Overview John and Georgia are at the Linux Security Summit presenting on some long awaited developments in AppArmor and we give you all the details in a sneak peek preview as well as some of the other talks to look out for, plus we cover security updates for NSS, Squid, Apache, libvirt and more and we put out a call for testing of a pending AppArmor security fix too. This week in Ubuntu Security Updates 86 unique CVEs addressed [USN-6727-1, USN-6727-2] NSS vulnerabilities + regression (01:02) 3 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS), Mantic (23.10) CVE-2023-6135 CVE-2023-5388 ..read more

Overview This week we cover the recent reports of a new local privilege escalation exploit against the Linux kernel, follow-up on the xz-utils backdoor from last week and it’s the beta release of Ubuntu 24.04 LTS - plus we talk security vulnerabilities in the X Server, Django, util-linux and more. This week in Ubuntu Security Updates 76 unique CVEs addressed [LSN-0102-1] Linux kernel vulnerability (00:53) 6 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic ESM (18.04 ESM), Focal (20.04 LTS), Jammy (22.04 LTS) CVE-2024-1086 CVE-2024-0646 CVE-2023-51781 CVE-2023-6176 CVE ..read more

Overview It’s been an absolutely manic week in the Linux security community as the news and reaction to the recent announcement of a backdoor in the xz-utils project was announced late last week, so we dive deep into this issue and discuss how it impacts Ubuntu and give some insights for what this means for the open source and Linux communities in the future. This week in Ubuntu Security Updates 20 unique CVEs addressed [USN-6718-2] curl vulnerability 1 CVEs addressed in Xenial ESM (16.04 ESM), Bionic ESM (18.04 ESM) CVE-2024-2398 [USN-6719-1] util-linux vulnerability 1 CVEs addressed in ..read more

Overview We cover recent Linux malware from the Magnet Goblin threat actor, plus the news of Ubuntu 23.10 as a target in Pwn2Own Vancouver 2024 and we detail vulnerabilities in Puma, AccountsService, Open vSwitch, OVN, and more. This week in Ubuntu Security Updates 102 unique CVEs addressed [USN-6679-1] FRR vulnerability (01:11) 1 CVEs addressed in Jammy (22.04 LTS), Mantic (23.10) CVE-2024-27913 OOB read when parsing a malformed OSPF LSA packet - would try and access attributes fields even if none where present [LSN-0101-1] Linux kernel vulnerability (01:50) 5 CVEs addressed in Trusty E ..read more

Overview Andrei is back to discuss recent academic research into malware within the Python/PyPI ecosystem and whether it is possible to effectively combat it with open source tooling, plus we cover security updates for Unbound, libuv, node.js, the Linux kernel, libgit2 and more. This week in Ubuntu Security Updates 56 unique CVEs addressed [USN-6665-1] Unbound vulnerabilities (00:50) 2 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS), Mantic (23.10) CVE-2023-50868 CVE-2023-50387 Another update for recent vulns discovered in DNSSEC standard - [USN-6633-1] Bind vulnerabilities from Epi ..read more

Overview The Linux kernel.org CNA has assigned their first CVEs so we revisit this topic to assess the initial impact on Ubuntu and the CVE ecosystem, plus we cover security updates for Roundcube Webmail, less, GNU binutils and the Linux kernel itself. This week in Ubuntu Security Updates 64 unique CVEs addressed [USN-6647-1] Linux kernel vulnerabilities (01:14) 3 CVEs addressed in Xenial ESM (16.04 ESM), Bionic ESM (18.04 ESM) CVE-2023-7192 CVE-2023-51782 CVE-2023-51780 4.15 - AWS/Azure/GCP/HWE/KVM/Oracle Memory leak in netfilter able to be abused via an unprivileged user namespace - DoS ..read more

Overview This week the Linux kernel project announced they will be assigning their own CVEs so we discuss the possible implications and fallout from such a shift, plus we cover vulnerabilities in the kernel, Glance_store, WebKitGTK, Bind and more. This week in Ubuntu Security Updates 64 unique CVEs addressed [LSN-0100-1] Linux kernel vulnerability (00:56) 5 CVEs addressed in Jammy (22.04 LTS), Focal (20.04 LTS), Bionic ESM (18.04 ESM), Xenial ESM (16.04 ESM), Trusty ESM (14.04 ESM) CVE-2023-6932 CVE-2023-6817 CVE-2023-6176 CVE-2023-6040 CVE-2023-5345 UAF in IGMP protocol ([USN-6601-1] Linu ..read more

Overview AppArmor unprivileged user namespace restrictions are back on the agenda this week as we survey the latest improvements to this hardening feature in the upcoming Ubuntu 24.04 LTS, plus we discuss SMTP smuggling in Postfix, runC container escapes and Qualys’ recent disclosure of a privilege escalation exploit for GNU libc and more. This week in Ubuntu Security Updates 39 unique CVEs addressed [USN-6591-2] Postfix update (00:48) 1 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic ESM (18.04 ESM), Focal (20.04 LTS), Jammy (22.04 LTS), Mantic (23.10) CVE-2023-5176 ..read more

Overview For the first episode of 2024 we take a look at the case of a raft of bogus FOSS CVEs reported on full-disclosure as well as AppSec tools in Ubuntu and the EOL announcement for 23.04, plus we cover vulnerabilities in the Linux kernel, Puma, Paramiko and more. This week in Ubuntu Security Updates 81 unique CVEs addressed [USN-6601-1] Linux kernel vulnerability (01:16) 1 CVEs addressed in Trusty ESM (14.04 ESM) CVE-2023-6932 UAF in IGMP protocol (allows multiple devices to share the same IPv4 address and hence all receive the same data via multicasting - often used for things like v ..read more

Overview For the final episode of 2023 we discuss creating PoCs for vulns in tar and the looming EOL for Ubuntu 23.04, plus we look into security updates for curl, BlueZ, Netatalk, GNOME Settings and a heap more. This week in Ubuntu Security Updates 57 unique CVEs addressed [USN-6535-1] curl vulnerabilities (00:54) 2 CVEs addressed in Focal (20.04 LTS), Jammy (22.04 LTS), Lunar (23.04), Mantic (23.10) CVE-2023-46219 CVE-2023-46218 Mishandled cookies from domains with mixed case - allowing an attacker to create so called “super cookies” that would then get passed back to more domains that w ..read more