To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. 理解しました
Artwork

Alex Murray Ubuntu Security Team Linux Tech Operating Systems Alex and Joe Security Software Development
コンテンツは Alex Murray and Ubuntu Security Team によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Alex Murray and Ubuntu Security Team またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作権で保護された作品をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal

Ubuntu Security Podcastに似ているもの

Player FM -ポッドキャストアプリ
Player FMアプリでオフラインにしPlayer FMう!
Get it on App Store Get it on Google Play

Ubuntu Security Podcast « »
Episode 120

10:16
 
再生
再生中
シェア
 

MP3エピソードのホーム
Manage episode 295272332 series 2423058
コンテンツは Alex Murray and Ubuntu Security Team によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Alex Murray and Ubuntu Security Team またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作権で保護された作品をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal

Overview

In this week’s episode we look at how to get media coverage for your shiny new vulnerability, plus we cover security updates for ExifTool, ImageMagick, BlueZ and more.

This week in Ubuntu Security Updates

49 unique CVEs addressed

[USN-4986-2] rpcbind vulnerability [00:44]

  • 1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM)
  • Episode 119 (bionic) - memory leak on crafted requests

[USN-4986-3, USN-4986-4] rpcbind regression [01:11]

  • Affecting Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS)
  • Original fix missed follow-up patches to correct problems in the upstream fix - required multiple other bits to work correctly

[USN-4971-2] libwebp vulnerabilities [01:34]

[USN-4987-1] ExifTool vulnerability [01:50]

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10), Hirsute (21.04)
  • Was originally reported to gitlab via hackerone as exiftool is used on image uploads to redact image metadata etc - they coordinated the fix with exiftool upstream. RCE when parsing a malicious DjVu image - uses perl to parse DjVu and in doing so it eval’s certain constructs without properly validating them

[USN-4988-1] ImageMagick vulnerabilities [03:17]

[USN-4989-1] BlueZ vulnerabilities [03:56]

  • 3 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10), Hirsute (21.04)
  • 1 bluetooth core specification issue - during pairing a nearby attacker could interpose on the pairing process and hence complete the pairing instead of the intended device
  • 2 issues in bluez code itself
    • double free (UAF) + OOB read

Goings on in Ubuntu Security Community

How to get media coverage for your Linux vulnerabilities [04:48]

  • In Episode 119 covered an update for polkit - the following day Github published a blog post with significant details of the vuln - then we saw a heap of media coverage
  • Why did this vuln get so much coverage when lots of others don’t?
    • Great technical detail from a reputable and popular source (github)
    • Very clearly written and easy to understand
      • Is a simple logic error that can be triggered via a race-condition in a privileged daemon
      • PoC can be implemented as a 1 line bash invocation so is also simple to understand
      • c.f. a complicated memory corruption vuln or similar (ie no need to understand memory management, heap grooming etc etc)
  • Or give it a cool name and logo
    • heartbleed was one of the first to do this and this likely helped it get noticed and patched (plus fame/notoriety for the researchers)
    • Since then we have seen many (shellshock, stagefright, dirty cow, spectre, meltdown, boothole etc) but not all vulns that get names/logos are created equal - impact / exploitability varies greatly - so a name and a logo doesn’t necessarily mean a vuln is critical

Get in contact

  continue reading

231 つのエピソード

#Alex Murray #Ubuntu Security Team #Linux #Tech #Operating Systems #Alex and Joe #Security #Software Development
Artwork

Episode 120

Ubuntu Security Podcast

138 subscribers

published

再生 再生中
iconシェア
 
MP3エピソードのホーム
Manage episode 295272332 series 2423058
コンテンツは Alex Murray and Ubuntu Security Team によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Alex Murray and Ubuntu Security Team またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作権で保護された作品をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal

Overview

In this week’s episode we look at how to get media coverage for your shiny new vulnerability, plus we cover security updates for ExifTool, ImageMagick, BlueZ and more.

