Episode 95

Episode 95

Update: 2020-11-06
Share

Description

Overview


This week we look at vulnerabilities in Samba, GDM, AccountsService, GOsa
and more, plus we cover some AppArmor related Ubuntu Security community
updates as well.


This week in Ubuntu Security Updates


26 unique CVEs addressed


[USN-4552-3] Pam-python regression [00:40 ]



  • 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS)


  • Original update (Episode 92 - bionic), (Episode 94 - xenial) caused was
    too restrictive and would disallow PAM modules written in python from
    importing python modules from site-specific directories


[USN-4609-1] GOsa vulnerabilities [01:18 ]



  • 3 CVEs addressed in Xenial (16.04 LTS)


  • PHP based LDAP user admin frontend

  • XSS attacks via the change password form

  • Could login to any account with a username containing “success” with any
    arbitrary password

  • Cookie mishandling allowed an authenticated user to delete files on the
    web server in the context of the user account running the web server


[USN-4610-1] fastd vulnerability [02:11 ]



  • 1 CVEs addressed in Focal (20.04 LTS)


  • Fast & secure tunnelling daemon

  • Failed to free rx buffers in certain circumstances - memory leak -> DoS


[USN-4611-1] Samba vulnerabilities [02:29 ]



  • 3 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)


  • 2 different DoS issues - remote attacker could cause DNS server to crash
    by supplying invalid DNS records, or could cause winbind to crash via
    crafted winbind requests

  • Failed to check permissions on ChangeNotify - so an attacker could
    subscribe to get notifications on files they did not have permission to
    read - and so leaks file info


[USN-4605-2] Blueman update [03:22 ]



  • 1 CVEs addressed in Focal (20.04 LTS), Groovy (20.10)


  • Episode 94 - this includes additional fix so that on focal and groovy
    policykit is used to authenticate privileged actions


[USN-4614-1] GDM vulnerability [03:55 ]



  • 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)


  • Kevin Backhouse - discovered 3 vulnerabilities - one in GDM, 2 in
    AccountsService

  • GDM incorrectly launched the initial setup tool if it could not reach the
    accountsservice daemon

  • If could cause accountsservice to be unresponsive, could get GDM to
    luanch initial setup tool which then allows a local user to create a
    privileged users account

  • But requires accountsservice to be unresponsive…


[USN-4616-1] AccountsService vulnerabilities [05:00 ]



  • 3 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10)


  • Drops privileges for certain operations but does so where a local
    unprivileged user can send it SIGSTOP signal - is now unresponsive - so
    could allow the GDM attack above - or could cause it to crash (send
    SIGSEGV etc)

  • Also would exhaust all memory when reading .pam_environment if it was
    really large (ie symlink to /dev/zero) - again could cause it to hang /
    crash -> DoS


[USN-4613-1] python-cryptography vulnerability [06:34 ]



[USN-4615-1] Yerase’s TNEF vulnerabilities [07:23 ]



Goings on in Ubuntu Security Community


AppArmor 3.0.1 being prepared [08:22 ]



  • Includes fixes for various application profiles as well as a fix to stop
    aa-notify from exiting after 100s of no activity


Securing Linux Machines with AppArmor Webinar [08:57 ]



  • https://www.brighttalk.com/webcast/6793/440491

  • Currently scheduled for Mon 16th Nov at 16:00 UTC

  • Presented by Mike Salvatore - who also wrote the Introduction to AppArmor whitepaper

  • Will cover:

    • Why a ‘defence in depth’ strategy should be employed to mitigate the
      potential damage caused by a breach

    • An explanation of AppArmor, its key features and why the principle of
      least privilege is recommended

    • The use of AppArmor in Ubuntu and snaps




Get in contact


Comments 
In Channel
Episode 115

Episode 115

2021-05-1412:44

Episode 114

Episode 114

2021-05-0612:44

Episode 113

Episode 113

2021-04-3016:28

Episode 112

Episode 112

2021-04-1614:37

Episode 111

Episode 111

2021-04-0812:10

Episode 110

Episode 110

2021-04-0113:57

Episode 109

Episode 109

2021-03-2608:16

Episode 108

Episode 108

2021-03-1911:48

Episode 107

Episode 107

2021-03-1212:04

Episode 106

Episode 106

2021-03-0414:00

Episode 105

Episode 105

2021-02-2517:03

Episode 104

Episode 104

2021-02-1914:18

Episode 103

Episode 103

2021-02-1213:14

Episode 102

Episode 102

2021-02-0512:26

Episode 101

Episode 101

2021-01-2827:25

Episode 100

Episode 100

2020-12-1117:46

Episode 99

Episode 99

2020-12-0418:35

Episode 98

Episode 98

2020-11-2713:54

Episode 97

Episode 97

2020-11-2115:11

Episode 96

Episode 96

2020-11-1307:41

loading
Download from Google Play
Download from App Store
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Episode 95

Episode 95

Ubuntu Security Team