Fuji Electric’s Tellus Lite V-Simulator and V-Server Lite can allow attackers to take advantage of operational technology (OT)-IT convergence on factory floors, at utility plants and more.
Read More
The post Industrial Gear at Risk from Fuji Code-Execution Bugs appeared first on Malware Devil.
via the comic delivery system monikered Randall Munroe resident at XKCD!
The post XKCD ‘1/1000th Scale World’ appeared first on Security Boulevard.
The post XKCD ‘1/1000th Scale World’ appeared first on Malware Devil.
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Read More
The post ISC Stormcast For Friday, January 29th, 2021 https://isc.sans.edu/podcastdetail.html?id=7350, (Fri, Jan 29th) appeared first on Malware Devil.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.0328
USN-4714-1: XStream vulnerabilities
29 January 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: XStream
Publisher: Ubuntu
Operating System: Ubuntu
Impact/Access: Execute Arbitrary Code/Commands -- Existing Account
Delete Arbitrary Files -- Remote/Unauthenticated
Access Confidential Data -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2020-26259 CVE-2020-26258 CVE-2020-26217
Reference: ESB-2021.0254
ESB-2021.0210
ESB-2021.0131
ESB-2020.4241
Original Bulletin:
https://ubuntu.com/security/notices/USN-4714-1
- --------------------------BEGIN INCLUDED TEXT--------------------
USN-4714-1: XStream vulnerabilities
28 January 2021
Several security issues were fixed in libxstream-java.
Releases
o Ubuntu 20.04 LTS
o Ubuntu 18.04 LTS
Packages
o libxstream-java - Java library to serialize objects to XML and back again
Details
Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code
execution. A remote attacker could run arbitrary shell commands by
manipulating the processed input stream. ( CVE-2020-26217 )
It was discovered that XStream was vulnerable to server-side forgery attacks.
A remote attacker could request data from internal resources that are not
publicly available only by manipulating the processed input stream.
( CVE-2020-26258 )
It was discovered that XStream was vulnerable to arbitrary file deletion on
the local host. A remote attacker could use this to delete arbitrary known
files on the host as long as the executing process had sufficient rights only
by manipulating the processed input stream. ( CVE-2020-26259 )
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 20.04
o libxstream-java - 1.4.11.1-1ubuntu0.1
Ubuntu 18.04
o libxstream-java - 1.4.11.1-1~18.04.1
In general, a standard system update will make all the necessary changes.
References
o CVE-2020-26217
o CVE-2020-26259
o CVE-2020-26258
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYBN6nuNLKJtyKPYoAQjJPw//WvSizZBOdCmBrJn7BwO7UMsir29Llk3z
4esQEdcViHn/FM2ZNcf06M46zI0FoBUfnbyeCr+KbhE+cDddkAwWhMRHtl8Z92n7
DQpTfhkWTFKAf3timDwL/2hDb4nEMTibLtdRHUR7+chob3cn2J5seeS+2Ucs0wrO
7vWeJ3K9zuJZrTj2030yy54Q3IEfXXFaIW2c88YSvuZeWoT8oM7NmFdtS7/x+dpI
iXgM2LjrmOKaxUWeAbAd0285BTXfcQAxdfJ5C5fj5zHG1f4ZrI4NSwLkuqLErXQg
Do7RPbULZ2LjxDVRy6pflG+WzkX54G61y1e1xJGiD5UJ7KWUk0mEbVh1Ia+lBUP7
SQCxzSuMBQ+JrNgtxLG7oEiCNIXNR7KtuKMyujBU8tWgZXgZhwGiVKb3ozB6u9zV
B/ZQsybcBAYQ9MI2v7rC18FVhL61v2c3sVU6kB1FuXNzWdpvjopYz9wiJXAqqcsg
+dHTYtuGVWr4ACoXrLX84oGwgzt9KmqdjJlDZbqLZr54y9AANX+tWHS80gA4B0m9
7/dpr4SXJITz1+b5DgJgLAaTgRmiARpfDmtFfrTJZeopqti4gY27hPOUsK03tVep
QGuZX+43K/C0fOu0xH2H2kupbV5+CkZI/8Eoz5NiAkzIXrlU0XFlRDXV/fAo/1Yp
UJEGqb00poc=
=dA4T
-----END PGP SIGNATURE-----
The post ESB-2021.0328 – [Ubuntu] XStream: Multiple vulnerabilities appeared first on Malware Devil.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.0327
Advisory (icsa-21-028-01) Rockwell Automation FactoryTalk
Linx and FactoryTalk Services Platform
29 January 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Rockwell Automation FactoryTalk Linx and FactoryTalk Services Platform
Publisher: ICS-CERT
Operating System: Windows
Impact/Access: Denial of Service -- Remote/Unauthenticated
Resolution: Mitigation
CVE Names: CVE-2020-5807 CVE-2020-5806 CVE-2020-5802
CVE-2020-5801
Original Bulletin:
https://us-cert.cisa.gov/ics/advisories/icsa-21-028-01
- --------------------------BEGIN INCLUDED TEXT--------------------
ICS Advisory (ICSA-21-028-01)
Rockwell Automation FactoryTalk Linx and FactoryTalk Services Platform
Original release date: January 28, 2021
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided
"as is" for informational purposes only. The Department of Homeland Security
(DHS) does not provide any warranties of any kind regarding any information
contained within. DHS does not endorse any commercial product or service,
referenced in this product or otherwise. Further dissemination of this product
is governed by the Traffic Light Protocol (TLP) marking in the header. For more
information about TLP, see https://us-cert.cisa.gov/tlp/ .
1. EXECUTIVE SUMMARY
o CVSS v3 7.5
o ATTENTION: Exploitable remotely/low skill level to exploit
o Vendor: Rockwell Automation
o Equipment: FactoryTalk Linx and FactoryTalk Services Platform
o Vulnerabilities: Classic Buffer overflow, Improper Check or Handling of
Exceptional Conditions
2. RISK EVALUATION
Successful exploitation of these vulnerabilities may result in
denial-of-service conditions.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Rockwell Automation reports these vulnerabilities affect the following
products:
o FactoryTalk Linx software: Versions 6.20 and prior (CVE-2020-5806 only
affects Versions 6.10, 6.11, and 6.20)
o FactoryTalkServices Platform: Versions 6.20 and prior (Only affected by
CVE-2020-5807)
3.2 VULNERABILITY OVERVIEW
3.2.1 IMPROPER CHECK OR HANDLING OF EXCEPTIONAL CONDITIONS CWE-703
Unhandled exception vulnerabilities exist within a .dll in FactoryTalk Linx.
These vulnerabilities could allow a remote, unauthenticated attacker to send a
malicious packet resulting in the termination of RSLinxNG.exe, causing a
denial-of-service condition.
CVE-2020-5801 and CVE-2020-5802 have been assigned to these vulnerabilities. A
CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is ( AV:N
/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H ).
3.2.2 BUFFER COPY WITHOUT CHECKING SIZE OF INPUT CWE-120
A buffer overflow vulnerability exists within a .dll in FactoryTalk Linx. This
vulnerability could allow a local, unauthenticated attacker to send a malicious
packet resulting in the termination of RSLinxNG.exe, causing a
denial-of-service condition.
CVE-2020-5806 has been assigned to this vulnerability. A CVSS v3 base score of
6.2 has been calculated; the CVSS vector string is ( AV:L/AC:L/PR:N/UI:N/S:U/
C:N/I:N/A:H ).
3.2.3 BUFFER COPY WITHOUT CHECKING SIZE OF INPUT CWE-120
A buffer overflow vulnerability exists within a .dll in FactoryTalk Services
Platform. This vulnerability could be exploited via a phishing attack where an
attacker sends a specially crafted log file to a local user. When the malicious
log file is opened by a local user, it can cause a buffer overflow in the
FactoryTalk Services Platform resulting in temporary denial-of-service
conditions. Users can recover from the condition by reopening the impacted
software.
CVE-2020-5806 has been assigned to this vulnerability. A CVSS v3 base score of
4.3 has been calculated; the CVSS vector string is ( AV:N/AC:L/PR:N/UI:R/S:U/
C:N/I:N/A:L ).
3.3 BACKGROUND
o CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
o COUNTRIES/AREAS DEPLOYED: Worldwide
o COMPANY HEADQUARTERS LOCATION: United States
3.4 RESEARCHER
Tenable reported these vulnerabilities to Rockwell Automation.
4. MITIGATIONS
Rockwell Automation published PN1540 to inform users of the risk of these
vulnerabilities and instruct users on the proper use of patches.
Rockwell Automation recommends the following network-based vulnerability
mitigations for embedded products:
o Utilize proper network infrastructure controls, such as firewalls, to help
ensure traffic from unauthorized sources is blocked.
o Consult the product documentation for specific features, such as a hardware
keyswitch setting, which may be used to block unauthorized changes, etc.
o Block all traffic to EtherNet/IP or other CIP protocol-based devices from
outside the manufacturing zone by blocking or restricting access to TCP and
UDP Port 2222 and Port 44818 using proper network infrastructure controls,
such as firewalls, UTM devices, or other security appliances. For more
information on TCP/UDP ports used by Rockwell Automation products, see
Knowledgebase Article ID BF7490 .
Rockwell Automation recommends the following software/PC-based mitigation
strategies:
o Run all software as a User, not as an Administrator, to minimize the impact
of malicious code on the infected system.
o Use Microsoft AppLocker or other similar allow list applications to help
mitigate risk. Information on using AppLocker with Rockwell Automation
products is available at Knowledgebase Article ID QA17329 .
o Confirm the least-privilege user principle is followed and the user/service
account access to shared resources (such as a database) is only granted
with a minimum number of rights as needed.
Rockwell Automation recommends the following social engineering mitigation
strategies:
o Do not open untrusted .ftd files with FactoryTalk Services Platform.
o Do not click on or open URL links from untrusted sources.
o Employ training and awareness programs to educate users on the warning
signs of a phishing or social engineering attack.
