This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
コンテンツは Alex Murray and Ubuntu Security Team によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Alex Murray and Ubuntu Security Team またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作権で保護された作品をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal。
Ubuntu Security Podcastに似ているもの
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Daily update on current cyber security threats
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
An open show powered by community LINUX Unplugged takes the best attributes of open collaboration and turns it into a weekly show about Linux.
…
continue reading
Player FM -ポッドキャストアプリ
Player FMアプリでオフラインにしPlayer FMう!
Player FMアプリでオフラインにしPlayer FMう!
))
Episode 103
Manage episode 284796244 series 2423058
コンテンツは Alex Murray and Ubuntu Security Team によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Alex Murray and Ubuntu Security Team またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作権で保護された作品をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal。
Overview
This week we take a deep dive look at 2 recent vulnerabilities in the popular application containerisation frameworks, snapd and flatpak, plus we cover security updates for MiniDLNA, PHP-PEAR, the Linux kernel and more.
This week in Ubuntu Security Updates
26 unique CVEs addressed
[USN-4720-2] Apport vulnerabilities [00:53]
- 3 CVEs addressed in Trusty ESM (14.04 ESM)
- Episode 102
[USN-4721-1] Flatpak vulnerability [01:06]
- 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Flatpak sandbox escape - Flatpak isolates applications inside their own mount / user / etc namespaces - allows sandboxed applications to communicate with the host via various portals - ie. open a file via a file chooser portal (aka powerbox)
- Portal D-Bus service provides the ability to launch other subprocesses in a new sandbox instance, following a NNP model (ie same or less privileges as caller) (eg. used by sandboxed webbrowers to process untrusted content inside less privileged subprocesses)
- Would previous allow a confined process to specify various environment variables which would then get passed to the `flatpak run` command to launch the new subprocess in its own sandbox - so fix is to sanitize environment variables
[USN-4722-1] ReadyMedia (MiniDLNA) vulnerabilities [01:11]
- 2 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Possible RCE via malicious UPnP requests - could send with chunked encoding, this would exploit a signdness bug leading to a heap buffer overflow
- Episode 91 - “CallStranger” - UPnP spec didn’t forbid subscription requests with a URL on a different network segment - could allow an attacker to cause a miniDLNA server to DoS a different endpoint
[USN-4723-1] PEAR vulnerability [02:30]
- 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Improper handling of symlinks in archives could result in arbitrary file overwrite via directory traversal - since PHP PEAR runs installer as root, could then overwrite arbitrary files as root and priv esc / code execution etc
[USN-4724-1] OpenLDAP vulnerabilities [03:14]
- 10 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Various issues
[USN-4725-1] QEMU vulnerabilities [03:20]
- 6 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Usual sorts of issues in device emulation etc resulting in info disclosure from host to guest or a crash of qemu host process etc
[USN-4717-2] Firefox regression [03:55]
- Affecting Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Upstream Firefox regression - 85.0.1
[USN-4726-1] OpenJDK vulnerability [04:04]
- Affecting Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Not much info from upstream on this one - “incorrectly handled direct buffering of characters” -> DoS or other unspecified impact
[USN-4713-2] Linux kernel vulnerability [04:22]
- 1 CVEs addressed in Trusty ESM (14.04 ESM), Bionic (18.04 LTS)
- Episode 102 - LIO SCSI XCOPY issue
[USN-4727-1] Linux kernel vulnerability [04:36]
- 1 CVEs addressed in Focal (20.04 LTS), Groovy (20.10)
- AF_VSOCK race conditions - local user could get code execution as root via memory corruption
[USN-4728-1] snapd vulnerability [05:11]
- 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Gilad Reti & Nimrod Stoler from CyberArk
- Thanks to Ian Johnson from snapd team for working on the fix
Get in contact
231 つのエピソード
シェア
Manage episode 284796244 series 2423058
コンテンツは Alex Murray and Ubuntu Security Team によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Alex Murray and Ubuntu Security Team またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作権で保護された作品をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal。
Overview
This week we take a deep dive look at 2 recent vulnerabilities in the popular application containerisation frameworks, snapd and flatpak, plus we cover security updates for MiniDLNA, PHP-PEAR, the Linux kernel and more.
