SK-CERT Bezpečnostné varovanie V20240809-07

Dôležitosť Kritická
Klasifikácia Neutajované/TLP:CLEAR
CVSS Skóre
 9.1
Identifikátor
Linux Ubuntu – dve kritické bezpečnostné zraniteľnosti
Popis
Vývojári Linux distribúcie Ubuntu vydali bezpečnostnú aktualizáciu svojho produktu, ktorá opravuje viacero bezpečnostných zraniteľností.
Najzávažnejšia bezpečnostná zraniteľnosť s identifikátorom CVE-2022-28805 sa nachádza v balíčku Lua, spočíva v nedostatočnej implementácii bezpečnostných mechanizmov a umožňuje vzdialenému, neautentifikovanému útočníkovi prostredníctvom pretečenia zásobníka vykonať škodlivý kód s následkom úplného narušenia dôvernosti a dostupnosti systému.
Zneužitím ostatných bezpečnostných zraniteľností možno získať neoprávnený prístup k citlivým údajom, vykonať neoprávnené zmeny v systéme, spôsobiť zneprístupnenie služby, eskalovať privilégiá a vykonať škodlivý kód.
Zneužitie niektorých zraniteľností vyžaduje interakciu používateľa.
Dátum prvého zverejnenia varovania
4.8.2024
CVE
CVE-2022-33099, CVE-2022-28805, CVE-2024-26711, CVE-2024-26923, CVE-2024-26822, CVE-2024-26665, CVE-2024-26715, CVE-2024-26798, CVE-2024-26666, CVE-2024-26679, CVE-2024-26825, CVE-2024-26826, CVE-2024-26707, CVE-2024-0841, CVE-2024-23307, CVE-2024-26700, CVE-2024-26736, CVE-2024-26792, CVE-2024-26602, CVE-2024-26735, CVE-2024-26694, CVE-2024-26677, CVE-2023-52643, CVE-2024-26708, CVE-2024-26920, CVE-2023-52880, CVE-2024-26674, CVE-2024-26680, CVE-2024-26802, CVE-2024-26593, CVE-2024-26919, CVE-2024-26889, CVE-2024-26748, CVE-2024-26675, CVE-2024-26910, CVE-2024-26820, CVE-2024-26667, CVE-2024-26698, CVE-2024-26829, CVE-2024-26838, CVE-2024-26712, CVE-2024-26703, CVE-2024-26898, CVE-2024-26697, CVE-2024-26714, CVE-2024-26818, CVE-2024-26685, CVE-2024-26733, CVE-2024-1151, CVE-2024-26782, CVE-2024-26660, CVE-2024-26606, CVE-2023-52645, CVE-2024-26603, CVE-2024-26642, CVE-2024-26717, CVE-2023-6270, CVE-2024-26659, CVE-2024-26693, CVE-2024-26917, CVE-2024-26684, CVE-2024-26662, CVE-2024-26824, CVE-2024-26695, CVE-2024-24861, CVE-2024-26601, CVE-2024-26890, CVE-2023-52642, CVE-2024-26663, CVE-2024-26830, CVE-2024-26664, CVE-2024-27416, CVE-2024-26719, CVE-2024-26600, CVE-2024-26681, CVE-2024-26720, CVE-2023-52637, CVE-2024-26726, CVE-2024-35833, CVE-2024-26691, CVE-2024-26828, CVE-2024-26710, CVE-2024-26916, CVE-2024-26789, CVE-2024-26661, CVE-2024-26926, CVE-2024-26723, CVE-2024-26716, CVE-2024-26803, CVE-2024-26922, CVE-2023-52631, CVE-2024-26696, CVE-2024-26831, CVE-2024-26718, CVE-2024-26689, CVE-2023-52638, CVE-2024-26676, CVE-2024-26790, CVE-2024-26734, CVE-2024-26722, CVE-2024-26702, CVE-2024-26688, CVE-2020-9484, CVE-2021-41079, CVE-2022-29885, CVE-2022-23181, CVE-2021-25122, CVE-2024-1975, CVE-2024-1737, CVE-2024-35997, CVE-2024-36902, CVE-2023-52620, CVE-2024-24858, CVE-2024-36016, CVE-2024-35984