This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Content provided by Alex Murray and Ubuntu Security Team. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Alex Murray and Ubuntu Security Team or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
Episode 55
MP3•Episode home
Manage episode 247723145 series 2423058
Content provided by Alex Murray and Ubuntu Security Team. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Alex Murray and Ubuntu Security Team or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Overview
This week we cover security updates for NSS, SQLite, the Linux kernel and more, plus Joe and Alex discuss a recent FBI advisory warning about possible dangers of Smart TVs.
This week in Ubuntu Security Updates
49 unique CVEs addressed
[USN-4203-1, USN-4203-2] NSS vulnerability [00:59]
- 1 CVEs addressed in Precise ESM, Trusty ESM, Xenial, Bionic, Disco, Eoan
- OOB write if using an output buffer smaller than the block size (since used block size instead of buffer size) when writing output for NSC_EncryptUpdate()
[USN-4204-1] psutil vulnerability [02:05]
- 1 CVEs addressed in Xenial, Bionic, Disco, Eoan
- Double free due to mishandling of reference counting when handling errors during conversion of system data into Python objects - could be triggered when using a malicious disk partition label with an invalid character that fails to decode - so triggers error than fails to cleanup properly and results in a double free
[USN-4205-1] SQLite vulnerabilities [02:59]
- 6 CVEs addressed in Precise ESM, Xenial, Bionic, Disco, Eoan
- Various robustness updates for SQLite related to CVEs from other applications that misuse SQLite - so this makes SQLite more tolerant if it is misused in the future - plus a fix of a possible crash (DoS) under certain usage scenarios.
[USN-4208-1] Linux kernel vulnerabilities [03:42]
- 12 CVEs addressed in Bionic (gcp-edge), Eoan (5.3 kernel)
- Buffer overflow in wifi driver stack - able to be triggered by a remote user in wifi range
- Ubuntu specific OverlayFS and ShiftFS memory mapped reference counting issue - can be triggered when combined with that when combined with AUFS by a local attacker.
- Memory leak based denial of service issues in various drivers (usually during error conditions so unlikely to ever be hit in real use or able to be easily triggered by malicious local users):
- AMD Display Engine
- Qualcomm FastRPC
- Cascoda CA8210 SPI 802.15.4 wireless controller
- AMD Audio CoProcessor
- Intel OPA Gen1 Infiniband
- ADIS16400 IIO IMU
- VirtualBox guest
- ARM Komeda display
[USN-4209-1] Linux kernel vulnerabilities [06:07]
- 3 CVEs addressed in Bionic (HWE), Disco (5.0 kernel)
- Memory leak in Netronome NFP4000/NFP6k000 driver
- Buffer overflow via 802.11 wifi config interface - local user onlu
- OverlayFS/ShiftFS issue above
[USN-4210-1] Linux kernel vulnerabilities [06:47]
- 6 CVEs addressed in Xenial (HWE), Bionic (4.15)
- See above:
- Wifi stack buffer overflow from remote user
- Wifi config buffer overflow from local user
- Memory leaks above:
- Cascoda CA8210 SPI 802.15.4 wireless controller
- Intel OPA Gen1 Infiniband
- ADIS16400 IIO IMU
[USN-4211-1, USN-4211-2] Linux kernel vulnerabilities [07:22]
- 3 CVEs addressed in Xenial, Trusty ESM (Xenial HWE)
- Wifi stack remote user buffer overflow
- Infinite loop in the CFS scheduler able to be triggered by a local user -> DoS
[USN-4206-1] GraphicsMagick vulnerabilities [07:55]
- 10 CVEs addressed in Xenial
- Usual sorts of memory mismanagement issues seen in large C codebases (most resulting in crash -> DoS)
- OOB read
- Various memory allocation failure issues - trigger crash -> DoS
- NULL pointer dereference
- Heap buffer overflow for RGB images with multiple frames with non-identical widths
- UAF via a crafted MNG image
- Resource consumption via crafted JPEG which specifies invalid scanlines
- Memory leaks -> memory exhaustion -> crash -> DoS
[USN-4207-1] GraphicsMagick vulnerabilities [09:18]
- 13 CVEs addressed in Bionic
[USN-4194-2] postgresql-common vulnerability [09:29]
- 1 CVEs addressed in Trusty ESM
- Episode 54 - Debian specific package - privesc
[USN-4182-3, USN-4182-4] Intel Microcode regression [09:44]
- 2 CVEs addressed in Trusty ESM, Xenial, Bionic, Disco, Eoan
- Previous microcode update resulted in some Skylake processors hanging on a warm reboot - not Ubuntu specific and is tracked upstream by Intel https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/21 - so this update reverts the microcode only for those specific processor models
Goings on in Ubuntu Security Community
Joe and Alex discuss a recent FBI Advisory concerning SmartTVs [10:50]
Get in contact
228 episodes
MP3•Episode home
Manage episode 247723145 series 2423058
Content provided by Alex Murray and Ubuntu Security Team. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Alex Murray and Ubuntu Security Team or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Overview
This week we cover security updates for NSS, SQLite, the Linux kernel and more, plus Joe and Alex discuss a recent FBI advisory warning about possible dangers of Smart TVs.