Rockwell Automation recommends the following general mitigations:
o Use trusted software, software patches, antivirus/antimalware programs and
interact only with trusted websites and attachments.
o Minimize network exposure for all control system devices and/or systems and
ensure they are not accessible from the Internet. For further information
about the risks of unprotected Internet accessible control systems, please
see Knowledgebase Article ID PN715 .
o Locate control system networks and devices behind firewalls and isolate
them from the business network.
o When remote access is required, use secure methods, such as virtual private
networks (VPNs), and recognize VPNs may have vulnerabilities and should be
updated to the most current version available. Also recognize a VPN is only
as secure as the connected devices.
CISA recommends users take defensive measures to minimize the risk of
exploitation of these vulnerabilities.
CISA reminds organizations to perform proper impact analysis and risk
assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices
on the ICS webpage on us-cert.cisa.gov . Several recommended practices are
available for reading and download, including Improving Industrial Control
Systems Cybersecurity with Defense-in-Depth Strategies .
Additional mitigation guidance and recommended practices are publicly available
on the ICS webpage on us-cert.cisa.gov in the Technical Information Paper,
ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation
Strategies .
Organizations observing any suspected malicious activity should follow their
established internal procedures and report their findings to CISA for tracking
and correlation against other incidents.
No known public exploits specifically target these vulnerabilities.
For any questions related to this report, please contact the CISA at:
Email: CISAservicedesk@cisa.dhs.gov
Toll Free: 1-888-282-0870
CISA continuously strives to improve its products and services. You can help by
choosing one of the links below to provide feedback about this product.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYBN3W+NLKJtyKPYoAQjnPg//Ya/UwdZPSNbk5LA45lu0sR5+S0VZw2ao
RHCN65WTFr8kME5p/ajL+JzR2Xj0TSOLmP4pG2+nyKFcMprvO55zlmoqLZRP5Bjt
/dUVnKqA22VkgsN9vc7SYp3V30uBG+7gpS2hf7Dz8yk/pMw02KylpxZ4tmoidvGO
ZLOXz633qWo+wFYA46HMkvaJGF7O6qAWUKQroL8J9rfSZGDbHD5G+KVQs1XC5cOG
FKbaeTshYvm2rTxJgEnkWXQmahB5PBOvbJLiAdT6iCHKE5ezq+oYoSJ6ymy/6g7d
Dn88nfz5XTPmhCSmRDCZDhCn/ORb88SXuqBq7eQFTigULNhQQD6bYBoDOGZ/gkQh
XSvxdNs1QSakqApx39BLXHUdw7D02ByGJPsJ8yCz9gkgYJ2/BrJwKf0moM9O/SgP
PDQ/fpwZnNnSXTj86Or/mSFbm5itk4XN87nWAxAqYMH52WpTB00OyIOtdxjHB6kM
WN/LTuKLWiCjcy5n35aQZJvOmcq3NKlmNVkbhlqEhlWeWXjnfvOP0LyJRM9fxt48
fyHbSghL3X5hnFdIiFBTRuatOxKVlL9s25pqc7yv2MWJnZOybRMM/+dbic7fY6lH
5FwnMpQ0cj3Ok0DB5SsLIwpOmQZ5oTJf6m01DfzhDiJNoFrAB1QBEfmtTkd4a9xr
sdTGv8jmdB8=
=W4RU
-----END PGP SIGNATURE-----
The post ESB-2021.0327 – [Win] Rockwell Automation FactoryTalk Linx and FactoryTalk Services Platform: Denial of service – Remote/unauthenticated appeared first on Malware Devil.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.0326
Linux kernel vulnerabilities
29 January 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: kernel
Publisher: Ubuntu
Operating System: Ubuntu
Impact/Access: Execute Arbitrary Code/Commands -- Existing Account
Increased Privileges -- Existing Account
Modify Arbitrary Files -- Existing Account
Denial of Service -- Existing Account
Access Confidential Data -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2020-28374 CVE-2020-27777 CVE-2020-25704
CVE-2020-25669 CVE-2019-19816 CVE-2019-19813
CVE-2018-13093
Reference: ESB-2021.0069
ESB-2020.4505
ESB-2020.4377
ESB-2020.4375
ESB-2018.3731
Original Bulletin:
https://ubuntu.com/security/notices/USN-4708-1
https://ubuntu.com/security/notices/USN-4709-1
https://ubuntu.com/security/notices/USN-4710-1
https://ubuntu.com/security/notices/USN-4711-1
https://ubuntu.com/security/notices/USN-4712-1
https://ubuntu.com/security/notices/USN-4713-1
Comment: This bulletin contains six (6) Ubuntu security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
USN-4708-1: Linux kernel vulnerabilities
28 January 2021
Several security issues were fixed in the Linux kernel.
Releases
o Ubuntu 16.04 LTS
o Ubuntu 14.04 ESM
Packages
o linux - Linux kernel
o linux-lts-xenial - Linux hardware enablement kernel from Xenial for Trusty
Details
Wen Xu discovered that the XFS filesystem implementation in the Linux
kernel did not properly track inode validations. An attacker could use this
to construct a malicious XFS image that, when mounted, could cause a denial
of service (system crash). ( CVE-2018-13093 )
It was discovered that the btrfs file system implementation in the Linux
kernel did not properly validate file system metadata in some situations.
An attacker could use this to construct a malicious btrfs image that, when
mounted, could cause a denial of service (system crash). ( CVE-2019-19813 ,
CVE-2019-19816 )
Bodong Zhao discovered a use-after-free in the Sun keyboard driver
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
( CVE-2020-25669 )
Daniel Axtens discovered that PowerPC RTAS implementation in the Linux
kernel did not properly restrict memory accesses in some situations. A
privileged local attacker could use this to arbitrarily modify kernel
memory, potentially bypassing kernel lockdown restrictions.
( CVE-2020-27777 )
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 16.04
o linux-image-4.4.0-201-generic - 4.4.0-201.233
o linux-image-4.4.0-201-generic-lpae - 4.4.0-201.233
o linux-image-4.4.0-201-lowlatency - 4.4.0-201.233
o linux-image-4.4.0-201-powerpc-e500mc - 4.4.0-201.233
o linux-image-4.4.0-201-powerpc-smp - 4.4.0-201.233
o linux-image-4.4.0-201-powerpc64-emb - 4.4.0-201.233
o linux-image-4.4.0-201-powerpc64-smp - 4.4.0-201.233
o linux-image-generic - 4.4.0.201.207
o linux-image-generic-lpae - 4.4.0.201.207
o linux-image-lowlatency - 4.4.0.201.207
o linux-image-powerpc-e500mc - 4.4.0.201.207
o linux-image-powerpc-smp - 4.4.0.201.207
o linux-image-powerpc64-emb - 4.4.0.201.207
o linux-image-powerpc64-smp - 4.4.0.201.207
o linux-image-virtual - 4.4.0.201.207
Ubuntu 14.04
o linux-image-4.4.0-201-generic - 4.4.0-201.233~14.04.1
o linux-image-4.4.0-201-generic-lpae - 4.4.0-201.233~14.04.1
o linux-image-4.4.0-201-lowlatency - 4.4.0-201.233~14.04.1
o linux-image-4.4.0-201-powerpc-e500mc - 4.4.0-201.233~14.04.1
o linux-image-4.4.0-201-powerpc-smp - 4.4.0-201.233~14.04.1
o linux-image-4.4.0-201-powerpc64-emb - 4.4.0-201.233~14.04.1
o linux-image-4.4.0-201-powerpc64-smp - 4.4.0-201.233~14.04.1
o linux-image-generic-lpae-lts-xenial - 4.4.0.201.176
o linux-image-generic-lts-xenial - 4.4.0.201.176
o linux-image-lowlatency-lts-xenial - 4.4.0.201.176
o linux-image-powerpc-e500mc-lts-xenial - 4.4.0.201.176
o linux-image-powerpc-smp-lts-xenial - 4.4.0.201.176
o linux-image-powerpc64-emb-lts-xenial - 4.4.0.201.176
o linux-image-powerpc64-smp-lts-xenial - 4.4.0.201.176
o linux-image-virtual-lts-xenial - 4.4.0.201.176
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References
o CVE-2020-27777
o CVE-2018-13093
o CVE-2019-19816
o CVE-2020-25669
o CVE-2019-19813
Related notices
o USN-4680-1 : linux-aws-hwe, linux-image-lowlatency, linux-hwe,
linux-raspi2, linux-image-raspi2, linux, linux-gke-4.15, linux-gcp-4.15,
linux-image-4.15.0-129-lowlatency, linux-gcp,
linux-image-4.15.0-1077-raspi2, linux-image-4.15.0-129-generic,
linux-image-generic, linux-kvm, linux-image-4.15.0-1082-kvm,
linux-image-powerpc64-smp, linux-image-snapdragon,
linux-image-powerpc64-emb, linux-image-aws-lts-18.04, linux-oracle,
linux-azure-4.15, linux-image-generic-lpae-hwe-16.04, linux-image-gcp,
linux-image-oem, linux-image-azure, linux-image-4.15.0-1094-snapdragon,
linux-image-generic-lpae, linux-image-virtual-hwe-16.04, linux-image-kvm,