, CVE-2023-52435, CVE-2024-25744, CVE-2024-26884, CVE-2024-35978, CVE-2024-24857, CVE-2024-26901, CVE-2024-25739, CVE-2023-46343, CVE-2023-52752, CVE-2023-52443, CVE-2024-35982, CVE-2023-52449, CVE-2023-52436, CVE-2024-26886, CVE-2024-27020, CVE-2023-52444, CVE-2024-27013, CVE-2024-26934, CVE-2023-52469, CVE-2024-26857, CVE-2024-26882, CVE-2024-26840, CVE-2024-24859, CVE-2023-52159, CVE-2024-4032, CVE-2024-1724, CVE-2024-29068, CVE-2024-29069, CVE-2024-39929, CVE-2015-4852, CVE-2021-47194, CVE-2021-46960, CVE-2021-46933, CVE-2021-46932, CVE-2022-48619, CVE-2024-4741, CVE-2024-2511, CVE-2024-5535, CVE-2024-4603, CVE-2023-40577, CVE-2024-21165, CVE-2024-21171, CVE-2024-20996, CVE-2024-21173, CVE-2024-21179, CVE-2024-21130, CVE-2024-21185, CVE-2024-21162, CVE-2024-21142, CVE-2024-21125, CVE-2024-21163, CVE-2024-21127, CVE-2024-21177, CVE-2024-21129, CVE-2024-21134, CVE-2021-42388, CVE-2021-43305, CVE-2021-42387, CVE-2024-21140, CVE-2024-21131, CVE-2024-21147, CVE-2024-21138, CVE-2024-21145, CVE-2024-21144, CVE-2024-0397, CVE-2024-26907, CVE-2024-26583, CVE-2021-47131, CVE-2024-26584, CVE-2022-48655, CVE-2024-26585, CVE-2024-35785, CVE-2024-26994, CVE-2024-35823, CVE-2024-36007, CVE-2024-35851, CVE-2024-35930, CVE-2024-27437, CVE-2024-26687, CVE-2024-26813, CVE-2024-26999, CVE-2024-26977, CVE-2024-27017, CVE-2024-26966, CVE-2024-36006, CVE-2024-35849, CVE-2024-27009, CVE-2024-35910, CVE-2024-35822, CVE-2024-35940, CVE-2024-26811, CVE-2024-35912, CVE-2024-26988, CVE-2024-26937, CVE-2024-35855, CVE-2024-35872, CVE-2024-35970, CVE-2024-35969, CVE-2024-26996, CVE-2024-35897, CVE-2024-35789, CVE-2024-35871, CVE-2024-35934, CVE-2024-35825, CVE-2024-27001, CVE-2024-35989, CVE-2024-35907, CVE-2024-35806, CVE-2024-35990, CVE-2022-48808, CVE-2024-27004, CVE-2024-26817, CVE-2024-35819, CVE-2024-25742, CVE-2024-26964, CVE-2024-35890, CVE-2024-26957, CVE-2024-26993, CVE-2024-36004, CVE-2024-26956, CVE-2024-26960, CVE-2024-26973, CVE-2024-35885, CVE-2024-35854, CVE-2024-26989, CVE-2024-35886, CVE-2024-27395, CVE-2024-26955, CVE-2024-35888, CVE-2024-27016, CVE-2024-35933, CVE-2024-27019, CVE-2024-35902, CVE-2024-26974, CVE-2024-26984, CVE-2024-26961, CVE-2024-35922, CVE-2024-35915, CVE-2024-26952, CVE-2024-26976, CVE-2024-36020, CVE-2024-36029, CVE-2024-36008, CVE-2024-26931, CVE-2024-26965, CVE-2024-27059, CVE-2024-35898, CVE-2024-35988, CVE-2024-27393, CVE-2024-35809, CVE-2024-35821, CVE-2024-35938, CVE-2024-26969, CVE-2024-35884, CVE-2024-35796, CVE-2024-26958, CVE-2024-35950, CVE-2024-35960, CVE-2024-35905, CVE-2024-35955, CVE-2024-36025, CVE-2023-52699, CVE-2024-26924, CVE-2024-35918, CVE-2024-26929, CVE-2024-35895, CVE-2024-35925, CVE-2024-35944, CVE-2024-26814, CVE-2024-35805, CVE-2024-26654, CVE-2024-35857, CVE-2024-35853, CVE-2024-35936, CVE-2024-35900, CVE-2024-35958, CVE-2024-26981, CVE-