drivers 19.2.8-0ubuntu0~19.10.2
mesa-vdpau-drivers 19.2.8-0ubuntu0~19.10.2
mesa-vulkan-drivers 19.2.8-0ubuntu0~19.10.2

Ubuntu 18.04 LTS:
libd3dadapter9-mesa 19.2.8-0ubuntu0~18.04.2
libegl-mesa0 19.2.8-0ubuntu0~18.04.2
libegl1-mesa 19.2.8-0ubuntu0~18.04.2
libgbm1 19.2.8-0ubuntu0~18.04.2
libgl1-mesa-dri 19.2.8-0ubuntu0~18.04.2
libgl1-mesa-glx 19.2.8-0ubuntu0~18.04.2
libglapi-mesa 19.2.8-0ubuntu0~18.04.2
libgles2-mesa 19.2.8-0ubuntu0~18.04.2
libglx-mesa0 19.2.8-0ubuntu0~18.04.2
libosmesa6 19.2.8-0ubuntu0~18.04.2
libwayland-egl1-mesa 19.2.8-0ubuntu0~18.04.2
libxatracker2 19.2.8-0ubuntu0~18.04.2
mesa-opencl-icd 19.2.8-0ubuntu0~18.04.2
mesa-va-drivers 19.2.8-0ubuntu0~18.04.2
mesa-vdpau-drivers 19.2.8-0ubuntu0~18.04.2
mesa-vulkan-drivers 19.2.8-0ubuntu0~18.04.2

After a standard system update you need to restart your session to make
all the necessary changes.

References:
https://usn.ubuntu.com/4271-1
CVE-2019-5068

Package Information:
https://launchpad.net/ubuntu/+source/mesa/19.2.8-0ubuntu0~19.10.2
https://launchpad.net/ubuntu/+source/mesa/19.2.8-0ubuntu0~18.04.2

Comments (1)

RSS Feed Subscribe to this comment feed
lionkingggg

For some reason I was looking for hackers to do some legal ethical hacking jobs.Someone recommended me this site <SNIP> they are hardcore hackers and I have heard good things about them,but the question is; how safe is to hire hackers?They will know everything about the network and it could be very risky, on the other side only a hackers can protect our network in that level which is actually desired

CONTACT SNIP: pagerhackconsults247@gmail.com

Comment by lionkingggg
2020-02-07 14:44:33 UTC | Permalink | Reply
Login or Register to post a comment

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    11 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close