linux-image-lowlatency-hwe-16.04, linux-image-4.15.0-1103-azure, linux-aws,
linux-image-oracle-lts-18.04, linux-image-aws-hwe, linux-snapdragon,
linux-image-4.15.0-1077-gke, linux-image-generic-hwe-16.04,
linux-image-4.15.0-1091-gcp, linux-image-virtual,
linux-image-4.15.0-1062-oracle, linux-image-4.15.0-129-generic-lpae,
linux-image-gcp-lts-18.04, linux-azure, linux-image-oracle,
linux-image-powerpc-smp, linux-image-gke-4.15, linux-image-gke,
linux-image-powerpc-e500mc, linux-image-4.15.0-1091-aws,
linux-image-azure-lts-18.04
o USN-4679-1 : linux-image-lowlatency, linux-image-raspi2, linux-azure-5.4,
linux, linux-oracle-5.4, linux-raspi, linux-image-generic-hwe-18.04,
linux-kvm, linux-gcp, linux-image-generic, linux-gke-5.4,
linux-image-raspi, linux-image-raspi-hwe-18.04, linux-raspi-5.4,
linux-image-5.4.0-1026-raspi, linux-image-5.4.0-59-generic-lpae,
linux-oracle, linux-image-5.4.0-1031-kvm, linux-image-gcp, linux-image-oem,
linux-image-azure, linux-image-generic-lpae, linux-image-5.4.0-1034-aws,
linux-image-kvm, linux-gcp-5.4, linux-image-5.4.0-59-generic,
linux-image-5.4.0-1033-gcp, linux-aws, linux-image-oem-osp1,
linux-image-5.4.0-1034-oracle, linux-image-lowlatency-hwe-18.04,
linux-image-generic-lpae-hwe-18.04, linux-aws-5.4, linux-image-gke-5.4,
linux-image-virtual, linux-azure, linux-hwe-5.4,
linux-image-virtual-hwe-18.04, linux-image-oracle,
linux-image-5.4.0-1035-azure, linux-image-aws, linux-image-5.4.0-1033-gke,
linux-image-snapdragon-hwe-18.04, linux-image-5.4.0-59-lowlatency
o USN-4414-1 : linux-aws-hwe, linux-image-lowlatency, linux-hwe,
linux-raspi2, linux-image-raspi2, linux-image-4.15.0-1048-oracle, linux,
linux-gke-4.15, linux-image-4.15.0-1065-raspi2, linux-gcp-4.15, linux-kvm,
linux-gcp, linux-image-4.15.0-1078-gcp, linux-image-generic,
linux-image-4.15.0-107-generic, linux-image-powerpc64-smp,
linux-image-snapdragon, linux-image-powerpc64-emb,
linux-image-aws-lts-18.04, linux-image-4.15.0-1064-gke, linux-oracle,
linux-image-4.15.0-109-lowlatency, linux-azure-4.15,
linux-image-4.15.0-1046-oracle, linux-image-4.15.0-1081-snapdragon,
linux-image-4.15.0-1091-azure, linux-image-azure, linux-image-gcp,
linux-image-4.15.0-1091-oem, linux-image-generic-lpae-hwe-16.04,
linux-image-4.15.0-109-generic, linux-image-generic-lpae, linux-image-oem,
linux-image-kvm, linux-image-virtual-hwe-16.04,
linux-image-lowlatency-hwe-16.04, linux-oem, linux-image-4.15.0-1077-aws,
linux-aws, linux-image-oracle-lts-18.04, linux-image-4.15.0-1069-kvm,
linux-image-aws-hwe, linux-snapdragon, linux-image-generic-hwe-16.04,
linux-image-virtual, linux-image-4.15.0-109-generic-lpae,
linux-image-gcp-lts-18.04, linux-azure, linux-image-oracle,
linux-image-4.15.0-107-generic-lpae, linux-image-powerpc-smp,
linux-image-gke-4.15, linux-image-4.15.0-107-lowlatency, linux-image-gke,
linux-image-powerpc-e500mc, linux-image-azure-lts-18.04,
linux-image-4.15.0-1074-aws
o USN-4709-1 : linux-image-snapdragon, linux-aws, linux-raspi2,
linux-image-raspi2, linux-image-4.4.0-1087-kvm,
linux-image-4.4.0-1145-raspi2, linux-image-4.4.0-1149-snapdragon,
linux-image-aws, linux-snapdragon, linux-image-4.4.0-1085-aws, linux-kvm,
linux-image-kvm
o USN-4118-1 : linux-aws-hwe, linux-image-4.15.0-1047-aws, linux-aws,
linux-image-aws-hwe, linux-image-aws
o USN-4094-1 : linux-image-4.15.0-1055-azure,
linux-image-4.15.0-1060-snapdragon, linux-image-lowlatency,
linux-image-4.15.0-1040-gcp, linux-hwe, linux-image-4.15.0-58-generic-lpae,
linux-raspi2, linux-image-raspi2, linux-image-4.15.0-1050-oem,
linux-gke-4.15, linux, linux-kvm, linux-gcp, linux-image-generic,
linux-image-powerpc64-smp, linux-image-snapdragon,
linux-image-powerpc64-emb, linux-oracle,
linux-image-generic-lpae-hwe-16.04, linux-image-gcp, linux-image-oem,
linux-image-azure, linux-image-4.15.0-1043-raspi2,
linux-image-generic-lpae, linux-image-virtual-hwe-16.04, linux-image-kvm,
linux-image-lowlatency-hwe-16.04, linux-oem,
linux-image-4.15.0-58-lowlatency, linux-snapdragon,
linux-image-4.15.0-1040-gke, linux-image-4.15.0-1021-oracle,
linux-image-generic-hwe-16.04, linux-image-4.15.0-58-generic,
linux-image-4.15.0-1042-kvm, linux-azure, linux-image-oracle,
linux-image-powerpc-smp, linux-image-gke-4.15, linux-image-gke,
linux-image-powerpc-e500mc, linux-image-virtual
- --------------------------------------------------------------------------------
USN-4709-1: Linux kernel vulnerabilities
28 January 2021
Several security issues were fixed in the Linux kernel.
Releases
o Ubuntu 16.04 LTS
o Ubuntu 14.04 ESM
Packages
o linux-aws - Linux kernel for Amazon Web Services (AWS) systems
o linux-kvm - Linux kernel for cloud environments
o linux-raspi2 - Linux kernel for Raspberry Pi (V8) systems
o linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors
Details
It was discovered that the LIO SCSI target implementation in the Linux
kernel performed insufficient identifier checking in certain XCOPY
requests. An attacker with access to at least one LUN in a multiple
backstore environment could use this to expose sensitive information or
modify data. ( CVE-2020-28374 )
Wen Xu discovered that the XFS filesystem implementation in the Linux
kernel did not properly track inode validations. An attacker could use this
to construct a malicious XFS image that, when mounted, could cause a denial
of service (system crash). ( CVE-2018-13093 )
It was discovered that the btrfs file system implementation in the Linux
kernel did not properly validate file system metadata in some situations.
An attacker could use this to construct a malicious btrfs image that, when
mounted, could cause a denial of service (system crash). ( CVE-2019-19813 ,
CVE-2019-19816 )
Bodong Zhao discovered a use-after-free in the Sun keyboard driver
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
( CVE-2020-25669 )
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 16.04
o linux-image-4.4.0-1087-kvm - 4.4.0-1087.96
o linux-image-4.4.0-1145-raspi2 - 4.4.0-1145.155
o linux-image-4.4.0-1149-snapdragon - 4.4.0-1149.159
o linux-image-kvm - 4.4.0.1087.85
o linux-image-raspi2 - 4.4.0.1145.145
o linux-image-snapdragon - 4.4.0.1149.141
Ubuntu 14.04
o linux-image-4.4.0-1085-aws - 4.4.0-1085.89
o linux-image-aws - 4.4.0.1085.82
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References
o CVE-2020-28374
o CVE-2019-19816
o CVE-2020-25669
o CVE-2019-19813
o CVE-2018-13093
Related notices
o USN-4694-1 : linux-image-5.4.0-62-generic-lpae, linux-image-lowlatency,
linux-hwe, linux-image-4.4.0-200-powerpc-smp, linux-image-5.4.0-62-generic,
linux, linux-image-4.4.0-200-powerpc-e500mc, linux-image-generic-hwe-18.04,
linux-image-5.8.0-38-lowlatency, linux-image-generic,
linux-image-4.15.0-132-lowlatency, linux-image-4.4.0-200-generic,
linux-image-generic-hwe-20.04, linux-image-powerpc-e500mc-lts-xenial,
linux-image-powerpc64-smp, linux-image-powerpc64-emb-lts-xenial,
linux-image-powerpc64-emb, linux-hwe-5.8, linux-image-5.8.0-38-generic-64k,
linux-image-4.15.0-132-generic, linux-image-4.4.0-200-generic-lpae,
linux-image-generic-lpae-hwe-16.04, linux-image-virtual-lts-xenial,
linux-image-oem, linux-image-5.8.0-38-generic-lpae,
linux-image-5.8.0-38-generic, linux-image-generic-lpae,
linux-image-5.4.0-62-lowlatency, linux-image-powerpc64-smp-lts-xenial,
linux-image-virtual-hwe-16.04, linux-image-generic-lts-xenial,
linux-image-lowlatency-hwe-16.04, linux-image-4.4.0-200-powerpc64-emb,
linux-image-4.4.0-200-powerpc64-smp, linux-image-lowlatency-hwe-20.04,
linux-image-4.4.0-200-lowlatency, linux-image-oem-osp1,
linux-image-lowlatency-hwe-18.04, linux-image-powerpc-smp-lts-xenial,
linux-image-generic-lpae-hwe-18.04, linux-image-4.15.0-132-generic-lpae,
linux-image-generic-hwe-16.04, linux-image-generic-lpae-lts-xenial,
linux-image-virtual-hwe-20.04, linux-image-generic-lpae-hwe-20.04,
linux-image-virtual, linux-hwe-5.4, linux-image-generic-64k,
linux-image-virtual-hwe-18.04, linux-image-powerpc-smp,
