Episode 137
Ubuntu Security Podcast
English - November 12, 2021 04:18 - 7 minutes - 5.45 MB - ★★★★★ - 10 ratingsTechnology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
This week we look at some details of the 29 unique CVEs addressed across
the supported Ubuntu releases in the past 7 days and more.
Overview
This week we look at some details of the 29 unique CVEs addressed across
the supported Ubuntu releases in the past 7 days and more.
This week in Ubuntu Security Updates
29 unique CVEs addressed
[USN-5131-1] Firefox vulnerabilities [00:42]
6 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04), Impish (21.10)
CVE-2021-38509
CVE-2021-38508
CVE-2021-38507
CVE-2021-38506
CVE-2021-38504
CVE-2021-38503
94.0
Copy image link - copies final image URL after redirects - if a page
were to then combine this with a content security policy which blocked
a redirect, the image URL may then contain any authentication tokens -
and so if a page could trick a user into copying and pasting that image
URL into the page an attacker could steal their auth token
Various web framework issues
[USN-5132-1] Thunderbird vulnerabilities [01:56]
6 CVEs addressed in Impish (21.10)
CVE-2021-38501
CVE-2021-38500
CVE-2021-38498
CVE-2021-38497
CVE-2021-38496
CVE-2021-32810
91.2.1
Usual web framework issues
[USN-5133-1] ICU vulnerability [02:17]
1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS)
unicode handling library
UAF - could be triggered if was packaging the ICU data with malicious
input -> crash / RCU
[USN-5135-1] Linux kernel vulnerability [02:43]
1 CVEs addressed in Focal (20.04 LTS), Hirsute (21.04), Impish (21.10)
impish (5.13), hirsute (5.11), focal hwe (5.11)
IPC memory objects not properly accounted for in memcg - could allow to
bypass limits and cause DoS
[USN-5130-1] Linux kernel vulnerabilities [03:24]
2 CVEs addressed in Trusty ESM (14.04 ESM)
3.13
2 vulns courtesy of Jann Horn (GPZ) - in tty subsystem - lock order
issues - UAF - DoS/privesc (Episode 106)
[USN-5136-1] Linux kernel vulnerabilities [04:06]
9 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS)
CVE-2021-42252
CVE-2021-38199
CVE-2021-3759
CVE-2021-3753
CVE-2021-3743
CVE-2021-3655
CVE-2020-36385
CVE-2020-36322
CVE-2019-19449
4.15 (bionic, xenial hwe, trusty azure)
IPC memory object leak plus various other vulns from Episode 136
[USN-5137-1] Linux kernel vulnerabilities [04:48]
10 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
CVE-2021-42252
CVE-2021-3759
CVE-2021-3753
CVE-2021-3743
CVE-2021-3739
CVE-2021-35477
CVE-2021-34556
CVE-2021-3428
CVE-2020-36385
CVE-2019-19449
5.4 (focal, bionic hwe)
[USN-5134-1] Docker vulnerability [04:50]
1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04), Impish (21.10)
If was using a private registry for docker login but also had configured
credsStore and credsHelper in ~/.docker/config.json and these were not
able to be executed (ie. execute bit not set or not in $PATH), then creds
would get sent to the public docker registry rather than the configured
private registry.
Goings on in Ubuntu Security Community
Hiring [06:00]
Security - Product Manager
HOME BASED - EMEA (Europe, Middle East, Africa)
Role includes:
guiding the evolution of security offerings from Canonical and Ubuntu
driving compliance and certification of Ubuntu
engaging with the open source security community
telling the story of Canonical’s work to deliver secure platforms
https://canonical.com/careers/2278145/security-product-manager-remote
Get in contact
[email protected]
#ubuntu-security on the Libera.Chat IRC network
ubuntu-hardened mailing list
Security section on discourse.ubuntu.com
@ubuntu_sec on twitter