Ubuntu Security Notice 4008-3 - USN-4008-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Robert Swiecki discovered that the Linux kernel did not properly apply Address Space Layout Randomization in some situations for setuid elf binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid elf binary. Various other issues were also addressed.
aa4cc845dcf7f973e16414a993cbab9ad894d59053308b8791cfaee4cab3ec45Ubuntu Security Notice 4008-2 - USN-4008-1 fixed multiple security issues in the Linux kernel. This update provides the corresponding changes to AppArmor policy for correctly operating under the Linux kernel with fixes for CVE-2019-11190. Without these changes, some profile transitions may be unintentionally denied due to missing mmap rules. Various other issues were also addressed.
c97fb2344b40e7ddc46912f7c9dc4ea6b5dd01aeebc0a6341cad61542a0225e0Ubuntu Security Notice 4006-2 - USN-4006-1 fixed a vulnerability in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space Layout Randomization in some situations for setuid a.out binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid a.out binary. Various other issues were also addressed.
3344ce66892e3b6bcf2d64c6a53ae2183c74f3498bc8efebcbc81fffa3ff02d1Ubuntu Security Notice 4008-1 - Robert Swiecki discovered that the Linux kernel did not properly apply Address Space Layout Randomization in some situations for setuid elf binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid elf binary. It was discovered that a null pointer dereference vulnerability existed in the LSI Logic MegaRAID driver in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
28114e961ef2f96e74aa757e323b74943c46e58122478366b1df1d6074638d36Ubuntu Security Notice 4007-1 - Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space Layout Randomization in some situations for setuid a.out binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid a.out binary. As a hardening measure, this update disables a.out support.
388d4ad23a67e5816b12bdd718eefffbd494bd4209f810a58f18b7f36eb65f0bUbuntu Security Notice 4006-1 - Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space Layout Randomization in some situations for setuid a.out binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid a.out binary. As a hardening measure, this update disables a.out support.
19333b91b91ea9830b485b44b4a3eae2664df4659b5ce30e925e3637873d0853Ubuntu Security Notice 4007-2 - USN-4007-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space Layout Randomization in some situations for setuid a.out binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid a.out binary. Various other issues were also addressed.
c205bff4dacb470fb1ba6ab024fe2f416dac92edbe339c775c69e4a3fa2141ab
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed