To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. 理解しました
Artwork

Alex Murray Ubuntu Security Team Linux Tech Operating Systems Alex and Joe Security Software Development
コンテンツは Alex Murray and Ubuntu Security Team によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Alex Murray and Ubuntu Security Team またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作物をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal

Ubuntu Security Podcastに似ているもの

Player FM -ポッドキャストアプリ
Player FMアプリでオフラインにしPlayer FMう!
Get it on App Store Get it on Google Play

Ubuntu Security Podcast « »
Episode 215

30:46
 
再生
再生中
シェア
 

MP3エピソードのホーム
Manage episode 388245533 series 2423058
コンテンツは Alex Murray and Ubuntu Security Team によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Alex Murray and Ubuntu Security Team またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作物をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal

Overview

Mark Esler is our special guest on the podcast this week to discuss the OpenSSF’s Compiler Options Hardening Guide for C/C++ plus we cover vulnerabilities and updates for GIMP, FreeRDP, GStreamer, HAProxy and more.

This week in Ubuntu Security Updates

65 unique CVEs addressed

[USN-6521-1] GIMP vulnerabilities (00:50)

  • 6 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS), Lunar (23.04), Mantic (23.10)
  • Includes 4 recent issues disclosed via Trend’s ZDI - all found by the same researcher - 2 heap buffer overflows in DDS and PSD parsers, ab integer overflow and a separate off-by-one error in the PSP parser which could apparently lead to remote code execution plus a couple DoS related issues (unhandled exception and an excessive memory allocation) - both leading to a crash

[USN-6522-1] FreeRDP vulnerabilities (01:39)

  • 3 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS), Lunar (23.04), Mantic (23.10)
  • Windows RDP client
  • Malicious server could send a crafted drive redirect to the client - triggering an OOB read, causing the client to disclose memory contents and therefore possibly sensitive info to the server
  • Plus an OOB write and an OOB read on crafted image data - both also likely leading to a crash

[USN-6523-1] u-boot-nezha vulnerability (02:19)

  • 3 CVEs addressed in Jammy (22.04 LTS), Lunar (23.04)
  • u-boot for the Allwinner Nezha RISC-V board
  • Missing length checks in DFU parser -> heap buffer overflow
  • 2 other buffer overflows when handling fragmented IP packets

[USN-6524-1] PyPy vulnerability (03:06)

  • 1 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS)
  • Integer overflow leading to a buffer overflow in SHA3 - comes from the original reference implementation of SHA3
  • Has affected a range of packages in Ubuntu
    • PHP, Python itself and now PyPy

[USN-6525-1] pysha3 vulnerability (03:06)

  • 1 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS)
  • Same as above

[USN-6519-2] EC2 hibagent update

  • Affecting Xenial ESM (16.04 ESM)

[USN-6526-1] GStreamer Bad Plugins vulnerabilities (03:16)

  • 6 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS), Lunar (23.04), Mantic (23.10)
  • Heap overflow in PGS subtitle overlay decoder
  • Various integer overflows -> heap buffer overflows in MXF container handler (Material Exchange Format) - apparently used for delivering advertisements to TV stations and for movies in commercial theatres - specifically in handling of files using AES3 audio
  • MXF demuxer UAF
  • AV1 buffer overflow
  • Integer overflow -> stack overflow in H.256 parser

[USN-6527-1] OpenJDK vulnerabilities (04:09)

  • 2 CVEs addressed in Bionic ESM (18.04 ESM), Focal (20.04 LTS), Jammy (22.04 LTS), Lunar (23.04), Mantic (23.10)
  • 11.0.21 + 17.0.9

[USN-6528-1] OpenJDK 8 vulnerabilities (04:25)

[USN-6509-2] Firefox regressions (04:34)

[USN-6529-1] Request Tracker vulnerabilities (05:25)

  • 4 CVEs addressed in Bionic ESM (18.04 ESM), Focal (20.04 LTS), Jammy (22.04 LTS), Lunar (23.04), Mantic (23.10)
  • Possible timing attack in the authentication module - could allow to enumerate user accounts
  • XSS plus some info leaks as well

[USN-6530-1] HAProxy vulnerability (06:12)