This week in Ubuntu Security Updates
26 unique CVEs addressed
[USN-4720-2] Apport vulnerabilities [00:53]
- 3 CVEs addressed in Trusty ESM (14.04 ESM)
- Episode 102
[USN-4721-1] Flatpak vulnerability [01:06]
- 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Flatpak sandbox escape - Flatpak isolates applications inside their own mount / user / etc namespaces - allows sandboxed applications to communicate with the host via various portals - ie. open a file via a file chooser portal (aka powerbox)
- Portal D-Bus service provides the ability to launch other subprocesses in a new sandbox instance, following a NNP model (ie same or less privileges as caller) (eg. used by sandboxed webbrowers to process untrusted content inside less privileged subprocesses)
- Would previous allow a confined process to specify various environment variables which would then get passed to the `flatpak run` command to launch the new subprocess in its own sandbox - so fix is to sanitize environment variables
[USN-4722-1] ReadyMedia (MiniDLNA) vulnerabilities [01:11]
- 2 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Possible RCE via malicious UPnP requests - could send with chunked encoding, this would exploit a signdness bug leading to a heap buffer overflow
- Episode 91 - “CallStranger” - UPnP spec didn’t forbid subscription requests with a URL on a different network segment - could allow an attacker to cause a miniDLNA server to DoS a different endpoint
[USN-4723-1] PEAR vulnerability [02:30]
- 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Improper handling of symlinks in archives could result in arbitrary file overwrite via directory traversal - since PHP PEAR runs installer as root, could then overwrite arbitrary files as root and priv esc / code execution etc
[USN-4724-1] OpenLDAP vulnerabilities [03:14]
- 10 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Various issues
[USN-4725-1] QEMU vulnerabilities [03:20]
- 6 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Usual sorts of issues in device emulation etc resulting in info disclosure from host to guest or a crash of qemu host process etc
[USN-4717-2] Firefox regression [03:55]
- Affecting Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Upstream Firefox regression - 85.0.1
[USN-4726-1] OpenJDK vulnerability [04:04]
- Affecting Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Not much info from upstream on this one - “incorrectly handled direct buffering of characters” -> DoS or other unspecified impact
[USN-4713-2] Linux kernel vulnerability [04:22]
- 1 CVEs addressed in Trusty ESM (14.04 ESM), Bionic (18.04 LTS)
- Episode 102 - LIO SCSI XCOPY issue
[USN-4727-1] Linux kernel vulnerability [04:36]
- 1 CVEs addressed in Focal (20.04 LTS), Groovy (20.10)
- AF_VSOCK race conditions - local user could get code execution as root via memory corruption
[USN-4728-1] snapd vulnerability [05:11]
- 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)
- Gilad Reti & Nimrod Stoler from CyberArk
- Thanks to Ian Johnson from snapd team for working on the fix
Get in contact
231 つのエピソード
すべてのエピソード
×
プレーヤーFMへようこそ!
Player FMは今からすぐに楽しめるために高品質のポッドキャストをウェブでスキャンしています。 これは最高のポッドキャストアプリで、Android、iPhone、そしてWebで動作します。 全ての端末で購読を同期するためにサインアップしてください。
Ubuntu Security Podcastに似ているもの
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Daily update on current cyber security threats
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
An open show powered by community LINUX Unplugged takes the best attributes of open collaboration and turns it into a weekly show about Linux.
…
continue reading
Player FM -ポッドキャストアプリ
Player FMアプリでオフラインにしPlayer FMう!
Player FMアプリでオフラインにしPlayer FMう!