linux-image-powerpc-e500mc, linux-lts-xenial,
linux-image-snapdragon-hwe-18.04, linux-image-lowlatency-lts-xenial
o USN-4414-1 : linux-aws-hwe, linux-image-lowlatency, linux-hwe,
linux-raspi2, linux-image-raspi2, linux-image-4.15.0-1048-oracle, linux,
linux-gke-4.15, linux-image-4.15.0-1065-raspi2, linux-gcp-4.15, linux-kvm,
linux-gcp, linux-image-4.15.0-1078-gcp, linux-image-generic,
linux-image-4.15.0-107-generic, linux-image-powerpc64-smp,
linux-image-snapdragon, linux-image-powerpc64-emb,
linux-image-aws-lts-18.04, linux-image-4.15.0-1064-gke, linux-oracle,
linux-image-4.15.0-109-lowlatency, linux-azure-4.15,
linux-image-4.15.0-1046-oracle, linux-image-4.15.0-1081-snapdragon,
linux-image-4.15.0-1091-azure, linux-image-azure, linux-image-gcp,
linux-image-4.15.0-1091-oem, linux-image-generic-lpae-hwe-16.04,
linux-image-4.15.0-109-generic, linux-image-generic-lpae, linux-image-oem,
linux-image-kvm, linux-image-virtual-hwe-16.04,
linux-image-lowlatency-hwe-16.04, linux-oem, linux-image-4.15.0-1077-aws,
linux-aws, linux-image-oracle-lts-18.04, linux-image-4.15.0-1069-kvm,
linux-image-aws-hwe, linux-snapdragon, linux-image-generic-hwe-16.04,
linux-image-virtual, linux-image-4.15.0-109-generic-lpae,
linux-image-gcp-lts-18.04, linux-azure, linux-image-oracle,
linux-image-4.15.0-107-generic-lpae, linux-image-powerpc-smp,
linux-image-gke-4.15, linux-image-4.15.0-107-lowlatency, linux-image-gke,
linux-image-powerpc-e500mc, linux-image-azure-lts-18.04,
linux-image-4.15.0-1074-aws
o USN-4713-1 : linux-image-5.4.0-1037-oracle, linux-raspi,
linux-image-5.8.0-1020-azure, linux-kvm, linux-gcp, linux-image-raspi,
linux-oracle, linux-image-5.4.0-1037-aws, linux-image-raspi-nolpae,
linux-image-gcp, linux-image-azure, linux-image-kvm,
linux-image-5.8.0-1021-aws, linux-image-5.4.0-1032-kvm, linux-aws,
linux-image-5.4.0-1039-azure, linux-image-5.8.0-1013-raspi,
linux-image-5.8.0-1018-oracle, linux-image-5.8.0-1013-raspi-nolpae,
linux-image-5.8.0-1016-kvm, linux-image-5.4.0-1036-gcp, linux-aws-5.4,
linux-azure, linux-image-oracle, linux-image-aws
o USN-4118-1 : linux-aws-hwe, linux-image-4.15.0-1047-aws, linux-aws,
linux-image-aws-hwe, linux-image-aws
o USN-4708-1 : linux-image-4.4.0-201-powerpc64-emb, linux-image-lowlatency,
linux-image-4.4.0-201-generic-lpae, linux, linux-image-generic,
linux-image-powerpc-e500mc-lts-xenial, linux-image-powerpc64-smp,
linux-image-powerpc64-emb-lts-xenial, linux-image-powerpc64-emb,
linux-image-virtual-lts-xenial, linux-image-4.4.0-201-powerpc-smp,
linux-image-generic-lpae, linux-image-4.4.0-201-generic,
linux-image-powerpc64-smp-lts-xenial, linux-image-generic-lts-xenial,
linux-image-powerpc-smp-lts-xenial, linux-image-4.4.0-201-powerpc64-smp,
linux-image-generic-lpae-lts-xenial, linux-image-4.4.0-201-lowlatency,
linux-image-powerpc-smp, linux-image-powerpc-e500mc, linux-lts-xenial,
linux-image-virtual, linux-image-4.4.0-201-powerpc-e500mc,
linux-image-lowlatency-lts-xenial
o USN-4094-1 : linux-image-4.15.0-1055-azure,
linux-image-4.15.0-1060-snapdragon, linux-image-lowlatency,
linux-image-4.15.0-1040-gcp, linux-hwe, linux-image-4.15.0-58-generic-lpae,
linux-raspi2, linux-image-raspi2, linux-image-4.15.0-1050-oem,
linux-gke-4.15, linux, linux-kvm, linux-gcp, linux-image-generic,
linux-image-powerpc64-smp, linux-image-snapdragon,
linux-image-powerpc64-emb, linux-oracle,
linux-image-generic-lpae-hwe-16.04, linux-image-gcp, linux-image-oem,
linux-image-azure, linux-image-4.15.0-1043-raspi2,
linux-image-generic-lpae, linux-image-virtual-hwe-16.04, linux-image-kvm,
linux-image-lowlatency-hwe-16.04, linux-oem,
linux-image-4.15.0-58-lowlatency, linux-snapdragon,
linux-image-4.15.0-1040-gke, linux-image-4.15.0-1021-oracle,
linux-image-generic-hwe-16.04, linux-image-4.15.0-58-generic,
linux-image-4.15.0-1042-kvm, linux-azure, linux-image-oracle,
linux-image-powerpc-smp, linux-image-gke-4.15, linux-image-gke,
linux-image-powerpc-e500mc, linux-image-virtual
o USN-4711-1 : linux-image-4.15.0-1078-raspi2, linux-image-snapdragon,
linux-aws, linux-raspi2, linux-image-oracle-lts-18.04,
linux-image-aws-lts-18.04, linux-image-raspi2, linux-image-4.15.0-1084-kvm,
linux-oracle, linux-snapdragon, linux-image-4.15.0-1093-aws,
linux-image-4.15.0-1064-oracle, linux-image-4.15.0-1095-snapdragon,
linux-kvm, linux-image-kvm
- --------------------------------------------------------------------------------
USN-4710-1: Linux kernel vulnerability
28 January 2021
The system could be made to crash under certain conditions.
Releases
o Ubuntu 18.04 LTS
Packages
o linux - Linux kernel
Details
Kiyin () discovered that the perf subsystem in the Linux kernel did
not properly deallocate memory in some situations. A privileged attacker
could use this to cause a denial of service (kernel memory exhaustion).
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 18.04
o linux-image-4.15.0-135-generic - 4.15.0-135.139
o linux-image-4.15.0-135-generic-lpae - 4.15.0-135.139
o linux-image-4.15.0-135-lowlatency - 4.15.0-135.139
o linux-image-generic - 4.15.0.135.122
o linux-image-generic-lpae - 4.15.0.135.122
o linux-image-lowlatency - 4.15.0.135.122
o linux-image-powerpc-e500mc - 4.15.0.135.122
o linux-image-powerpc-smp - 4.15.0.135.122
o linux-image-powerpc64-emb - 4.15.0.135.122
o linux-image-powerpc64-smp - 4.15.0.135.122
o linux-image-virtual - 4.15.0.135.122
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References
o CVE-2020-25704
Related notices
o USN-4679-1 : linux-image-aws, linux-gcp-5.4, linux-image-gke-5.4,
linux-kvm, linux-image-5.4.0-1035-azure, linux-image-oem-osp1,
linux-image-generic-hwe-18.04, linux-image-5.4.0-59-lowlatency,
linux-hwe-5.4, linux-aws-5.4, linux-image-gcp,
linux-image-virtual-hwe-18.04, linux-image-5.4.0-59-generic-lpae, linux,
linux-raspi, linux-raspi-5.4, linux-image-5.4.0-1034-oracle,
linux-image-raspi-hwe-18.04, linux-oracle-5.4, linux-azure-5.4, linux-aws,
linux-azure, linux-image-generic, linux-gcp, linux-image-5.4.0-1034-aws,
linux-image-lowlatency, linux-image-lowlatency-hwe-18.04, linux-gke-5.4,
linux-image-5.4.0-1033-gcp, linux-oracle, linux-image-oracle,
linux-image-generic-lpae, linux-image-virtual, linux-image-5.4.0-1033-gke,
linux-image-azure, linux-image-5.4.0-59-generic,
linux-image-5.4.0-1031-kvm, linux-image-raspi2,
linux-image-snapdragon-hwe-18.04, linux-image-5.4.0-1026-raspi,
linux-image-raspi, linux-image-oem, linux-image-kvm,
linux-image-generic-lpae-hwe-18.04
o USN-4711-1 : linux-image-4.15.0-1064-oracle, linux-image-4.15.0-1093-aws,
linux-image-snapdragon, linux-oracle, linux-image-aws-lts-18.04,
linux-snapdragon, linux-kvm, linux-image-4.15.0-1078-raspi2,
linux-image-raspi2, linux-raspi2, linux-aws, linux-image-kvm,
linux-image-oracle-lts-18.04, linux-image-4.15.0-1084-kvm,
linux-image-4.15.0-1095-snapdragon
- --------------------------------------------------------------------------------
USN-4711-1: Linux kernel vulnerabilities
28 January 2021
Several security issues were fixed in the Linux kernel.
Releases
o Ubuntu 18.04 LTS
Packages
o linux-aws - Linux kernel for Amazon Web Services (AWS) systems
o linux-kvm - Linux kernel for cloud environments
o linux-oracle - Linux kernel for Oracle Cloud systems
o linux-raspi2 - Linux kernel for Raspberry Pi (V8) systems
o linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors
Details
It was discovered that the LIO SCSI target implementation in the Linux
kernel performed insufficient identifier checking in certain XCOPY
requests. An attacker with access to at least one LUN in a multiple
backstore environment could use this to expose sensitive information or
modify data. ( CVE-2020-28374 )
Kiyin () discovered that the perf subsystem in the Linux kernel did
not properly deallocate memory in some situations. A privileged attacker
could use this to cause a denial of service (kernel memory exhaustion).