This week in Ubuntu Security Updates

49 unique CVEs addressed

[USN-4986-2] rpcbind vulnerability [00:44]

  • 1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM)
  • Episode 119 (bionic) - memory leak on crafted requests

[USN-4986-3, USN-4986-4] rpcbind regression [01:11]

  • Affecting Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS)
  • Original fix missed follow-up patches to correct problems in the upstream fix - required multiple other bits to work correctly

[USN-4971-2] libwebp vulnerabilities [01:34]

[USN-4987-1] ExifTool vulnerability [01:50]

  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10), Hirsute (21.04)
  • Was originally reported to gitlab via hackerone as exiftool is used on image uploads to redact image metadata etc - they coordinated the fix with exiftool upstream. RCE when parsing a malicious DjVu image - uses perl to parse DjVu and in doing so it eval’s certain constructs without properly validating them

[USN-4988-1] ImageMagick vulnerabilities [03:17]

[USN-4989-1] BlueZ vulnerabilities [03:56]

  • 3 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10), Hirsute (21.04)
  • 1 bluetooth core specification issue - during pairing a nearby attacker could interpose on the pairing process and hence complete the pairing instead of the intended device
  • 2 issues in bluez code itself
    • double free (UAF) + OOB read

Goings on in Ubuntu Security Community

How to get media coverage for your Linux vulnerabilities [04:48]

  • In Episode 119 covered an update for polkit - the following day Github published a blog post with significant details of the vuln - then we saw a heap of media coverage
  • Why did this vuln get so much coverage when lots of others don’t?
    • Great technical detail from a reputable and popular source (github)
    • Very clearly written and easy to understand
      • Is a simple logic error that can be triggered via a race-condition in a privileged daemon
      • PoC can be implemented as a 1 line bash invocation so is also simple to understand
      • c.f. a complicated memory corruption vuln or similar (ie no need to understand memory management, heap grooming etc etc)
  • Or give it a cool name and logo
    • heartbleed was one of the first to do this and this likely helped it get noticed and patched (plus fame/notoriety for the researchers)
    • Since then we have seen many (shellshock, stagefright, dirty cow, spectre, meltdown, boothole etc) but not all vulns that get names/logos are created equal - impact / exploitability varies greatly - so a name and a logo doesn’t necessarily mean a vuln is critical

Get in contact

  continue reading

231 つのエピソード

#Alex Murray #Ubuntu Security Team #Linux #Tech #Operating Systems #Alex and Joe #Security #Software Development

すべてのエピソード

×
 
Loading …

プレーヤーFMへようこそ!

Player FMは今からすぐに楽しめるために高品質のポッドキャストをウェブでスキャンしています。 これは最高のポッドキャストアプリで、Android、iPhone、そしてWebで動作します。 全ての端末で購読を同期するためにサインアップしてください。

 

Ubuntu Security Podcastに似ているもの

500+以上のトピックを聴こう
Player FM -ポッドキャストアプリ
Player FMアプリでオフラインにしPlayer FMう!
Get it on App Store Get it on Google Play

クイックリファレンスガイド

トップポッドキャスト
鈴木淑子の地球は競馬でまわってる
文化放送競馬中継~今週のメインレース
ボードゲームおっぱい
聴く日経ヘッドライン
サンドウィッチマンの東北魂
トータルテンボスのぬきさしならナイト!
流行りモノ通信簿
RADIO365-TOKYO BAYSIDE RADIO STATION
町田徹のふかぼり!
足立明穂の週刊ITトレンドX
伊藤洋一のRound Up World Now!
The other side journal
KIQTAS(キクタス)
ヴォイニッチの科学書
武田邦彦のヒバリクラブ
IchibanTalk 海外で頑張る日本人トーク
BUSINESS WARS / ビジネスウォーズ
Player FM logo
ヘルプ/よくある質問 | アップグレード | Advertise
アート|ビジネス|コメディ|経済|エンターテインメント|ニュース|政治|宗教
科学|サッカー|スポーツ|物語・ストーリーテリング|テクノロジー|事件/犯罪
著作権2024 | サイトマップ | 個人情報保護方針 | 利用規約 | | 著作権
Episode being played series thumbnail
icon icon
再生速度
シリーズの設定
1x
1x
Volume
100%
icon
icon icon
/

でPlayer FMを表示...
Player FM
Browser
Chrome
Safari
Firefox