2024-35807, CVE-2024-35935, CVE-2024-35791, CVE-2024-35813, CVE-2024-26812, CVE-2024-27015, CVE-2022-38096, CVE-2024-26810, CVE-2024-26935, CVE-2024-35804, CVE-2024-35815, CVE-2024-27000, CVE-2023-52488, CVE-2024-35976, CVE-2024-35879, CVE-2024-35899, CVE-2024-36005, CVE-2024-35973, CVE-2024-26950, CVE-2024-26925, CVE-2024-35817, CVE-2024-27008, CVE-2024-27396, CVE-2024-35893, CVE-2024-35847, CVE-2024-35896, CVE-2024-27018, CVE-2024-26951, CVE-2024-35852, CVE-2024-26970, CVE-2024-26643, CVE-2024-35877, CVE-2024-26629, CVE-2024-35992, CVE-2018-3613, CVE-2018-12183, CVE-2019-0160, CVE-2017-5731, CVE-2018-12182
IOC
Zasiahnuté systémy
Ubuntu 24.04
gross – 1.0.2-4ubuntu0.24.04.1
python3.12 – 3.12.3-1ubuntu0.1
python3.12-minimal – 3.12.3-1ubuntu0.1
snapd – 2.63+24.04ubuntu0.1
exim4 – 4.97-4ubuntu4.1
exim4-base – 4.97-4ubuntu4.1
eximon4 – 4.97-4ubuntu4.1
libssl3t64 – 3.0.13-0ubuntu3.2
mysql-server-8.0 – 8.0.39-0ubuntu0.24.04.1
openjdk-17-jdk – 17.0.12+7-1ubuntu2~24.04
openjdk-17-jdk-headless – 17.0.12+7-1ubuntu2~24.04
openjdk-17-jre – 17.0.12+7-1ubuntu2~24.04
openjdk-17-jre-headless – 17.0.12+7-1ubuntu2~24.04
openjdk-17-jre-zero – 17.0.12+7-1ubuntu2~24.04
openjdk-11-jdk – 11.0.24+8-1ubuntu3~24.04.1
openjdk-11-jdk-headless – 11.0.24+8-1ubuntu3~24.04.1
openjdk-11-jre – 11.0.24+8-1ubuntu3~24.04.1
openjdk-11-jre-headless – 11.0.24+8-1ubuntu3~24.04.1
openjdk-11-jre-zero – 11.0.24+8-1ubuntu3~24.04.1
openjdk-8-jdk – 8u422-b05-1~24.04
openjdk-8-jdk-headless – 8u422-b05-1~24.04
openjdk-8-jre – 8u422-b05-1~24.04
openjdk-8-jre-headless – 8u422-b05-1~24.04
openjdk-8-jre-zero – 8u422-b05-1~24.04
linux-image-6.8.0-39-lowlatency – 6.8.0-39.39.1
linux-image-6.8.0-39-lowlatency-64k – 6.8.0-39.39.1
linux-image-lowlatency – 6.8.0-39.39.1
linux-image-lowlatency-64k – 6.8.0-39.39.1
linux-image-6.8.0-1007-gke – 6.8.0-1007.10
linux-image-6.8.0-1008-raspi – 6.8.0-1008.8
linux-image-6.8.0-1009-ibm – 6.8.0-1009.9
linux-image-6.8.0-1009-oem – 6.8.0-1009.9
linux-image-6.8.0-1010-nvidia – 6.8.0-1010.10
linux-image-6.8.0-1010-nvidia-64k – 6.8.0-1010.10
linux-image-6.8.0-1011-gcp – 6.8.0-1011.12
linux-image-6.8.0-1012-aws – 6.8.0-1012.13
linux-image-6.8.0-39-generic – 6.8.0-39.39
linux-image-6.8.0-39-generic-64k – 6.8.0-39.39
linux-image-aws – 6.8.0-1012.13
linux-image-gcp – 6.8.0-1011.12
linux-image-generic – 6.8.0-39.39
linux-image-generic-64k – 6.8.0-39.39
linux-image-generic-64k-hwe-24.04 – 6.8.0-39.39
linux-image-generic-hwe-24.04 – 6.8.0-39.39
linux-image-generic-lpae – 6.8.0-39.39
linux-image-gke – 6.8.0-1007.10
linux-image-ibm – 6.8.0-1009.9
linux-image-ibm-classic – 6.8.0-1009.9
linux-image-ibm-lts-24.04 – 6.8.0-1009.9
linux-image-kvm – 6.8.0-39.39
linux-image-nvidia – 6.8.0-1010.10
linux-image-nvidia-64k – 6.8.0-1010.10
linux-image-oem-24.04 – 6.8.0-1009.9
linux-image-oem-24.04a – 6.8.0-1009.9