( CVE-2020-25704 )
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 18.04
o linux-image-4.15.0-1064-oracle - 4.15.0-1064.71
o linux-image-4.15.0-1078-raspi2 - 4.15.0-1078.83
o linux-image-4.15.0-1084-kvm - 4.15.0-1084.86
o linux-image-4.15.0-1093-aws - 4.15.0-1093.99
o linux-image-4.15.0-1095-snapdragon - 4.15.0-1095.104
o linux-image-aws-lts-18.04 - 4.15.0.1093.96
o linux-image-kvm - 4.15.0.1084.80
o linux-image-oracle-lts-18.04 - 4.15.0.1064.74
o linux-image-raspi2 - 4.15.0.1078.75
o linux-image-snapdragon - 4.15.0.1095.98
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References
o CVE-2020-28374
o CVE-2020-25704
Related notices
o USN-4713-1 : linux-image-5.4.0-1037-oracle, linux-raspi,
linux-image-5.8.0-1020-azure, linux-kvm, linux-gcp, linux-image-raspi,
linux-oracle, linux-image-5.4.0-1037-aws, linux-image-raspi-nolpae,
linux-image-gcp, linux-image-azure, linux-image-kvm,
linux-image-5.8.0-1021-aws, linux-image-5.4.0-1032-kvm, linux-aws,
linux-image-5.4.0-1039-azure, linux-image-5.8.0-1013-raspi,
linux-image-5.8.0-1018-oracle, linux-image-5.8.0-1013-raspi-nolpae,
linux-image-5.8.0-1016-kvm, linux-image-5.4.0-1036-gcp, linux-aws-5.4,
linux-azure, linux-image-oracle, linux-image-aws
o USN-4694-1 : linux-image-5.4.0-62-generic-lpae, linux-image-lowlatency,
linux-hwe, linux-image-4.4.0-200-powerpc-smp, linux-image-5.4.0-62-generic,
linux, linux-image-4.4.0-200-powerpc-e500mc, linux-image-generic-hwe-18.04,
linux-image-5.8.0-38-lowlatency, linux-image-generic,
linux-image-4.15.0-132-lowlatency, linux-image-4.4.0-200-generic,
linux-image-generic-hwe-20.04, linux-image-powerpc-e500mc-lts-xenial,
linux-image-powerpc64-smp, linux-image-powerpc64-emb-lts-xenial,
linux-image-powerpc64-emb, linux-hwe-5.8, linux-image-5.8.0-38-generic-64k,
linux-image-4.15.0-132-generic, linux-image-4.4.0-200-generic-lpae,
linux-image-generic-lpae-hwe-16.04, linux-image-virtual-lts-xenial,
linux-image-oem, linux-image-5.8.0-38-generic-lpae,
linux-image-5.8.0-38-generic, linux-image-generic-lpae,
linux-image-5.4.0-62-lowlatency, linux-image-powerpc64-smp-lts-xenial,
linux-image-virtual-hwe-16.04, linux-image-generic-lts-xenial,
linux-image-lowlatency-hwe-16.04, linux-image-4.4.0-200-powerpc64-emb,
linux-image-4.4.0-200-powerpc64-smp, linux-image-lowlatency-hwe-20.04,
linux-image-4.4.0-200-lowlatency, linux-image-oem-osp1,
linux-image-lowlatency-hwe-18.04, linux-image-powerpc-smp-lts-xenial,
linux-image-generic-lpae-hwe-18.04, linux-image-4.15.0-132-generic-lpae,
linux-image-generic-hwe-16.04, linux-image-generic-lpae-lts-xenial,
linux-image-virtual-hwe-20.04, linux-image-generic-lpae-hwe-20.04,
linux-image-virtual, linux-hwe-5.4, linux-image-generic-64k,
linux-image-virtual-hwe-18.04, linux-image-powerpc-smp,
linux-image-powerpc-e500mc, linux-lts-xenial,
linux-image-snapdragon-hwe-18.04, linux-image-lowlatency-lts-xenial
o USN-4710-1 : linux-image-lowlatency, linux-image-powerpc64-smp,
linux-image-powerpc64-emb, linux, linux-image-powerpc-smp,
linux-image-4.15.0-135-generic-lpae, linux-image-powerpc-e500mc,
linux-image-4.15.0-135-generic, linux-image-virtual,
linux-image-generic-lpae, linux-image-generic,
linux-image-4.15.0-135-lowlatency
o USN-4679-1 : linux-image-lowlatency, linux-image-raspi2, linux-azure-5.4,
linux, linux-oracle-5.4, linux-raspi, linux-image-generic-hwe-18.04,
linux-kvm, linux-gcp, linux-image-generic, linux-gke-5.4,
linux-image-raspi, linux-image-raspi-hwe-18.04, linux-raspi-5.4,
linux-image-5.4.0-1026-raspi, linux-image-5.4.0-59-generic-lpae,
linux-oracle, linux-image-5.4.0-1031-kvm, linux-image-gcp, linux-image-oem,
linux-image-azure, linux-image-generic-lpae, linux-image-5.4.0-1034-aws,
linux-image-kvm, linux-gcp-5.4, linux-image-5.4.0-59-generic,
linux-image-5.4.0-1033-gcp, linux-aws, linux-image-oem-osp1,
linux-image-5.4.0-1034-oracle, linux-image-lowlatency-hwe-18.04,
linux-image-generic-lpae-hwe-18.04, linux-aws-5.4, linux-image-gke-5.4,
linux-image-virtual, linux-azure, linux-hwe-5.4,
linux-image-virtual-hwe-18.04, linux-image-oracle,
linux-image-5.4.0-1035-azure, linux-image-aws, linux-image-5.4.0-1033-gke,
linux-image-snapdragon-hwe-18.04, linux-image-5.4.0-59-lowlatency
o USN-4709-1 : linux-image-snapdragon, linux-aws, linux-raspi2,
linux-image-raspi2, linux-image-4.4.0-1087-kvm,
linux-image-4.4.0-1145-raspi2, linux-image-4.4.0-1149-snapdragon,
linux-image-aws, linux-snapdragon, linux-image-4.4.0-1085-aws, linux-kvm,
linux-image-kvm
- --------------------------------------------------------------------------------
USN-4712-1: Linux kernel regression
28 January 2021
USN-4576-1 introduced a regression in the Linux kernel.
Releases
o Ubuntu 20.10
o Ubuntu 20.04 LTS
Packages
o linux - Linux kernel
Details
USN-4576-1 fixed a vulnerability in the overlay file system
implementation in the Linux kernel. Unfortunately, that fix introduced
a regression that could incorrectly deny access to overlay files in
some situations. This update fixes the problem.
We apologize for the inconvenience.
Original vulnerability details:
Giuseppe Scrivano discovered that the overlay file system in the Linux
kernel did not properly perform permission checks in some situations. A
local attacker could possibly use this to bypass intended restrictions and
gain read access to restricted files.
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 20.10
o linux-image-5.8.0-41-generic - 5.8.0-41.46
o linux-image-5.8.0-41-generic-64k - 5.8.0-41.46
o linux-image-5.8.0-41-generic-lpae - 5.8.0-41.46
o linux-image-5.8.0-41-lowlatency - 5.8.0-41.46
o linux-image-generic - 5.8.0.41.45
o linux-image-generic-64k - 5.8.0.41.45
o linux-image-generic-lpae - 5.8.0.41.45
o linux-image-lowlatency - 5.8.0.41.45
o linux-image-oem-20.04 - 5.8.0.41.45
o linux-image-virtual - 5.8.0.41.45
Ubuntu 20.04
o linux-image-5.4.0-65-generic - 5.4.0-65.73
o linux-image-5.4.0-65-generic-lpae - 5.4.0-65.73
o linux-image-5.4.0-65-lowlatency - 5.4.0-65.73
o linux-image-generic - 5.4.0.65.68
o linux-image-generic-lpae - 5.4.0.65.68
o linux-image-lowlatency - 5.4.0.65.68
o linux-image-oem - 5.4.0.65.68
o linux-image-oem-osp1 - 5.4.0.65.68
o linux-image-virtual - 5.4.0.65.68
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References
o https://bugs.launchpad.net/bugs/1900141
o https://usn.ubuntu.com/usn/usn-4576-1
- --------------------------------------------------------------------------------
USN-4713-1: Linux kernel vulnerability
28 January 2021
The system could allow unintended access to data in some environments.
Releases
o Ubuntu 20.10
o Ubuntu 20.04 LTS
o Ubuntu 18.04 LTS
Packages
o linux-aws - Linux kernel for Amazon Web Services (AWS) systems
o linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems
o linux-azure - Linux kernel for Microsoft Azure Cloud systems
o linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
o linux-kvm - Linux kernel for cloud environments
o linux-oracle - Linux kernel for Oracle Cloud systems
o linux-raspi - Linux kernel for Raspberry Pi (V8) systems
Details
It was discovered that the LIO SCSI target implementation in the Linux
kernel performed insufficient identifier checking in certain XCOPY
requests. An attacker with access to at least one LUN in a multiple
backstore environment could use this to expose sensitive information or
modify data.
