Episode 112
This week we look at a reboot of the DWF project, Rust in the Linux kernel, an Ubuntu security webinar plus some details of the 45 CVEs addressed across the Ubuntu releases this last week and more.
Ubuntu Security Podcast · Ubuntu Security Team
April 16, 202114m 37s
Audio is streamed directly from the publisher (people.canonical.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Overview
This week we look at a reboot of the DWF project, Rust in the Linux kernel, an Ubuntu security webinar plus some details of the 45 CVEs addressed across the Ubuntu releases this last week and more.
This week in Ubuntu Security Updates
45 unique CVEs addressed
[LSN-0075-1] Linux kernel vulnerability [01:01]
- 8 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
- madvise issue reported by Jann Horn -
- BPF spectre mitigations fixes (Episode 109)
[USN-4903-1] curl vulnerability [02:02]
- 1 CVEs addressed in Trusty ESM (14.04 ESM)
- Episode 110 - leaking credentials via HTTP Referer header
[USN-4896-2] lxml vulnerability
- 1 CVEs addressed in Trusty ESM (14.04 ESM)
- Episode 110
[USN-4899-2] SpamAssassin vulnerability
- 1 CVEs addressed in Trusty ESM (14.04 ESM)
- Episode 110
[USN-4905-1] X.Org X Server vulnerability [02:26]
- 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Local user (X client) could crash the server via Xinput extension and ChangeFeedbackControl request - integer underflow -> heap buffer overflow
[USN-4906-1] Nettle vulnerability [03:31]
- 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Low level crypto library used by lots of packages - chrony, dnsmasq, lighttpd, qemu, squid, supertuxkart
- Could en up calling EC multiply with out-of-range scalers - as a result would get incorrect results during EC signature verification and so could allow an attacker to trigger an assertion failure -> DoS OR force an invalid signature - bypass verification
[USN-4904-1] Linux kernel vulnerabilities [04:27]
- 11 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS)
[USN-4907-1] Linux kernel vulnerabilities
- 3 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS)
[USN-4909-1] Linux kernel vulnerabilities
- 4 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
[USN-4910-1] Linux kernel vulnerabilities
- 5 CVEs addressed in Focal (20.04 LTS), Groovy (20.10)
[USN-4911-1] Linux kernel (OEM) vulnerabilities
- 4 CVEs addressed in Focal (20.04 LTS)
[USN-4912-1] Linux kernel (OEM) vulnerabilities
- 14 CVEs addressed in Focal (20.04 LTS)
- Piotr Krysiuk - BPF JIT - invalid branch displacement - could allow OOB memory read/write -> code exec or at least crash - unpriv in Ubuntu so could then allow an unprivileged user to get kernel code exec
- Thanks to kernel team for handling these issues - lots of kernel security issues at the moment so thanks for their hard work
Goings on in Ubuntu Security Community
DWF v2 [07:25]
- https://lwn.net/Articles/851849/
- https://iwantacve.org/
- https://twitter.com/CVEannounce/status/1368992488464203777
Rust support for Linux kernel [10:12]
- https://lore.kernel.org/lkml/[email protected]/
- https://security.googleblog.com/2021/04/rust-in-linux-kernel.html
Securing open source from cloud to edge webinar [12:19]
- https://www.brighttalk.com/webcast/6793/440517
- Ubuntu is built with security in mind from the ground up, and how we keep you protected against major vulnerabilities
- How you can ensure performant open source in production environments
- Specific security services that can help you achieve maximum availability by reducing downtime and providing access to high and critical CVE fixes
- Ubuntu helps organisations remain compliant with government and industry standards and regulations, including Common Criteria EAL2 with FIPS 140-2 Level 1 certified crypto modules