ESB-2018.2271 - [Linux][Debian] linux kernel: Multiple vulnerabilities 2018-08-07

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.2271
                           linux security update
                               7 August 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           linux kernel
Publisher:         Debian
Operating System:  Debian GNU/Linux 9
                   Linux variants
Impact/Access:     Increased Privileges   -- Existing Account      
                   Create Arbitrary Files -- Existing Account      
                   Denial of Service      -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-13405 CVE-2018-5390 

Original Bulletin: 
   http://www.debian.org/security/2018/dsa-4266

Comment: This advisory references vulnerabilities in products which run on 
         platforms other than Debian. It is recommended that administrators 
         running linux check for an updated version of the software for their
         operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-4266-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
August 06, 2018                       https://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : linux
CVE ID         : CVE-2018-5390 CVE-2018-13405

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation or denial of service.

CVE-2018-5390

    Juha-Matti Tilli discovered that a remote attacker can trigger the
    worst case code paths for TCP stream reassembly with low rates of
    specially crafted packets leading to remote denial of service.

CVE-2018-13405

    Jann Horn discovered that the inode_init_owner function in
    fs/inode.c in the Linux kernel allows local users to create files
    with an unintended group ownership allowing attackers to escalate
    privileges by making a plain file executable and SGID.

For the stable distribution (stretch), these problems have been fixed in
version 4.9.110-3+deb9u1. This update includes fixes for several
regressions in the latest point release.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAltolY5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0T1cBAAhxrsiYuYMiQj9x+shNxxp6gWEXpDoOCwU0cXzZ2lii2uSPzP5TsIQey3
3nBjPCZthg8Q0fL2m0thbfS+i1HTT9tlJT7EjBGDjA0jm2o/lQCmH5rp8DDPtbwZ
2iZ9HyfosEFnbCd6VHtWIM3NoGZFUjvBWkb29/op800BqkHk69WchT1ZWSE8G85S
NAwG7tf/mfWIc0nYgieFo9i2X2bk0mNUOjC8xnVnK2TZY5jzK7f9fmQzdPAglZaI
t1UoQS4PMl6UTi7AJephorP6+6KJPg3n0rCgJYYXtnRO4PilSLveg7dNniKpCaDo
jJKVIcug8Hqo1zc6Uk0tgdZBPILZULyMGr7XUJ97cyA6i+9xhDpGPmqH6pbWQ+YZ
JplAY4PHZ2PUi+6is4LE7kYQfPk8+KvvshUB8Qr2Xa61GUDcgpdcaTmNmFYH3EAF
St27o/Nbs8WsKNzkOMxtyva88YJr7RDHr+nX/I1fKlI8zC8k3gHYYtJ11QhCDWKT
1O42ppxxaBUMo5ns0ZCjNBaMFPTaKrDYocAzhVot94I2++8InhFWbAzRq7B44fKe
E4Q6jDXY3x5MexSyZG3sGc6EwUtr/Gr8trB4TZkvNrQtZ9WBh28TOsldecGsncqw
I62eV7vx701dQDjtcDy/yZlGDjFTULQkyX8GPL9hIBeRjCFRhrA=
=h8it
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBW2jZt2aOgq3Tt24GAQjBCw/9EN7/YzyzEh6def7MvAvVH57nu2N8Q/pW
PfKCaxPAWZtN0nFueFRx+ubza52FyWzpzc6+5Qs725RYOahP50MkCzvlNGQOOgZW
re1M62vKhr0MBkkqOqVlQP05liDBmZfhU0YqoSosd+qXQuCpwLjNmhcJy638jkpa
ASWXM1Ka97v4VvkL3hYyW2BiiaPYjzO9t9OZjOBvdbKw6DsSupB9pIVoPHE/n0k+
9bFgwu1UM3krynR9iPLFQxampHhbdXCREmk+O10tDlqaXKSv0g30CGnYaE5pq0zq
dh905QBSnjD3jiejpuwviI+pdExgE/IrEKeGCaC0RL7345DkuOo9OKMEx7yDEuXV
gsTyNac/Sit9IUxRbv4ADmp48ugQTueb77dC5n9+mLVIbJySSMWxMOd+9oRhsi1O
mN3LSYdWEr/ADmCP8EhRFnQcizCt1ZxsEjzuyzwnK1Ui1ip81sMV4eYMZy24zTzI
JP2DuZBTcrmdid7bxPYBFVwsNkygnWW3fWXjksFpNVcgUwrJ7M77A3hYjt6/DZ3o
gR6+SA4bdvuyaTdm/xRh6FJJUBdZ5Ji93bmIXK7O8yFdc3LhTb/V2IogcCSaBfVt
1sdref75y0IeFkKsLLKtKJTZql23cOy/I2FVpoLc2/r+1Y5Z4zQ16Pc5pgjm16T8
4NT4ArV6SPA=
=OwyD
-----END PGP SIGNATURE-----

« Back to bulletins