linux-image-raspi – 6.8.0-1008.8
linux-image-virtual – 6.8.0-39.39
linux-image-virtual-hwe-24.04 – 6.8.0-39.39

Ubuntu 22.04
lua5.4 – 5.4.4-1ubuntu0.1~esm1 (dostupné pre Ubuntu Pro)
linux-image-6.5.0-1027-oem – 6.5.0-1027.28
linux-image-oem-22.04 – 6.5.0.1027.29
linux-image-oem-22.04a – 6.5.0.1027.29
linux-image-oem-22.04b – 6.5.0.1027.29
linux-image-oem-22.04c – 6.5.0.1027.29
linux-image-oem-22.04d – 6.5.0.1027.29
tomcat9-docs – 9.0.58-1ubuntu0.1+esm2 (dostupné pre Ubuntu Pro)
gross – 1.0.2-4ubuntu0.22.04.1
linux-image-6.5.0-45-lowlatency – 6.5.0-45.45.1~22.04.1
linux-image-6.5.0-45-lowlatency-64k – 6.5.0-45.45.1~22.04.1
linux-image-lowlatency-64k-hwe-22.04 – 6.5.0.45.45.1~22.04.1
linux-image-lowlatency-hwe-22.04 – 6.5.0.45.45.1~22.04.1
snapd – 2.63+22.04ubuntu0.1
exim4 – 4.95-4ubuntu2.6
exim4-base – 4.95-4ubuntu2.6
eximon4 – 4.95-4ubuntu2.6
libssl3 – 3.0.2-0ubuntu1.17
golang-github-prometheus-alertmanager-dev – 0.23.0-4ubuntu0.2+esm1
prometheus-alertmanager – 0.23.0-4ubuntu0.2+esm1
mysql-server-8.0 – 8.0.39-0ubuntu0.22.04.1
openjdk-17-jdk – 17.0.12+7-1ubuntu2~22.04
openjdk-17-jdk-headless – 17.0.12+7-1ubuntu2~22.04
openjdk-17-jre – 17.0.12+7-1ubuntu2~22.04
openjdk-17-jre-headless – 17.0.12+7-1ubuntu2~22.04
openjdk-17-jre-zero – 17.0.12+7-1ubuntu2~22.04
openjdk-11-jdk – 11.0.24+8-1ubuntu3~22.04
openjdk-11-jdk-headless – 11.0.24+8-1ubuntu3~22.04
openjdk-11-jre – 11.0.24+8-1ubuntu3~22.04
openjdk-11-jre-headless – 11.0.24+8-1ubuntu3~22.04
openjdk-11-jre-zero – 11.0.24+8-1ubuntu3~22.04
openjdk-8-jdk – 8u422-b05-1~22.04
openjdk-8-jdk-headless – 8u422-b05-1~22.04
openjdk-8-jre – 8u422-b05-1~22.04
openjdk-8-jre-headless – 8u422-b05-1~22.04
openjdk-8-jre-zero – 8u422-b05-1~22.04
python3.10 – 3.10.12-1~22.04.5
python3.10-minimal – 3.10.12-1~22.04.5
linux-image-5.15.0-1059-ibm – 5.15.0-1059.62
linux-image-5.15.0-1059-raspi – 5.15.0-1059.62
linux-image-ibm – 5.15.0.1059.55
linux-image-raspi – 5.15.0.1059.57
linux-image-raspi-nolpae – 5.15.0.1059.57
linux-image-5.15.0-1049-gkeop – 5.15.0-1049.56
linux-image-5.15.0-1061-intel-iotg – 5.15.0-1061.67
linux-image-5.15.0-1061-nvidia – 5.15.0-1061.62
linux-image-5.15.0-1061-nvidia-lowlatency – 5.15.0-1061.62
linux-image-5.15.0-1063-gke – 5.15.0-1063.69
linux-image-5.15.0-1063-kvm – 5.15.0-1063.68
linux-image-5.15.0-1064-oracle – 5.15.0-1064.70
linux-image-5.15.0-1065-gcp – 5.15.0-1065.73
linux-image-5.15.0-1066-aws – 5.15.0-1066.72
linux-image-5.15.0-117-generic – 5.15.0-117.127
linux-image-5.15.0-117-generic-64k – 5.15.0-117.127
linux-image-5.15.0-117-generic-lpae – 5.15.0-117.127
linux-image-5.15.0-117-lowlatency – 5.15.0-117.127
linux-image-5.15.0-117-lowlatency-64k – 5.15.0-117.127
linux-image-aws-lts-22.04 – 5.15.0.1066.66
linux-image-gcp-lts-22.04 – 5.15.0.1065.61
linux-image-generic – 5.15.0.117.117
linux-image-generic-64k – 5.15.0.117.117