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 20.10
o linux-image-5.8.0-1013-raspi - 5.8.0-1013.16
o linux-image-5.8.0-1013-raspi-nolpae - 5.8.0-1013.16
o linux-image-5.8.0-1016-kvm - 5.8.0-1016.18
o linux-image-5.8.0-1018-oracle - 5.8.0-1018.19
o linux-image-5.8.0-1020-azure - 5.8.0-1020.22
o linux-image-5.8.0-1021-aws - 5.8.0-1021.23
o linux-image-aws - 5.8.0.1021.23
o linux-image-azure - 5.8.0.1020.20
o linux-image-kvm - 5.8.0.1016.18
o linux-image-oracle - 5.8.0.1018.18
o linux-image-raspi - 5.8.0.1013.16
o linux-image-raspi-nolpae - 5.8.0.1013.16
Ubuntu 20.04
o linux-image-5.4.0-1032-kvm - 5.4.0-1032.33
o linux-image-5.4.0-1036-gcp - 5.4.0-1036.39
o linux-image-5.4.0-1037-aws - 5.4.0-1037.39
o linux-image-5.4.0-1037-oracle - 5.4.0-1037.40
o linux-image-5.4.0-1039-azure - 5.4.0-1039.41
o linux-image-aws - 5.4.0.1037.38
o linux-image-azure - 5.4.0.1039.37
o linux-image-gcp - 5.4.0.1036.45
o linux-image-kvm - 5.4.0.1032.30
o linux-image-oracle - 5.4.0.1037.34
Ubuntu 18.04
o linux-image-5.4.0-1037-aws - 5.4.0-1037.39~18.04.1
o linux-image-aws - 5.4.0.1037.21
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References
o CVE-2020-28374
Related notices
o USN-4694-1 : linux-image-oem, linux-image-5.8.0-38-generic-64k,
linux-image-powerpc-e500mc-lts-xenial, linux-image-4.15.0-132-generic,
linux-image-5.4.0-62-generic, linux-image-generic-lts-xenial,
linux-image-powerpc64-smp-lts-xenial, linux-image-powerpc-e500mc,
linux-image-generic-lpae, linux-image-generic-64k,
linux-image-virtual-lts-xenial, linux-image-4.4.0-200-generic-lpae,
linux-image-5.8.0-38-generic, linux-image-4.4.0-200-generic,
linux-image-oem-osp1, linux-image-generic-hwe-16.04,
linux-image-powerpc-smp-lts-xenial, linux-image-lowlatency-hwe-20.04,
linux-image-lowlatency-hwe-18.04, linux-image-powerpc64-emb-lts-xenial,
linux-image-generic-hwe-20.04, linux-image-generic-lpae-hwe-20.04,
linux-hwe-5.8, linux-image-lowlatency-lts-xenial,
linux-image-5.8.0-38-lowlatency, linux-image-4.4.0-200-powerpc64-smp,
linux-image-5.4.0-62-generic-lpae, linux-image-generic-lpae-hwe-18.04,
linux-image-4.4.0-200-lowlatency, linux-image-4.15.0-132-lowlatency,
linux-image-5.8.0-38-generic-lpae, linux-image-4.4.0-200-powerpc-e500mc,
linux-image-5.4.0-62-lowlatency, linux-image-powerpc64-smp,
linux-lts-xenial, linux-hwe, linux-image-4.4.0-200-powerpc-smp,
linux-image-generic-lpae-lts-xenial, linux-image-generic-lpae-hwe-16.04,
linux-image-virtual-hwe-18.04, linux-image-generic-hwe-18.04,
linux-hwe-5.4, linux-image-4.15.0-132-generic-lpae,
linux-image-powerpc64-emb, linux, linux-image-virtual-hwe-16.04,
linux-image-virtual-hwe-20.04, linux-image-4.4.0-200-powerpc64-emb,
linux-image-generic, linux-image-snapdragon-hwe-18.04,
linux-image-lowlatency, linux-image-powerpc-smp,
linux-image-lowlatency-hwe-16.04, linux-image-virtual
o USN-4709-1 : linux-image-raspi2, linux-kvm, linux-raspi2, linux-image-kvm,
linux-image-4.4.0-1149-snapdragon, linux-image-4.4.0-1085-aws,
linux-image-4.4.0-1145-raspi2, linux-image-snapdragon, linux-aws,
linux-image-aws, linux-image-4.4.0-1087-kvm, linux-snapdragon
o USN-4711-1 : linux-image-4.15.0-1093-aws, linux-image-4.15.0-1084-kvm,
linux-image-aws-lts-18.04, linux-image-raspi2,
linux-image-4.15.0-1095-snapdragon, linux-image-kvm, linux-kvm,
linux-oracle, linux-raspi2, linux-image-4.15.0-1064-oracle,
linux-image-4.15.0-1078-raspi2, linux-image-oracle-lts-18.04,
linux-image-snapdragon, linux-aws, linux-snapdragon
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYBNZGeNLKJtyKPYoAQhgchAAigekEOftNlOfqnv+3gCFFZfadv7DgQHu
HmyVk/BuWexlTGNghvnvP/qizGQ8DtuV5gV1x/0RcNjC1h9sH1k9Zr3JLjTEEtOx
IJfJK/fFf/Sb704hD+51hkmf1gp3/preXhgddFn26G7Wx46I7GLvB11TEoZ46qTJ
+PhmKKzFsJmjglqfL6N8CS3bPCGKlG90kK0W5iMmkwOYi2r1r0oGsj9iiPoNEI6f
5Hs9lZ7uV/o+XR5S5cR47TVOmOv9hYqANVhM0tHzqidf/0Uad6diB7MH2JQkHsxG
J36AIEHKXjXk9VZkoI0SuF2PoLLRTK5NxZ61ZowYVuppEXzvo93EHPGwOX41J1nt
AAxLMaafQSuoe7zL6QKiSueOY6zfW7NqzUP1AvMV2vczE3+1b4ZSUuAilOZuIgeo
mGNB2IwocW1WcOShoQfOta8UAPpxkI4BXNZM8WRx01rs2+df5o2g7IIHLt7q7zNJ
AVJer7t6320vf+o7vEtBeGifoqY8XWhTOkyXfkdiODRVDHkpvhMLR23R2BQdOI5x
ffH2hTM51xRO/WC1gMoqviwE49sGxa++yL+IUW8QKcetabN+vYAjd+cxlDdM6NHO
hPj1G/9NKgvFPwNSIHSBleHMX0Srx6NlQZGaedg76vJduNSIUB3vG44+axow62+x
r+ml+hiFJGc=
=jlWH
-----END PGP SIGNATURE-----
The post ESB-2021.0326 – [Ubuntu] kernel: Multiple vulnerabilities appeared first on Malware Devil.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.0324
USN-4706-1: Ceph vulnerabilities
29 January 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Ceph
Publisher: Ubuntu
Operating System: Ubuntu
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Increased Privileges -- Existing Account
Modify Arbitrary Files -- Existing Account
Denial of Service -- Remote/Unauthenticated
Unauthorised Access -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2020-25660 CVE-2020-10753 CVE-2020-10736
CVE-2018-1128
Reference: ESB-2020.3237
Original Bulletin:
https://ubuntu.com/security/notices/USN-4706-1
- --------------------------BEGIN INCLUDED TEXT--------------------
USN-4706-1: Ceph vulnerabilities
28 January 2021
Several security issues were fixed in Ceph.
Releases
o Ubuntu 20.10
o Ubuntu 20.04 LTS
Packages
o ceph - distributed storage and file system
Details
Olle Segerdahl found that ceph-mon and ceph-mgr daemons did not properly
restrict access, resulting in gaining access to unauthorized resources. An
authenticated user could use this vulnerability to modify the configuration and
possibly conduct further attacks. ( CVE-2020-10736 )
Adam Mohammed found that Ceph Object Gateway was vulnerable to HTTP header
injection via a CORS ExposeHeader tag. An attacker could use this to gain
access
or cause a crash. ( CVE-2020-10753 )
Ilya Dryomov found that Cephx authentication did not verify Ceph clients
correctly and was then vulnerable to replay attacks in Nautilus. An attacker
could use the Ceph cluster network to authenticate via a packet sniffer and
perform actions. This issue is a reintroduction of CVE-2018-1128 .
( CVE-2020-25660 )
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 20.10
o ceph - 15.2.7-0ubuntu0.20.10.3
o ceph-base - 15.2.7-0ubuntu0.20.10.3
o ceph-common - 15.2.7-0ubuntu0.20.10.3
Ubuntu 20.04
o ceph - 15.2.7-0ubuntu0.20.04.2
o ceph-base - 15.2.7-0ubuntu0.20.04.2
o ceph-common - 15.2.7-0ubuntu0.20.04.2
In general, a standard system update will make all the necessary changes.
References
o CVE-2020-10753
o CVE-2020-10736
o CVE-2020-25660
Related notices
o USN-4528-1 : ceph-base, ceph, ceph-common
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYBNUduNLKJtyKPYoAQhqSRAArn71Lf9i+X1QIPcmyNVTjgQi8uTT4GA3
zBg7OSjuhZCgj1OYONnViAg6191ww4WBJVpySzMNWnYtXDBDYOfAvsC6Lr2+jXO2
VDjzk9+l58TBlvEKPBQtZ//FPPIzAAU5nZxz8jT/KsaNxY2vtDD6O6DqfLS/wOdo
EjNhVB2pvaYvTrpZq6v8vxHHDQZoLyJykHUzruPrvs1WVoGHe65OjcdL2GNv+xZP
khEA1tB/hAAZiqpJ9Cxx1P7+Zr1iFDm80g3W0ixMb/K/7TTB/iXIHYEpWAnXq9yM
82MuBRMRzadbjxioti6nY1cRivHu+pDtagyrC+zqKOogxv+fueGj5wyQY2pAKgIX
WWEXnTMKRDT+O0MvRrRX1mTVeLUNf+2kBizyIP3vKx3ZeNAqGiIA14RkekPFL92/
e64bit6de4yLiX2z97r2DOwHh3Vozit7f3a1RHysvXu3iNCq/4SW/qpVfowJ3Ikc
uM18cbkAOke7iUc3L3r2GMj4ka9z6jz0LXQ1+GrivrKleGLeSqDm1NivlFAIcpVD
cxop2DCu/oRkpeFeE4ztptuN82mE5jD8FfC3lWiw5yiBpAC3bkyO5SUoAwMGqQDB
0oiO8fH7aFNfZIzWu/a95raQIhmMPc0q4h0IFIs/6r1My8WcpF/cUfgjUyWoZPry
ZP2VbPFHwxc=
=dQV2
-----END PGP SIGNATURE-----
The post ESB-2021.0324 – [Ubuntu] Ceph: Multiple vulnerabilities appeared first on Malware Devil.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.0325
USN-4707-1: TCMU vulnerability
29 January 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: TCMU
Publisher: Ubuntu
Operating System: Ubuntu
Impact/Access: Modify Arbitrary Files -- Existing Account
Access Confidential Data -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-3139 CVE-2020-28374
Reference: ESB-2021.0221
ESB-2021.0204
Original Bulletin:
https://ubuntu.com/security/notices/USN-4707-1
- --------------------------BEGIN INCLUDED TEXT--------------------
USN-4707-1: TCMU vulnerability
28 January 2021
tcmu could be made to crash if it received specially crafted
input.