This week in Ubuntu Security Updates
49 unique CVEs addressed
[USN-4203-1, USN-4203-2] NSS vulnerability [00:59]
- 1 CVEs addressed in Precise ESM, Trusty ESM, Xenial, Bionic, Disco, Eoan
- OOB write if using an output buffer smaller than the block size (since used block size instead of buffer size) when writing output for NSC_EncryptUpdate()
[USN-4204-1] psutil vulnerability [02:05]
- 1 CVEs addressed in Xenial, Bionic, Disco, Eoan
- Double free due to mishandling of reference counting when handling errors during conversion of system data into Python objects - could be triggered when using a malicious disk partition label with an invalid character that fails to decode - so triggers error than fails to cleanup properly and results in a double free
[USN-4205-1] SQLite vulnerabilities [02:59]
- 6 CVEs addressed in Precise ESM, Xenial, Bionic, Disco, Eoan
- Various robustness updates for SQLite related to CVEs from other applications that misuse SQLite - so this makes SQLite more tolerant if it is misused in the future - plus a fix of a possible crash (DoS) under certain usage scenarios.
[USN-4208-1] Linux kernel vulnerabilities [03:42]
- 12 CVEs addressed in Bionic (gcp-edge), Eoan (5.3 kernel)
- Buffer overflow in wifi driver stack - able to be triggered by a remote user in wifi range
- Ubuntu specific OverlayFS and ShiftFS memory mapped reference counting issue - can be triggered when combined with that when combined with AUFS by a local attacker.
- Memory leak based denial of service issues in various drivers (usually during error conditions so unlikely to ever be hit in real use or able to be easily triggered by malicious local users):
- AMD Display Engine
- Qualcomm FastRPC
- Cascoda CA8210 SPI 802.15.4 wireless controller
- AMD Audio CoProcessor
- Intel OPA Gen1 Infiniband
- ADIS16400 IIO IMU
- VirtualBox guest
- ARM Komeda display
[USN-4209-1] Linux kernel vulnerabilities [06:07]
- 3 CVEs addressed in Bionic (HWE), Disco (5.0 kernel)
- Memory leak in Netronome NFP4000/NFP6k000 driver
- Buffer overflow via 802.11 wifi config interface - local user onlu
- OverlayFS/ShiftFS issue above
[USN-4210-1] Linux kernel vulnerabilities [06:47]
- 6 CVEs addressed in Xenial (HWE), Bionic (4.15)
- See above:
- Wifi stack buffer overflow from remote user
- Wifi config buffer overflow from local user
- Memory leaks above:
- Cascoda CA8210 SPI 802.15.4 wireless controller
- Intel OPA Gen1 Infiniband
- ADIS16400 IIO IMU
[USN-4211-1, USN-4211-2] Linux kernel vulnerabilities [07:22]
- 3 CVEs addressed in Xenial, Trusty ESM (Xenial HWE)
- Wifi stack remote user buffer overflow
- Infinite loop in the CFS scheduler able to be triggered by a local user -> DoS
[USN-4206-1] GraphicsMagick vulnerabilities [07:55]
- 10 CVEs addressed in Xenial
- Usual sorts of memory mismanagement issues seen in large C codebases (most resulting in crash -> DoS)
- OOB read
- Various memory allocation failure issues - trigger crash -> DoS
- NULL pointer dereference
- Heap buffer overflow for RGB images with multiple frames with non-identical widths
- UAF via a crafted MNG image
- Resource consumption via crafted JPEG which specifies invalid scanlines
- Memory leaks -> memory exhaustion -> crash -> DoS
[USN-4207-1] GraphicsMagick vulnerabilities [09:18]
- 13 CVEs addressed in Bionic
[USN-4194-2] postgresql-common vulnerability [09:29]
- 1 CVEs addressed in Trusty ESM
- Episode 54 - Debian specific package - privesc
[USN-4182-3, USN-4182-4] Intel Microcode regression [09:44]
- 2 CVEs addressed in Trusty ESM, Xenial, Bionic, Disco, Eoan
- Previous microcode update resulted in some Skylake processors hanging on a warm reboot - not Ubuntu specific and is tracked upstream by Intel https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/21 - so this update reverts the microcode only for those specific processor models
Goings on in Ubuntu Security Community
Joe and Alex discuss a recent FBI Advisory concerning SmartTVs [10:50]
Get in contact
228 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.