Episode 90

This week we look at security updates for the X server, the Linux kernel and GnuTLS plus we preview the upcoming AppArmor3 release that is slated for Ubuntu 20.10 (Groovy Gorilla).

Ubuntu Security Podcast · Ubuntu Security Team

September 11, 202011m 27s

Audio is streamed directly from the publisher (people.canonical.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Overview

This week we look at security updates for the X server, the Linux kernel and GnuTLS plus we preview the upcoming AppArmor3 release that is slated for Ubuntu 20.10 (Groovy Gorilla).

This week in Ubuntu Security Updates

20 unique CVEs addressed

[USN-4487-1, USN-4487-2] libx11 vulnerabilities [00:58]

2 CVEs addressed in Precise ESM (12.04 ESM), Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
- CVE-2020-14363
- CVE-2020-14344
2 privilege escalation attacks
- integer overflow -> double free -> memory corruption
- integer overflow -> heap buffer overflow
- privilege escalation may be possible since in both cases could cause arbitrary code exec with a binary that is using libX11 and running with root privileges (setuid / sudo etc) - this is why we often advise don’t run graphical applications via sudo etc

[USN-4488-1, USN-4490-1] X.Org X Server vulnerabilities [02:29]

4 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
Various memory corruption vulnerabilities all discovered by Jan-Niklas Sohn - on some older releases (xenial and earlier) X server runs as root

[USN-4449-2] Apport vulnerabilities [03:28]

3 CVEs addressed in Trusty ESM (14.04 ESM)
Episode 85

[USN-4474-2] Firefox regressions [03:38]

8 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
Episode 89
80.0.1 - upstream release to fix regressions in 80.0 release -> crashes on GPU resets, WebGL rendering issues, performance issue in processing CA certs &c

[USN-4489-1] Linux kernel vulnerability [04:09]

1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS)
- CVE-2020-14386
AF_PACKET (layer 2) socket did not perform bounds checks in some places - requires CAP_NET_RAW or root - BUT can be root in a user namespace and these are enabled by default in Ubuntu and other Linux distros -> can disable by sysctl `kernel.unprivileged_userns_clone=0`

[USN-4491-1] GnuTLS vulnerability [06:01]

1 CVEs addressed in Focal (20.04 LTS)
- CVE-2020-24659
Malicious server can trigger a NULL ptr deref in client during TLS 1.3 negotiation - DoS

Goings on in Ubuntu Security Community

AppArmor3 slated for Ubuntu 20.10 [06:32]

Beta version of AppArmor3 is being prepared for Ubuntu 20.10 Groovy Gorilla - should land in -proposed next week and then main soon after
Provides ABI feature pinning - so upgrading to kernels with newer additional features will not break existing profiles
Rewrites of a number of tools into different languages to make their use and packaging easier
Support for new kernel features such as v8 ABI network socket rules, xattr attachment conditionals, PERFMON and BPF capabilities
Improved compilar warnings and semantic checks
Improved support for kernels that support LSM stacking
Profile modes - enforce (default), kill and unconfined

Get in contact

← All episodes of Ubuntu Security Podcast