You are Here:
Linux Lite 4.6 Final has been released. See the Release Announcements section for more information.



[ SECURITY ] Kernel Vulnerabilities in Ubuntu 16.04

Author (Read 6426 times)

0 Members and 2 Guests are viewing this topic.

Kernel Vulnerabilities in Ubuntu 16.04
« on: June 29, 2016, 02:35:35 PM »
 

Coastie

  • PayPal Supporter
  • Gold Level Poster
  • *****
  • 656
    Posts
  • Country: us
  • Reputation: 51
  • Linux Lite User

  • Linux Lite: 3.8 64bit

  • CPU: AMD A10-6700 (ASUS M32)

  • MEMORY: 12Gb

  • VIDEO CARD: ADM Radeon HD (integrated)
Is this a problem in LL 3.0? http://news.softpedia.com/news/canonical-patches-seven-linux-kernel-vulnerabilities-in-ubuntu-16-04-update-now-505720.shtml I have been looking for something about a kernel update when I install updates every day since I read about this.  :-\

Quote
Today, June 27, 2016, Canonical has published a new security notice to inform users of the Ubuntu 16.04 LTS (Xenial Xerus) operating system about the availability of an important kernel update. According to Ubuntu Security Notice USN-3016-1, a total of seven Linux kernel vulnerabilities have been discovered and fixed in the upstream Linux 4.4 LTS kernel by various developers. Therefore, Canonical has updated the kernel packages for its Ubuntu 16.04 LTS (Xenial Xerus) release to version linux-image-4.4.0-28 (4.4.0-28.47).
Among the patches, we can notice those for some validation issues with Linux kernel's netfilter implementation, an information leak in the core USB implementation, an information leak in the timer handling implementation, an information leak in the X.25 Call Request handling, and a bug in the Transparent Inter-process Communication (TIPC) implementation.
Detailed information and the respective CVEs are available in the security notice for your reading pleasure. The problems affect Ubuntu 16.04 LTS and all of its official derivatives, including Kubuntu 16.04 LTS, Xubuntu 16.04 LTS, Lubuntu 16.04 LTS, Ubuntu MATE 16.04 LTS, Ubuntu GNOME 16.04 LTS, Ubuntu Kylin 16.04 LTS, and Ubuntu Studio 16.04 LTS.
 Ubuntu 16.04 LTS users need to update right now If you are using the Ubuntu 16.04 LTS (Xenial Xerus) operating system, Canonical urges you to update as soon as possible. The new kernel version, linux-image-4.4.0-28 (4.4.0-28.47), is now live in the main software repositories. To update, open the Software Updater utility from the Unity Dash and apply all available updates by clicking on the "Install All" button.
For more details, please also visit https://wiki.ubuntu.com/Security/Upgrades. Keep in mind, though, that Ubuntu 16.04 LTS (Xenial Xerus) doesn't feature the live patching technology in its kernel packages, so you'll need to reboot your system for the new version to take effect. Also, you will have to rebuild any third-party kernel module you might have installed.
Update: Canonical has also released today the Ubuntu Security Notice USN-3017-1 bulletin to inform the community that all the issues patched in the kernel packages of Ubuntu 16.04 LTS (Xenial Xerus) should be of interest to users of Ubuntu 15.10 (Wily Werewolf) as well. Ubuntu 15.10 users need to update their systems to linux-image-4.2.0-41 (4.2.0-41.48) as soon as possible. Ubuntu 14.04 LTS and Ubuntu 12.04 LTS users are affected as well.