  • 1 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS), Lunar (23.04)
  • Mishandling of # character in URIs could allow unexpected routing of a URI containing say index.html#.png to a static server (since usually is configured to route .png to a static server, but in this case the request is really for index.html)

[USN-6531-1] Redis vulnerabilities (07:06)

  • 6 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic ESM (18.04 ESM), Focal (20.04 LTS), Jammy (22.04 LTS)
  • Heap overflow in cjson library able to be triggered by a Lua script -> RCE
  • Race condition on setting permissions on the local unix socket - if using a less restrictive umask could allow a local attacker to race redis on startup
  • Also various integer overflows and other issues fixed too

[USN-6494-2] Linux kernel vulnerabilities (08:08)

[USN-6495-2] Linux kernel vulnerabilities

[USN-6496-2] Linux kernel vulnerabilities

[USN-6502-4] Linux kernel vulnerabilities

[USN-6532-1] Linux kernel vulnerabilities

[USN-6533-1] Linux kernel (OEM) vulnerabilities

[USN-6534-1] Linux kernel vulnerabilities

Goings on in Ubuntu Security Community

Alex discusses the OpenSSF’s Compiler Options Hardening Guide for C/C++ with Mark Esler (08:38)

Get in contact

  continue reading

232 つのエピソード

#Alex Murray #Ubuntu Security Team #Linux #Tech #Operating Systems #Alex and Joe #Security #Software Development
Artwork

Episode 215

Ubuntu Security Podcast

139 subscribers

published

再生 再生中
iconシェア
 
MP3エピソードのホーム
Manage episode 388245533 series 2423058
コンテンツは Alex Murray and Ubuntu Security Team によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Alex Murray and Ubuntu Security Team またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作物をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal

Overview

Mark Esler is our special guest on the podcast this week to discuss the OpenSSF’s Compiler Options Hardening Guide for C/C++ plus we cover vulnerabilities and updates for GIMP, FreeRDP, GStreamer, HAProxy and more.

This week in Ubuntu Security Updates

65 unique CVEs addressed

[USN-6521-1] GIMP vulnerabilities (00:50)

  • 6 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS), Lunar (23.04), Mantic (23.10)
  • Includes 4 recent issues disclosed via Trend’s ZDI - all found by the same researcher - 2 heap buffer overflows in DDS and PSD parsers, ab integer overflow and a separate off-by-one error in the PSP parser which could apparently lead to remote code execution plus a couple DoS related issues (unhandled exception and an excessive memory allocation) - both leading to a crash

[USN-6522-1] FreeRDP vulnerabilities (01:39)

  • 3 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS), Lunar (23.04), Mantic (23.10)
  • Windows RDP client
  • Malicious server could send a crafted drive redirect to the client - triggering an OOB read, causing the client to disclose memory contents and therefore possibly sensitive info to the server
  • Plus an OOB write and an OOB read on crafted image data - both also likely leading to a crash

[USN-6523-1] u-boot-nezha vulnerability (02:19)

  • 3 CVEs addressed in Jammy (22.04 LTS), Lunar (23.04)
  • u-boot for the Allwinner Nezha RISC-V board
  • Missing length checks in DFU parser -> heap buffer overflow
  • 2 other buffer overflows when handling fragmented IP packets

[USN-6524-1] PyPy vulnerability (03:06)

  • 1 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS)
  • Integer overflow leading to a buffer overflow in SHA3 - comes from the original reference implementation of SHA3
  • Has affected a range of packages in Ubuntu
    • PHP, Python itself and now PyPy

[USN-6525-1] pysha3 vulnerability (03:06)

  • 1 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS)
  • Same as above

[USN-6519-2] EC2 hibagent update

  • Affecting Xenial ESM (16.04 ESM)

[USN-6526-1] GStreamer Bad Plugins vulnerabilities (03:16)

  • 6 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS), Lunar (23.04), Mantic (23.10)
  • Heap overflow in PGS subtitle overlay decoder
  • Various integer overflows -> heap buffer overflows in MXF container handler (Material Exchange Format) - apparently used for delivering advertisements to TV stations and for movies in commercial theatres - specifically in handling of files using AES3 audio
  • MXF demuxer UAF
  • AV1 buffer overflow
  • Integer overflow -> stack overflow in H.256 parser

