Episode 151
This week we do the usual round-up of security vulnerability fixes for the various Ubuntu releases, plus we discuss enabling PIE for Python and preview some upcoming content on Ubuntu system hardening as well.
Ubuntu Security Podcast · Ubuntu Security Team
March 4, 20229m 19s
Audio is streamed directly from the publisher (people.canonical.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Overview
This week we do the usual round-up of security vulnerability fixes for the various Ubuntu releases, plus we discuss enabling PIE for Python and preview some upcoming content on Ubuntu system hardening as well.
This week in Ubuntu Security Updates
44 unique CVEs addressed
[USN-5292-4] snapd regression [00:52]
- 4 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Impish (21.10)
- Episode 149 - another regression with fish shell
[USN-5303-1] PHP vulnerability [01:20]
- 1 CVEs addressed in Focal (20.04 LTS), Impish (21.10)
- UAF - PoC exists which shows the ability to crash PHP interpreter via a crafted database query - possible RCE as well
[USN-5304-1] PolicyKit vulnerability [01:40]
- 1 CVEs addressed in Focal (20.04 LTS), Impish (21.10)
- fd exhaustion - send 2 requests and cause the first one to fail - leaks the fd - eventually polkit runs out of fds and crashes - will be restarted by systemd so impact is low
[USN-5305-1] MariaDB vulnerabilities [02:17]
- 10 CVEs addressed in Focal (20.04 LTS), Impish (21.10)
- Several security issues - latest upstream point releases
- 10.3.34 for 20.04 LTS
- 10.5.15 for 21.10
[USN-5306-1] WebKitGTK vulnerabilities [02:44]
- 3 CVEs addressed in Focal (20.04 LTS), Impish (21.10)
- Various issues in webkit fixed
[USN-5307-1] QEMU vulnerabilities [02:58]
- 11 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Impish (21.10)
- Various issues - integer overflow, NULL ptr derefs, memory leaks and disclosures in vhost-user GPU driver, crash or possible code-exec in USB redirector device emulation etc
[USN-5309-1] virglrenderer vulnerabilities [03:28]
- 2 CVEs addressed in Focal (20.04 LTS), Impish (21.10)
- Virtual GPU for KVM
- info leak and possible OOB write
[USN-5310-1] GNU C Library vulnerabilities [03:48]
- 12 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Impish (21.10)
- Usual mix of issues in libc - OOB read / writes - crash / possible code
execution - in various modules - character encoding handling in iconv,
netgroup lookups via nscd daemon,
wordexp()/realpath()/getcwd()functions etc
Goings on in Ubuntu Security Community
Python + PIE? [04:45]
- https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/1452115
- Request since 2015 to enable this
- When compiled as PIE enables to use exec ASLR which can frustrate ROP exploits etc
- Performance testing shows this to have no impact
- Coordinating with foundations team to try and land for Ubuntu 22.04 LTS as a FFe
Security advice for running your own server [07:02]
Hiring [07:33]
Ubuntu Security Engineer
- https://canonical.com/careers/2925180/security-engineer-ubuntu-remote
- Home based, worldwide