Last Edit: June 30, 2016, 03:10:45 PM by Jerry


Left Mac OS X for Linux in Jan 2014
 


Re: Kernel Vulnerabilities in Ubuntu 16.04
« Reply #1 on: June 29, 2016, 02:57:11 PM »
 

Wirezfree

  • PayPal Supporter
  • Platinum Level Poster
  • *****
  • 1484
    Posts
  • Country: gb
  • Reputation: 404
  • Linux Lite "Advocate"

  • Linux Lite: 2.8 64bit

  • CPU: i7-4790S

  • MEMORY: 16Gb

  • VIDEO CARD: Intel HD4600 (Integrated)
Hi,

The way I read this...
Affects all Ubuntu based systems from 12.04 upwards, so LL 2.x & 3.x, but only if you have Kernel 4.4 and/or upwards..??. maybe..??
Upgrades WIP 2.6 to 2.8 - (6 X 2.6 to 2.8 completed on: 20/02/16 All O.K )
Linux Lite 3.0 Humming on a ASRock N3070 Mobo ~ btrfs RAID 10 Install on 4 Disks :)

Computers Early days:
ZX Spectrum(1982) , HP-150 MS-DOS(1983) , Amstrad CPC464(1984) ,  BBC Micro B+64(1985) , My First PC HP-Vectra(1987)
 

Re: Kernel Vulnerabilities in Ubuntu 16.04
« Reply #2 on: June 29, 2016, 05:01:42 PM »
 

Coastie

  • PayPal Supporter
  • Gold Level Poster
  • *****
  • 656
    Posts
  • Country: us
  • Reputation: 51
  • Linux Lite User

  • Linux Lite: 3.8 64bit

  • CPU: AMD A10-6700 (ASUS M32)

  • MEMORY: 12Gb

  • VIDEO CARD: ADM Radeon HD (integrated)
uname -a shows I am using kernel 4.4.0-28-generic  :'(


Left Mac OS X for Linux in Jan 2014
 

Re: Kernel Vulnerabilities in Ubuntu 16.04
« Reply #3 on: June 29, 2016, 11:07:23 PM »
 

Jerry

  • Linux Lite Creator
  • Administrator
  • Platinum Level Poster
  • *****
  • 7071
    Posts
  • Country: nz
  • Reputation: 662
  • Linux Lite Member
    • Linux Lite OS

  • Linux Lite: 3.8 64bit

  • CPU: Intel Xeon Dual CPU's E5645 2.4GHz 12 Cores

  • MEMORY: 16Gb

  • VIDEO CARD: nVidia GeForce GTX 960
To update, open a terminal do:

Code: [Select]
sudo apt-get update
Code: [Select]
sudo apt-get install linux-generic
Reboot.

To easy :)

 

Re: Kernel Vulnerabilities in Ubuntu 16.04
« Reply #4 on: June 29, 2016, 11:50:26 PM »
 

Coastie

  • PayPal Supporter
  • Gold Level Poster
  • *****
  • 656
    Posts
  • Country: us
  • Reputation: 51
  • Linux Lite User

  • Linux Lite: 3.8 64bit

  • CPU: AMD A10-6700 (ASUS M32)

  • MEMORY: 12Gb

  • VIDEO CARD: ADM Radeon HD (integrated)
Followed your instructions, Jerry. Reported I was using the latest kernel. Rebooted and uname -a still shows I am using kernel 4.4.0-28-generic  :-\


Left Mac OS X for Linux in Jan 2014
 

Re: Kernel Vulnerabilities in Ubuntu 16.04
« Reply #5 on: June 29, 2016, 11:51:47 PM »
 

Jerry

  • Linux Lite Creator
  • Administrator
  • Platinum Level Poster
  • *****
  • 7071
    Posts
  • Country: nz
  • Reputation: 662
  • Linux Lite Member
    • Linux Lite OS

  • Linux Lite: 3.8 64bit

  • CPU: Intel Xeon Dual CPU's E5645 2.4GHz 12 Cores

  • MEMORY: 16Gb

  • VIDEO CARD: nVidia GeForce GTX 960
uname -a should show you WAY more than that, on my machine uname -a produces:

Code: [Select]
jerry@z800:~$ uname -a
Linux z800 4.4.0-28-generic #47-Ubuntu SMP Fri Jun 24 10:09:13 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
jerry@z800:~$
 

