Ubuntu 6346 Published by

The following security updates are available for Ubuntu Linux:

[USN-6611-1] Exim vulnerability
[USN-6610-1] Firefox vulnerabilities
[USN-6613-1] Ceph vulnerability
[USN-6604-2] Linux kernel (Azure) vulnerabilities
[USN-6605-2] Linux kernel (KVM) vulnerabilities




[USN-6611-1] Exim vulnerability


==========================================================================
Ubuntu Security Notice USN-6611-1
January 29, 2024

exim4 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 23.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)

Summary:

Exim could be made to bypass an SPF protection mechanism if it received
a specially crafted request.

Software Description:
- exim4: Exim is a mail transport agent

Details:

It was discovered that Exim incorrectly handled certain requests.
A remote attacker could possibly use a published exploitation technique
to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass
of an SPF protection mechanism.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
exim4 4.96-17ubuntu2.2
exim4-base 4.96-17ubuntu2.2
eximon4 4.96-17ubuntu2.2

Ubuntu 22.04 LTS:
exim4 4.95-4ubuntu2.5
exim4-base 4.95-4ubuntu2.5
eximon4 4.95-4ubuntu2.5

Ubuntu 20.04 LTS:
exim4 4.93-13ubuntu1.10
exim4-base 4.93-13ubuntu1.10
eximon4 4.93-13ubuntu1.10

Ubuntu 18.04 LTS (Available with Ubuntu Pro):
exim4 4.90.1-1ubuntu1.10+esm3
exim4-base 4.90.1-1ubuntu1.10+esm3
eximon4 4.90.1-1ubuntu1.10+esm3

Ubuntu 16.04 LTS (Available with Ubuntu Pro):
exim4 4.86.2-2ubuntu2.6+esm6
exim4-base 4.86.2-2ubuntu2.6+esm6
eximon4 4.86.2-2ubuntu2.6+esm6

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-6611-1
CVE-2023-51766

Package Information:
https://launchpad.net/ubuntu/+source/exim4/4.96-17ubuntu2.2
https://launchpad.net/ubuntu/+source/exim4/4.95-4ubuntu2.5
https://launchpad.net/ubuntu/+source/exim4/4.93-13ubuntu1.10



[USN-6610-1] Firefox vulnerabilities


==========================================================================
Ubuntu Security Notice USN-6610-1
January 29, 2024

firefox vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in Firefox.

Software Description:
- firefox: Mozilla Open Source web browser

Details:

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-0741,
CVE-2024-0742, CVE-2024-0743, CVE-2024-0744, CVE-2024-0745, CVE-2024-0747,
CVE-2024-0748, CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753,
CVE-2024-0754, CVE-2024-0755)

Cornel Ionce discovered that Firefox did not properly manage memory when
opening the print preview dialog. An attacker could potentially exploit
this issue to cause a denial of service. (CVE-2024-0746)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
firefox 122.0+build2-0ubuntu0.20.04.1

After a standard system update you need to restart Firefox to make all the
necessary changes.

References:
https://ubuntu.com/security/notices/USN-6610-1
CVE-2024-0741, CVE-2024-0742, CVE-2024-0743, CVE-2024-0744,
CVE-2024-0745, CVE-2024-0746, CVE-2024-0747, CVE-2024-0748,
CVE-2024-0749, CVE-2024-0750, CVE-2024-0751, CVE-2024-0753,
CVE-2024-0754, CVE-2024-0755

Package Information:
https://launchpad.net/ubuntu/+source/firefox/122.0+build2-0ubuntu0.20.04.1



[USN-6613-1] Ceph vulnerability


==========================================================================
Ubuntu Security Notice USN-6613-1
January 29, 2024

ceph vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 23.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)

Summary:

Ceph could be made to bypass authorization checks if it received a
specially crafted request.

Software Description:
- ceph: distributed storage and file system

Details:

Lucas Henry discovered that Ceph incorrectly handled specially
crafted POST requests. An uprivileged user could use this to
bypass Ceph's authorization checks and upload a file to any bucket.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 23.10:
ceph 18.2.0-0ubuntu3.1
ceph-base 18.2.0-0ubuntu3.1
ceph-common 18.2.0-0ubuntu3.1

Ubuntu 22.04 LTS:
ceph 17.2.6-0ubuntu0.22.04.3
ceph-base 17.2.6-0ubuntu0.22.04.3
ceph-common 17.2.6-0ubuntu0.22.04.3

Ubuntu 20.04 LTS:
ceph 15.2.17-0ubuntu0.20.04.6
ceph-base 15.2.17-0ubuntu0.20.04.6
ceph-common 15.2.17-0ubuntu0.20.04.6