[USN-6527-1] OpenJDK vulnerabilities (04:09)

  • 2 CVEs addressed in Bionic ESM (18.04 ESM), Focal (20.04 LTS), Jammy (22.04 LTS), Lunar (23.04), Mantic (23.10)
  • 11.0.21 + 17.0.9

[USN-6528-1] OpenJDK 8 vulnerabilities (04:25)

[USN-6509-2] Firefox regressions (04:34)

[USN-6529-1] Request Tracker vulnerabilities (05:25)

  • 4 CVEs addressed in Bionic ESM (18.04 ESM), Focal (20.04 LTS), Jammy (22.04 LTS), Lunar (23.04), Mantic (23.10)
  • Possible timing attack in the authentication module - could allow to enumerate user accounts
  • XSS plus some info leaks as well

[USN-6530-1] HAProxy vulnerability (06:12)

  • 1 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS), Lunar (23.04)
  • Mishandling of # character in URIs could allow unexpected routing of a URI containing say index.html#.png to a static server (since usually is configured to route .png to a static server, but in this case the request is really for index.html)

[USN-6531-1] Redis vulnerabilities (07:06)

  • 6 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic ESM (18.04 ESM), Focal (20.04 LTS), Jammy (22.04 LTS)
  • Heap overflow in cjson library able to be triggered by a Lua script -> RCE
  • Race condition on setting permissions on the local unix socket - if using a less restrictive umask could allow a local attacker to race redis on startup
  • Also various integer overflows and other issues fixed too

[USN-6494-2] Linux kernel vulnerabilities (08:08)

[USN-6495-2] Linux kernel vulnerabilities

[USN-6496-2] Linux kernel vulnerabilities

[USN-6502-4] Linux kernel vulnerabilities

[USN-6532-1] Linux kernel vulnerabilities

[USN-6533-1] Linux kernel (OEM) vulnerabilities

[USN-6534-1] Linux kernel vulnerabilities

Goings on in Ubuntu Security Community

Alex discusses the OpenSSF’s Compiler Options Hardening Guide for C/C++ with Mark Esler (08:38)

Get in contact

  continue reading

232 つのエピソード

#Alex Murray #Ubuntu Security Team #Linux #Tech #Operating Systems #Alex and Joe #Security #Software Development

すべてのエピソード

×
 
Loading …

プレーヤーFMへようこそ!

Player FMは今からすぐに楽しめるために高品質のポッドキャストをウェブでスキャンしています。 これは最高のポッドキャストアプリで、Android、iPhone、そしてWebで動作します。 全ての端末で購読を同期するためにサインアップしてください。

 

Ubuntu Security Podcastに似ているもの

500+以上のトピックを聴こう
Player FM -ポッドキャストアプリ
Player FMアプリでオフラインにしPlayer FMう!
Get it on App Store Get it on Google Play

クイックリファレンスガイド

トップポッドキャスト
鈴木淑子の地球は競馬でまわってる
文化放送競馬中継~今週のメインレース
ボードゲームおっぱい
聴く日経ヘッドライン
サンドウィッチマンの東北魂
トータルテンボスのぬきさしならナイト!
流行りモノ通信簿
RADIO365-TOKYO BAYSIDE RADIO STATION
町田徹のふかぼり!
足立明穂の週刊ITトレンドX
伊藤洋一のRound Up World Now!
The other side journal
KIQTAS(キクタス)
ヴォイニッチの科学書
武田邦彦のヒバリクラブ
IchibanTalk 海外で頑張る日本人トーク
BUSINESS WARS / ビジネスウォーズ
Player FM logo
ヘルプ/よくある質問 | アップグレード | Advertise
アート|ビジネス|コメディ|経済|エンターテインメント|ニュース|政治|宗教
科学|サッカー|スポーツ|物語・ストーリーテリング|テクノロジー|事件/犯罪
著作権2024 | サイトマップ | 個人情報保護方針 | 利用規約 | | 著作権
Episode being played series thumbnail
icon icon
再生速度
シリーズの設定
1x
1x
Volume
100%
icon
icon icon
/

でPlayer FMを表示...
Player FM
Browser
Chrome
Safari
Firefox