Re: Kernel Vulnerabilities in Ubuntu 16.04
« Reply #6 on: June 30, 2016, 12:32:09 AM »
 

Coastie

  • PayPal Supporter
  • Gold Level Poster
  • *****
  • 656
    Posts
  • Country: us
  • Reputation: 51
  • Linux Lite User

  • Linux Lite: 3.8 64bit

  • CPU: AMD A10-6700 (ASUS M32)

  • MEMORY: 12Gb

  • VIDEO CARD: ADM Radeon HD (integrated)
It does.

Code: [Select]
coastie@ASUS-K30BF-M32BF:~$ uname -a
Linux ASUS-K30BF-M32BF 4.4.0-28-generic #47-Ubuntu SMP Fri Jun 24 10:09:13 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
coastie@ASUS-K30BF-M32BF:~$

Since it says the same as yours, does this mean LL does not have this kernel vulnerability?  :-\
Last Edit: June 30, 2016, 12:34:55 AM by Coastie


Left Mac OS X for Linux in Jan 2014
 

Re: Kernel Vulnerabilities in Ubuntu 16.04
« Reply #7 on: June 30, 2016, 12:56:53 AM »
 

LL-user

  • I come here a lot
  • *****
  • 447
    Posts
  • Country: 00
  • Reputation: 213
  • Linux Lite Member

  • Linux Lite: 2.8 64bit
Is this a problem in LL 3.0? http://news.softpedia.com/news/canonical-patches-seven-linux-kernel-vulnerabilities-in-ubuntu-16-04-update-now-505720.shtml I have been looking for something about a kernel update when I install updates every day since I read about this.  :-\

Quote
Today, June 27, 2016, Canonical has published a new security notice to inform users of the Ubuntu 16.04 LTS (Xenial Xerus) operating system about the availability of an important kernel update. According to Ubuntu Security Notice USN-3016-1, a total of seven Linux kernel vulnerabilities have been discovered and fixed in the upstream Linux 4.4 LTS kernel by various developers. Therefore, Canonical has updated the kernel packages for its Ubuntu 16.04 LTS (Xenial Xerus) release to version linux-image-4.4.0-28 (4.4.0-28.47).
...

Hi Coastie,

Referring to your quote, you can see that the patched kernel. i.e. the one with the vulnerabilities fixed is linux-image-4.4.0-28 (4.4.0-28.47) which you seemed to have installed :)
 

Re: Kernel Vulnerabilities in Ubuntu 16.04
« Reply #8 on: June 30, 2016, 01:16:12 AM »
 

Jerry

  • Linux Lite Creator
  • Administrator
  • Platinum Level Poster
  • *****
  • 7071
    Posts
  • Country: nz
  • Reputation: 662
  • Linux Lite Member
    • Linux Lite OS

  • Linux Lite: 3.8 64bit

  • CPU: Intel Xeon Dual CPU's E5645 2.4GHz 12 Cores

  • MEMORY: 16Gb

  • VIDEO CARD: nVidia GeForce GTX 960
LLUser is correct.

Sent from my phone using Tapatalk

 

Re: Kernel Vulnerabilities in Ubuntu 16.04
« Reply #9 on: June 30, 2016, 02:24:08 AM »
 

banko

  • Forum Regular
  • ***
  • 154
    Posts
  • Country: gb
  • Reputation: 16
  • Linux Lite Member

  • Linux Lite: 4.4 64bit

  • CPU: Dual core Celeron CPU T3300 (-MCP-)

  • MEMORY: 4Gb

  • VIDEO CARD: Intel Mobile 4 Series Integrated
Thanks Jerry  :)
 

Re: Kernel Vulnerabilities in Ubuntu 16.04
« Reply #10 on: June 30, 2016, 09:40:49 AM »
 

Coastie

  • PayPal Supporter
  • Gold Level Poster
  • *****
  • 656
    Posts
  • Country: us
  • Reputation: 51
  • Linux Lite User

  • Linux Lite: 3.8 64bit

  • CPU: AMD A10-6700 (ASUS M32)

  • MEMORY: 12Gb

  • VIDEO CARD: ADM Radeon HD (integrated)
LLUser is correct.

