This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Alex Murray and Ubuntu Security Team에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Alex Murray and Ubuntu Security Team 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
Player FM -팟 캐스트 앱
Player FM 앱으로 오프라인으로 전환하세요!
Player FM 앱으로 오프라인으로 전환하세요!
Episode 109
Manage episode 288385430 series 2423058
Alex Murray and Ubuntu Security Team에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Alex Murray and Ubuntu Security Team 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
Overview
This week we look at security updates for containerd, Ruby, the Linux kernel, Pygments and more, plus we cover some open positions within the team as well.
This week in Ubuntu Security Updates
28 unique CVEs addressed
[USN-4881-1] containerd vulnerability [00:38]
- 1 CVEs addressed in Focal (20.04 LTS), Groovy (20.10)
- When using the containerd CRI implementation (kubernetes container runtime interface) - would share environment variables etc between containers that shared the same image - so could allow an inadvertent info leak from one container to another - race condition so would be less likely to occur if not launching containers in rapid succession which share the same image
[USN-4882-1] Ruby vulnerabilities [01:27]
- 3 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Crafted JSON could result in RCE - could create a malicious object within the interpreter
- Possible info leak via unintialised memory across socket operations - heap info leak so could expose sensitive data from the interpreter
- Failure to validate xfer encoding header - could bypass reverse proxy and so be vulnerable to HTTP request smuggling attacks
[USN-4883-1] Linux kernel vulnerabilities [02:32]
- 3 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS)
- 4.15 kernel for bionic + 4.4 kernel for xenial
- 3 iSCSI issues, most important was heap overflow that could be exploited by a local attacker -> code-exec as root
- Other 2 are info leak via kernel pointers being disclosed to userspace and a OOB read -> crash or possible infoleak
[USN-4884-1] Linux kernel (OEM) vulnerabilities [03:13]
- 3 CVEs addressed in Focal (20.04 LTS)
- OEM kernel - 5.10
- UAF in network block device driver - local attacker could exploit for crash/codexec
[USN-4885-1] Pygments vulnerability [03:36]
- 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- infinite loop -> CPU based DoS when parsing crafted Standard ML files - input file containing just ’exception’ would be enough to trigger this
[USN-4886-1] Privoxy vulnerabilities [04:18]
- 14 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Privacy enhancing HTTP proxy
- Incorrect handling of:
- CGI requests -> DoS/info-leak
- regexes -> DoS (crash + mem-leak)
- client tags -> DoS (memory leaks)
[USN-4887-1] Linux kernel vulnerabilities [05:03]
- 6 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- BPF verifier failed to properly handle mod32 destination register truncation when source register was known to be 0 -> could be turned into an arbitrary memory read -> info-leak - and can’t rule out arbitrary memory write -> RCE
- Spectre mitigations for BPF were found to be insufficient - could allow an attacker to read entirety of kernel memory via speculative execution attack through BPF
- iSCSI issues discussed earlier too
Goings on in Ubuntu Security Community
Hiring [07:04]
AppArmor Security Engineer
Ubuntu Security Engineer
Security Engineer - Ubuntu
Get in contact
231 에피소드
Manage episode 288385430 series 2423058
Alex Murray and Ubuntu Security Team에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Alex Murray and Ubuntu Security Team 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
Overview
This week we look at security updates for containerd, Ruby, the Linux kernel, Pygments and more, plus we cover some open positions within the team as well.
This week in Ubuntu Security Updates
28 unique CVEs addressed
[USN-4881-1] containerd vulnerability [00:38]
- 1 CVEs addressed in Focal (20.04 LTS), Groovy (20.10)
- When using the containerd CRI implementation (kubernetes container runtime interface) - would share environment variables etc between containers that shared the same image - so could allow an inadvertent info leak from one container to another - race condition so would be less likely to occur if not launching containers in rapid succession which share the same image
[USN-4882-1] Ruby vulnerabilities [01:27]
- 3 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Crafted JSON could result in RCE - could create a malicious object within the interpreter
- Possible info leak via unintialised memory across socket operations - heap info leak so could expose sensitive data from the interpreter
- Failure to validate xfer encoding header - could bypass reverse proxy and so be vulnerable to HTTP request smuggling attacks
[USN-4883-1] Linux kernel vulnerabilities [02:32]
- 3 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS)
- 4.15 kernel for bionic + 4.4 kernel for xenial
- 3 iSCSI issues, most important was heap overflow that could be exploited by a local attacker -> code-exec as root
- Other 2 are info leak via kernel pointers being disclosed to userspace and a OOB read -> crash or possible infoleak
[USN-4884-1] Linux kernel (OEM) vulnerabilities [03:13]
- 3 CVEs addressed in Focal (20.04 LTS)
- OEM kernel - 5.10
- UAF in network block device driver - local attacker could exploit for crash/codexec
[USN-4885-1] Pygments vulnerability [03:36]
- 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- infinite loop -> CPU based DoS when parsing crafted Standard ML files - input file containing just ’exception’ would be enough to trigger this
[USN-4886-1] Privoxy vulnerabilities [04:18]
- 14 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Privacy enhancing HTTP proxy
- Incorrect handling of:
- CGI requests -> DoS/info-leak
- regexes -> DoS (crash + mem-leak)
- client tags -> DoS (memory leaks)
[USN-4887-1] Linux kernel vulnerabilities [05:03]
- 6 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- BPF verifier failed to properly handle mod32 destination register truncation when source register was known to be 0 -> could be turned into an arbitrary memory read -> info-leak - and can’t rule out arbitrary memory write -> RCE
- Spectre mitigations for BPF were found to be insufficient - could allow an attacker to read entirety of kernel memory via speculative execution attack through BPF
- iSCSI issues discussed earlier too
Goings on in Ubuntu Security Community
Hiring [07:04]
AppArmor Security Engineer
Ubuntu Security Engineer
Security Engineer - Ubuntu
Get in contact
231 에피소드
모든 에피소드
×플레이어 FM에 오신것을 환영합니다!
플레이어 FM은 웹에서 고품질 팟캐스트를 검색하여 지금 바로 즐길 수 있도록 합니다. 최고의 팟캐스트 앱이며 Android, iPhone 및 웹에서도 작동합니다. 장치 간 구독 동기화를 위해 가입하세요.