Releases
o Ubuntu 20.10
o Ubuntu 20.04 LTS
Packages
o tcmu - TCM-Userspace backend
Details
It was discovered that TCMU lacked a check for transport-layer restrictions,
allowing remote attackers to read or write files via directory traversal in
an XCOPY request.
Update instructions
The problem can be corrected by updating your system to the following package
versions:
Ubuntu 20.10
o libtcmu2 - 1.5.2-5ubuntu0.20.10.1
o tcmu-runner - 1.5.2-5ubuntu0.20.10.1
Ubuntu 20.04
o libtcmu2 - 1.5.2-5ubuntu0.20.04.1
o tcmu-runner - 1.5.2-5ubuntu0.20.04.1
In general, a standard system update will make all the necessary changes.
References
o CVE-2021-3139
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYBNUouNLKJtyKPYoAQjGixAAnrCq+6ItgedTAEBB2nKBocXbaqz0uIFN
Wk/T39YGkIpXQ4UPhKf9LPurRqvQPU/zOX55CGDs6VB0myw5j5QtfAdRz/SxDsPZ
q45+b/Qot9oBFnr+s4zEgcyTToE0yKOwJglWv5jZSVVKQpunUsekahQ8eS8DEEYk
Y5rEF54rJeAXPL3fZyg/MsdRpCs87Alw7rcdmErFjXF84KE3W11V6IlctK/N2StW
WjOhxXKXOlxUmNuaIfHukh26S1dnA/4H6R++ECxeE4uNUzJB+mwKt9LUpDjlG64T
uu2AHNNQk31PVvD7XK+UsyJ54cEcwTezuR29JylbbFRI3OwymRzHSgd+i++Dyspj
JrYPVXduJxSCIg9D+WZl3nLp56pjpgfcezzNcNmC/l8oDjShmaxS2dl/M+ZigSqq
85uhy/50TBUQ5sLIAMK8wJaEfReXxhnEFpi+pCq9iE3aSNV9cPch7pGkP+j8NZ2j
UYwFYg5vP8LVLoU1M4pJc8mO3kOo9Vp15ze2TDq9n7gOKsgV+JAYkhRgLGrjhyDG
rPuL6begZ1eCVRbFqmkcEZXuIHr3y+GesZN15Vje9JJQVmodQTAZYWE2UcTl4DtD
HLednG7b8rwDixloTXgafEZZ+jBH5mIvkKxRcAm3A2X7NWh/vhInIQmu7ZQ9fYog
tcvcqDMumZ8=
=NaTJ
-----END PGP SIGNATURE-----
The post ESB-2021.0325 – [Ubuntu] TCMU: Multiple vulnerabilities appeared first on Malware Devil.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.0323
thunderbird security update
29 January 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: thunderbird
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Denial of Service -- Remote with User Interaction
Reduced Security -- Remote with User Interaction
Resolution: Mitigation
CVE Names: CVE-2021-23964 CVE-2021-23960 CVE-2021-23954
CVE-2021-23953 CVE-2020-26976 CVE-2020-15685
Reference: ESB-2021.0316
ESB-2021.0291
Original Bulletin:
https://access.redhat.com/errata/RHSA-2021:0297
https://access.redhat.com/errata/RHSA-2021:0298
https://access.redhat.com/errata/RHSA-2021:0299
Comment: This bulletin contains three (3) Red Hat security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: thunderbird security update
Advisory ID: RHSA-2021:0297-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:0297
Issue date: 2021-01-28
CVE Names: CVE-2020-15685 CVE-2020-26976 CVE-2021-23953
CVE-2021-23954 CVE-2021-23960 CVE-2021-23964
=====================================================================
1. Summary:
An update for thunderbird is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64le, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
3. Description:
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 78.7.0.
Security Fix(es):
* Mozilla: Cross-origin information leakage via redirected PDF requests
(CVE-2021-23953)
* Mozilla: Type confusion when using logical assignment operators in
JavaScript switch statements (CVE-2021-23954)
* Mozilla: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
(CVE-2021-23964)
* Mozilla: IMAP Response Injection when using STARTTLS (CVE-2020-15685)
* Mozilla: HTTPS pages could have been intercepted by a registered service
worker when they should not have been (CVE-2020-26976)
* Mozilla: Use-after-poison for incorrectly redeclared JavaScript variables
during GC (CVE-2021-23960)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Thunderbird must be restarted for the update to
take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1920646 - CVE-2021-23953 Mozilla: Cross-origin information leakage via redirected PDF requests
1920648 - CVE-2021-23954 Mozilla: Type confusion when using logical assignment operators in JavaScript switch statements
1920649 - CVE-2020-26976 Mozilla: HTTPS pages could have been intercepted by a registered service worker when they should not have been
1920650 - CVE-2021-23960 Mozilla: Use-after-poison for incorrectly redeclared JavaScript variables during GC
1920651 - CVE-2021-23964 Mozilla: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
1921543 - CVE-2020-15685 Mozilla: IMAP Response Injection when using STARTTLS
6. Package List:
Red Hat Enterprise Linux Client (v. 7):
Source:
thunderbird-78.7.0-1.el7_9.src.rpm
x86_64:
thunderbird-78.7.0-1.el7_9.x86_64.rpm
thunderbird-debuginfo-78.7.0-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
Source:
thunderbird-78.7.0-1.el7_9.src.rpm
ppc64le:
thunderbird-78.7.0-1.el7_9.ppc64le.rpm
thunderbird-debuginfo-78.7.0-1.el7_9.ppc64le.rpm
x86_64:
thunderbird-78.7.0-1.el7_9.x86_64.rpm
thunderbird-debuginfo-78.7.0-1.el7_9.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source:
thunderbird-78.7.0-1.el7_9.src.rpm
x86_64:
thunderbird-78.7.0-1.el7_9.x86_64.rpm
thunderbird-debuginfo-78.7.0-1.el7_9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-15685
https://access.redhat.com/security/cve/CVE-2020-26976
https://access.redhat.com/security/cve/CVE-2021-23953
https://access.redhat.com/security/cve/CVE-2021-23954
https://access.redhat.com/security/cve/CVE-2021-23960
https://access.redhat.com/security/cve/CVE-2021-23964
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYBLiJ9zjgjWX9erEAQjY7BAAoVuao/mi4o7m3rsgTze7apjRHmKrQtar
nCWqYKIqIR1xFbXHp81Qi42NciiM5KwGyZJwst6Xd5Ri0/tT5ot/vFwXZT3j6wW5
0o+J/o2b3qDGQQEhjPFr7yERoaNo+0Omw9XSZbnMN2xhW7M3t9prUUQyf8TwB2O5
y0pCRib1QMffoiLQsMja4vV1MAi0x+h2WWMtlIBGqtnmvJz4OhQVI9V/3LKECazC
Cn2SWv67/4NDjWeYce+hUyi79LrzW0GBXWc+ZX2tGwpQMBMW340BUyER7MQGZb9b
EB/mJmCDfFToUVeO7wQ3VfMDuEiIByOmZNt8aqgdFl3O6hu+gC+1IwvUqmOLcxcF
UNDjjgaeNORtXqixPl9Fx3GITShHMvSKSDfaNmNlJUZ6nidJUwZO5P3QZusG2Nl0
MMDe7tyYNDlHD4cbWxulpRNmS7GxcLMWbmrWK9KcLeuqeO3ZZ0anl675W4hFfAFC
QWH175YZDba/Q1wjlFQXtZab8X1sbBaG1kgoPK6WxG0OgclGMzTpGgyuec31RTPZ
Z5UZHnRBokizAVbREbGmJ2qHjrg61M15CR3DmItxFisyZxBaTqHBYe0G6HFpDNL3
+VHBdfepR73S4cfrpuamWXL6/tDvgQo37fbZiA8o8G1SSRG8Ap661IRwa3FnbPFa
9pBJbKjN3A0=
=T+53
- -----END PGP SIGNATURE-----
- -------------------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: thunderbird security update
Advisory ID: RHSA-2021:0298-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:0298
Issue date: 2021-01-28
CVE Names: CVE-2020-15685 CVE-2020-26976 CVE-2021-23953
CVE-2021-23954 CVE-2021-23960 CVE-2021-23964
=====================================================================
1. Summary:
An update for thunderbird is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, x86_64
3. Description:
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 78.7.0.