Thanks LLUser and Jerry.  :D


Left Mac OS X for Linux in Jan 2014
 

Re: Kernel Vulnerabilities in Ubuntu 16.04
« Reply #11 on: June 30, 2016, 02:10:04 PM »
 

bfb

  • Banned
  • Occasional Poster
  • **
  • 93
    Posts
  • Country: 00
  • Reputation: 5
  • Linux Lite Member

  • Linux Lite: 3.4 64bit

  • CPU: i5

  • MEMORY: 8Gb

  • VIDEO CARD: Nvidia GeForce GTX 970
I have the 4.4.0 lite kernel but in lite 2.8.

Quote
uname -a
Linux bs-Aspire-V5-573PG 4.4.0-linuxlite #1 SMP Mon Jan 11 15:48:57 NZDT 2016 x86_64 x86_64 x86_64 GNU/Linux

Do I need to upgrade?  and how, since 2.8 is not based on the 16.04 repositories so if I do "sudo apt-get update" I will not get the new kernel, and 'sudo apt-get install linux-generic' will only install older packages...
Last Edit: June 30, 2016, 02:22:33 PM by bfb
 

Re: Kernel Vulnerabilities in Ubuntu 16.04
« Reply #12 on: July 17, 2016, 12:24:32 AM »
 

Jerry

  • Linux Lite Creator
  • Administrator
  • Platinum Level Poster
  • *****
  • 7071
    Posts
  • Country: nz
  • Reputation: 662
  • Linux Lite Member
    • Linux Lite OS

  • Linux Lite: 3.8 64bit

  • CPU: Intel Xeon Dual CPU's E5645 2.4GHz 12 Cores

  • MEMORY: 16Gb

  • VIDEO CARD: nVidia GeForce GTX 960
Those who upgraded last time, will get this automatically in their updates - http://news.softpedia.com/news/canonical-patches-linux-kernel-vulnerability-in-all-supported-ubuntu-oses-506341.shtml Those who didn't refer to Post #3 in this thread for a how to.
 

Re: Kernel Vulnerabilities in Ubuntu 16.04
« Reply #13 on: July 18, 2016, 04:38:25 PM »
 

bfb

  • Banned
  • Occasional Poster
  • **
  • 93
    Posts
  • Country: 00
  • Reputation: 5
  • Linux Lite Member

  • Linux Lite: 3.4 64bit

  • CPU: i5

  • MEMORY: 8Gb

  • VIDEO CARD: Nvidia GeForce GTX 970
That works for those on Lite 3.0 as I am on one machine.
I doesn't answer my query on how to get the latest 4.4 kernel if you are on 2.8, which is the case with another of my machines which has the 4.4 lite kernel ..
 

Re: Kernel Vulnerabilities in Ubuntu 16.04
« Reply #14 on: July 18, 2016, 05:19:10 PM »
 

torreydale

  • PayPal Supporter
  • Platinum Level Poster
  • *****
  • 1483
    Posts
  • Country: us
  • Reputation: 242
  • * Forum Moderator *

  • Linux Lite: 4.6 64bit

  • CPU: Intel Core i5-5300U (-HT-MCP-)

  • MEMORY: 8Gb

  • VIDEO CARD: Intel Broadwell-U Integrated Graphics
4.4.0 is not 4.4.0-28.  And as you stated, you are on LL 2.8 instead of LL 3.0.  So based on the announcement, it appears that you don't have the same exposure to the vulnerabilities.
Want to thank me?  Click my [Thank] link.
 


Tags:
 


Linux Lite 4.6 Final has been released. See the Release Announcements section for more information.