Ubuntu 18.04 LTS (Available with Ubuntu Pro):
ceph 12.2.13-0ubuntu0.18.04.11+esm1
ceph-base 12.2.13-0ubuntu0.18.04.11+esm1
ceph-common 12.2.13-0ubuntu0.18.04.11+esm1

Ubuntu 16.04 LTS (Available with Ubuntu Pro):
ceph 10.2.11-0ubuntu0.16.04.3+esm1
ceph-common 10.2.11-0ubuntu0.16.04.3+esm1

Ubuntu 14.04 LTS (Available with Ubuntu Pro):
ceph 0.80.11-0ubuntu1.14.04.4+esm2
ceph-common 0.80.11-0ubuntu1.14.04.4+esm2

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-6613-1
CVE-2023-43040

Package Information:
https://launchpad.net/ubuntu/+source/ceph/18.2.0-0ubuntu3.1
https://launchpad.net/ubuntu/+source/ceph/17.2.6-0ubuntu0.22.04.3
https://launchpad.net/ubuntu/+source/ceph/15.2.17-0ubuntu0.20.04.6



[USN-6604-2] Linux kernel (Azure) vulnerabilities


==========================================================================
Ubuntu Security Notice USN-6604-2
January 29, 2024

linux-azure, linux-azure-4.15 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS (Available with Ubuntu Pro)
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems

Details:

It was discovered that the ASUS HID driver in the Linux kernel did not
properly handle device removal, leading to a use-after-free vulnerability.
A local attacker with physical access could plug in a specially crafted USB
device to cause a denial of service (system crash). (CVE-2023-1079)

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii
Oleksenko discovered that some AMD processors could leak stale data from
division operations in certain situations. A local attacker could possibly
use this to expose sensitive information. (CVE-2023-20588)

It was discovered that a race condition existed in the Linux kernel when
performing operations with kernel objects, leading to an out-of-bounds
write. A local attacker could use this to cause a denial of service (system
crash) or execute arbitrary code. (CVE-2023-45863)

It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly validate the server frame size in certain
situation, leading to an out-of-bounds read vulnerability. An attacker
could use this to construct a malicious CIFS image that, when operated on,
could cause a denial of service (system crash) or possibly expose sensitive
information. (CVE-2023-6606)

Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf
subsystem in the Linux kernel did not properly validate all event sizes
when attaching new events, leading to an out-of-bounds write vulnerability.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6931)

It was discovered that the IGMP protocol implementation in the Linux kernel
contained a race condition, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6932)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS (Available with Ubuntu Pro):
linux-image-4.15.0-1173-azure 4.15.0-1173.188
linux-image-azure-lts-18.04 4.15.0.1173.141

Ubuntu 16.04 LTS (Available with Ubuntu Pro):
linux-image-4.15.0-1173-azure 4.15.0-1173.188~16.04.1
linux-image-azure 4.15.0.1173.157

Ubuntu 14.04 LTS (Available with Ubuntu Pro):
linux-image-4.15.0-1173-azure 4.15.0-1173.188~14.04.1
linux-image-azure 4.15.0.1173.139

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-6604-2
https://ubuntu.com/security/notices/USN-6604-1
CVE-2023-1079, CVE-2023-20588, CVE-2023-45863, CVE-2023-6606,
CVE-2023-6931, CVE-2023-6932



[USN-6605-2] Linux kernel (KVM) vulnerabilities


==========================================================================
Ubuntu Security Notice USN-6605-2
January 29, 2024

linux-kvm vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
- linux-kvm: Linux kernel for cloud environments

Details:

Lin Ma discovered that the netfilter subsystem in the Linux kernel did not
properly validate network family support while creating a new netfilter
table. A local attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2023-6040)

It was discovered that the CIFS network file system implementation in the
Linux kernel did not properly validate the server frame size in certain
situation, leading to an out-of-bounds read vulnerability. An attacker
could use this to construct a malicious CIFS image that, when operated on,
could cause a denial of service (system crash) or possibly expose sensitive
information. (CVE-2023-6606)

Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf
subsystem in the Linux kernel did not properly validate all event sizes
when attaching new events, leading to an out-of-bounds write vulnerability.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6931)

It was discovered that the IGMP protocol implementation in the Linux kernel
contained a race condition, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-6932)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
linux-image-5.4.0-1105-kvm 5.4.0-1105.112
linux-image-kvm 5.4.0.1105.101

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://ubuntu.com/security/notices/USN-6605-2
https://ubuntu.com/security/notices/USN-6605-1
CVE-2023-6040, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932

Package Information:
https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1105.112