Security Fix(es):
* Mozilla: Cross-origin information leakage via redirected PDF requests
(CVE-2021-23953)
* Mozilla: Type confusion when using logical assignment operators in
JavaScript switch statements (CVE-2021-23954)
* Mozilla: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
(CVE-2021-23964)
* Mozilla: IMAP Response Injection when using STARTTLS (CVE-2020-15685)
* Mozilla: HTTPS pages could have been intercepted by a registered service
worker when they should not have been (CVE-2020-26976)
* Mozilla: Use-after-poison for incorrectly redeclared JavaScript variables
during GC (CVE-2021-23960)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Thunderbird must be restarted for the update to
take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1920646 - CVE-2021-23953 Mozilla: Cross-origin information leakage via redirected PDF requests
1920648 - CVE-2021-23954 Mozilla: Type confusion when using logical assignment operators in JavaScript switch statements
1920649 - CVE-2020-26976 Mozilla: HTTPS pages could have been intercepted by a registered service worker when they should not have been
1920650 - CVE-2021-23960 Mozilla: Use-after-poison for incorrectly redeclared JavaScript variables during GC
1920651 - CVE-2021-23964 Mozilla: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
1921543 - CVE-2020-15685 Mozilla: IMAP Response Injection when using STARTTLS
6. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
thunderbird-78.7.0-1.el8_3.src.rpm
aarch64:
thunderbird-78.7.0-1.el8_3.aarch64.rpm
thunderbird-debuginfo-78.7.0-1.el8_3.aarch64.rpm
thunderbird-debugsource-78.7.0-1.el8_3.aarch64.rpm
ppc64le:
thunderbird-78.7.0-1.el8_3.ppc64le.rpm
thunderbird-debuginfo-78.7.0-1.el8_3.ppc64le.rpm
thunderbird-debugsource-78.7.0-1.el8_3.ppc64le.rpm
x86_64:
thunderbird-78.7.0-1.el8_3.x86_64.rpm
thunderbird-debuginfo-78.7.0-1.el8_3.x86_64.rpm
thunderbird-debugsource-78.7.0-1.el8_3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-15685
https://access.redhat.com/security/cve/CVE-2020-26976
https://access.redhat.com/security/cve/CVE-2021-23953
https://access.redhat.com/security/cve/CVE-2021-23954
https://access.redhat.com/security/cve/CVE-2021-23960
https://access.redhat.com/security/cve/CVE-2021-23964
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYBLm1tzjgjWX9erEAQiUIhAAieDXg0zkiGhOD5LcHarnV8PXePMHpFrB
ia/UvQKpi2WBfXMrUnE3dVwa62huKv6xV+MW3YWlqODH1msw5keyBtHRPZdBJfdp
WyTCMDTj07IXGEjuSSwcpN/9TMixwzMHw8+QwaRoH/bDX/UjlKL0YUj/rTG0Rd7u
+xGBSJyO6BDQY/CflpDbLu8cRWKaUrbFe0j1nzDmRPB3PnCWIr27RttXzRhBf3qK
1M8lnxEou1z95okKexNWOGxX8/rsccQ8atufE3owjoDAlCK1xuCUUiCR6HhlHpq6
ETUeapEDEpreeolNvEaczmvGxInBO0hdFKzQ2EHNB7DbTlTlRE2wTPQ+hTf8X+4t
7iheiE9xvlpmdsw+ZWKva/1W1OH6+/eAjNJThIXJL7xh8Dx8I+o5ePwNW+htFfqr
IHVr5QD43L+wpFdQSbEvqcOv2VvuwIxIbRC898GhzaqcDOWl/Aiv6wtKPt+TTWvN
Rd42aN/5tX/B01v7d63CBVC84fDGvLuNqTAb5jyTrsmb/ywBOb92kWu01jo8Rlim
+8vBffw4zzJWuCBspunq8YNghNh0Ub8lnbFSvzfo7+KASP4HFUfRePt+8HkhiJRS
XQ238feT0Oox2dFhW9xAoqA8Pt16IlNlhhYR1Lch5y4xoQVv6D/2Z+JdxRq9hwa8
S+kq44eihSE=
=YoW/
- -----END PGP SIGNATURE-----
- ------------------------------------------------------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: thunderbird security update
Advisory ID: RHSA-2021:0299-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2021:0299
Issue date: 2021-01-28
CVE Names: CVE-2020-15685 CVE-2020-26976 CVE-2021-23953
CVE-2021-23954 CVE-2021-23960 CVE-2021-23964
=====================================================================
1. Summary:
An update for thunderbird is now available for Red Hat Enterprise Linux 8.2
Extended Update Support.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream EUS (v. 8.2) - aarch64, ppc64le, x86_64
3. Description:
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 78.7.0.
Security Fix(es):
* Mozilla: Cross-origin information leakage via redirected PDF requests
(CVE-2021-23953)
* Mozilla: Type confusion when using logical assignment operators in
JavaScript switch statements (CVE-2021-23954)
* Mozilla: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
(CVE-2021-23964)
* Mozilla: IMAP Response Injection when using STARTTLS (CVE-2020-15685)
* Mozilla: HTTPS pages could have been intercepted by a registered service
worker when they should not have been (CVE-2020-26976)
* Mozilla: Use-after-poison for incorrectly redeclared JavaScript variables
during GC (CVE-2021-23960)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Thunderbird must be restarted for the update to
take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1920646 - CVE-2021-23953 Mozilla: Cross-origin information leakage via redirected PDF requests
1920648 - CVE-2021-23954 Mozilla: Type confusion when using logical assignment operators in JavaScript switch statements
1920649 - CVE-2020-26976 Mozilla: HTTPS pages could have been intercepted by a registered service worker when they should not have been
1920650 - CVE-2021-23960 Mozilla: Use-after-poison for incorrectly redeclared JavaScript variables during GC
1920651 - CVE-2021-23964 Mozilla: Memory safety bugs fixed in Firefox 85 and Firefox ESR 78.7
1921543 - CVE-2020-15685 Mozilla: IMAP Response Injection when using STARTTLS
6. Package List:
Red Hat Enterprise Linux AppStream EUS (v. 8.2):
Source:
thunderbird-78.7.0-1.el8_2.src.rpm
aarch64:
thunderbird-78.7.0-1.el8_2.aarch64.rpm
thunderbird-debuginfo-78.7.0-1.el8_2.aarch64.rpm
thunderbird-debugsource-78.7.0-1.el8_2.aarch64.rpm
ppc64le:
thunderbird-78.7.0-1.el8_2.ppc64le.rpm
thunderbird-debuginfo-78.7.0-1.el8_2.ppc64le.rpm
thunderbird-debugsource-78.7.0-1.el8_2.ppc64le.rpm
x86_64:
thunderbird-78.7.0-1.el8_2.x86_64.rpm
thunderbird-debuginfo-78.7.0-1.el8_2.x86_64.rpm
thunderbird-debugsource-78.7.0-1.el8_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-15685
https://access.redhat.com/security/cve/CVE-2020-26976
https://access.redhat.com/security/cve/CVE-2021-23953
https://access.redhat.com/security/cve/CVE-2021-23954
https://access.redhat.com/security/cve/CVE-2021-23960
https://access.redhat.com/security/cve/CVE-2021-23964
https://access.redhat.com/security/updates/classification/#important
8. Contact:
The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYBLoAtzjgjWX9erEAQjLlA//VXId/6D8X2UwdC5ROw8t/61cTihvMXvC
OGalJEUAZ75vBji50SAM2fAILi1B16rLN+2VH7O4DwzYNzU/7i8u5w37lU7mtF62
Gf8j81Mx84GbHpSdITKVmxnRTCzUGqz2DNMO/MKKSykEAJ16qp9negX6ZkQXVXOc
/ZOYtYGf39i69VL7x1TrUeCr2OpPwnr90ibrEGFK4GV5x9yRmg8FF9suo0QRYnoZ
CQnNS1dT7XiIBzBcIabrtt/W9JpQCXaPUZ32NAlsXEzwo1WLonMzj18r5Gv1dCVh
WIQWWBPY1s2gfcFaxKCqoL2JA27nULqX9INCF7mn2cNKtvI7juU21ISP5QBg40+Q
bqzTe0e5eWjY62pqFRoBJt6YdjOHiWWUr+dW/oHQtjqdewtbqzdhjmKCYxkEJzjQ
CTwwliqDEwILfi4V2stkHnvhWzT+WWnZOQSfxS9CXbhP5vqbkoMMqyLdViSjXq+Z
IXiQd70KHpxm80blxP4GqY0G7zSOi6zevuPUhnpsf15UAUNdXMGQuHgMkG88R3fX
mdvHJyIPKBJ+61nK2fnCA6wlDSORuY9CokR9eKbe51L1Lh7KlEyI1xzsV8wH9dFb
9NQYQPGkkNnBwmrrdDP32Ty7ORqKfBfwjSbuugcHRtZ6I3M4xqDnTl4bJMAqgiDH
8FgwjARmnJc=
=NXv+
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYBNRxuNLKJtyKPYoAQjWxxAArREBBoPWTc7rgWOAopVZYzpUmyXsE2f5
lzICBsz96jzEC78UveKLVLTNrEcwjLvP7dOayuQQbLpej6jO+E1WZ6QF+5oraEJG
jehyANmLwj9hiy+3qJL0esOWJmlm1bERQsmDTc1x5cUULhyrsjKf7cJ1oeMFk9KH
4GKNceCrrxAy/liNmhkNoNLzHBgabJzYmxecAxBXjPzwFRQusu2v6HDxb6x8Lwmv
MFesz+wRu0lbKefG9zgPK9HYvSAZObA9ShnNFhLXUPjOrpxPjds9RT5p1PzTcNgg
9eLM4nNo6ALmH63F+wBZHBKQc9vhcdlAyPDdzMTw/QogaJTOuK9+Iqxl24TC5hj3
cWHQpBpLr8FQsPaAamGX0wS75392TdP/gaIJZXeE8vDQOwqt+pntBMJPlTNJVDH4
1QgGJn0cKI/nREVObhB2zPnd3uG6eZ5814Lt1JAPzOjoXpGYxSeHaP6lwfbqzydw
xHzN7BqhEmlDaMaGzz2mxSYFQSGkd0CKdkslbwbZGbYc38uAVGxU+UPb1OcBikXY
H1lENPbOCYfMFSbJlE6fccPuBofWNSxjDC6cPdIVzc9/dFq0j/sO/u7ZZNWgrLMR
ZARhjylGwcrHR0NHNSVvbENYUEEpWG/URfGLTVdfZOtyAXOqOO7azRzfjPoaqgEl
LgDxvZCAICg=
=lsXC
-----END PGP SIGNATURE-----
The post ESB-2021.0323 – [RedHat] thunderbird: Multiple vulnerabilities appeared first on Malware Devil.
What is XDR? How do we know the security protections we’re investing in are working? All this and Paul’s CBD Pineapple Pizza Drink on this week’s show.
This segment is sponsored by Kenna Security.
Visit https://securityweekly.com/kennasecurity to learn more about them!
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw681
The post XDR and Vitamins – Michael Roytman – PSW #681 appeared first on Malware Devil.
A brief daily summary of what is important in cybersecurity. The podcast is published every weekday and designed to get you ready for the day with a brief, usually about 5 minutes long, summary of current network security-related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
The post Network Security News Summary for Friday January 29th, 2021 appeared first on Malware Devil.
In 1801, the United States had a small Navy. Thomas Jefferson deployed almost half that Navy—three frigates and a schooner—to the Barbary C...