linux-image-generic-lpae – 5.15.0.117.117
linux-image-gke – 5.15.0.1063.62
linux-image-gke-5.15 – 5.15.0.1063.62
linux-image-gkeop – 5.15.0.1049.48
linux-image-gkeop-5.15 – 5.15.0.1049.48
linux-image-intel-iotg – 5.15.0.1061.61
linux-image-kvm – 5.15.0.1063.59
linux-image-lowlatency – 5.15.0.117.107
linux-image-lowlatency-64k – 5.15.0.117.107
linux-image-nvidia – 5.15.0.1061.61
linux-image-nvidia-lowlatency – 5.15.0.1061.61
linux-image-oracle-lts-22.04 – 5.15.0.1064.60
linux-image-virtual – 5.15.0.117.117
linux-image-6.5.0-1024-nvidia – 6.5.0-1024.25
linux-image-6.5.0-1024-nvidia-64k – 6.5.0-1024.25
linux-image-nvidia-6.5 – 6.5.0.1024.32
linux-image-nvidia-64k-6.5 – 6.5.0.1024.32
linux-image-nvidia-64k-hwe-22.04 – 6.5.0.1024.32
linux-image-nvidia-hwe-22.04 – 6.5.0.1024.32

Ubuntu 20.04
libtomcat9-java – 9.0.31-1ubuntu0.6
tomcat9 – 9.0.31-1ubuntu0.6
tomcat9-docs – 9.0.31-1ubuntu0.6
gross – 1.0.2-4ubuntu0.20.04.1
snapd – 2.63+20.04ubuntu0.1
exim4 – 4.93-13ubuntu1.12
exim4-base – 4.93-13ubuntu1.12
eximon4 – 4.93-13ubuntu1.12
libssl1.1 – 1.1.1f-1ubuntu2.23
golang-github-prometheus-alertmanager-dev – 0.15.3+ds-3ubuntu1.2
prometheus-alertmanager – 0.15.3+ds-3ubuntu1.2
mysql-server-8.0 – 8.0.39-0ubuntu0.20.04.1
clickhouse-common – 18.16.1+ds-7ubuntu0.1
clickhouse-server – 18.16.1+ds-7ubuntu0.1
clickhouse-tools – 18.16.1+ds-7ubuntu0.1
openjdk-17-jdk – 17.0.12+7-1ubuntu2~20.04
openjdk-17-jdk-headless – 17.0.12+7-1ubuntu2~20.04
openjdk-17-jre – 17.0.12+7-1ubuntu2~20.04
openjdk-17-jre-headless – 17.0.12+7-1ubuntu2~20.04
openjdk-17-jre-zero – 17.0.12+7-1ubuntu2~20.04
openjdk-11-jdk – 11.0.24+8-1ubuntu3~20.04
openjdk-11-jdk-headless – 11.0.24+8-1ubuntu3~20.04
openjdk-11-jre – 11.0.24+8-1ubuntu3~20.04
openjdk-11-jre-headless – 11.0.24+8-1ubuntu3~20.04
openjdk-11-jre-zero – 11.0.24+8-1ubuntu3~20.04
openjdk-8-jdk – 8u422-b05-1~20.04
openjdk-8-jdk-headless – 8u422-b05-1~20.04
openjdk-8-jre – 8u422-b05-1~20.04
openjdk-8-jre-headless – 8u422-b05-1~20.04
openjdk-8-jre-zero – 8u422-b05-1~20.04
python3.8 – 3.8.10-0ubuntu1~20.04.11
python3.8-minimal – 3.8.10-0ubuntu1~20.04.11
linux-image-5.4.0-1129-aws – 5.4.0-1129.139
linux-image-aws-lts-20.04 – 5.4.0.1129.126
linux-gcp-5.15
linux-image-5.15.0-1059-ibm – 5.15.0-1059.62~20.04.1
linux-image-5.15.0-1066-aws – 5.15.0-1066.72~20.04.1
linux-image-aws – 5.15.0.1066.72~20.04.1
linux-image-ibm – 5.15.0.1059.62~20.04.1
linux-image-5.4.0-1041-iot – 5.4.0-1041.42
linux-image-5.4.0-1048-xilinx-zynqmp – 5.4.0-1048.52
linux-image-5.4.0-1076-ibm – 5.4.0-1076.81
linux-image-5.4.0-1089-bluefield – 5.4.0-1089.96
linux-image-5.4.0-1096-gkeop – 5.4.0-1096.100
linux-image-5.4.0-1113-raspi – 5.4.0-1113.125
linux-image-5.4.0-1117-kvm – 5.4.0-1117.124
linux-image-5.4.0-1133-gcp – 5.4.0-1133.142
linux-image-5.4.0-1134-azure – 5.4.0-1134.141
linux-image-5.4.0-190-generic – 5.4.0-190.210
linux-image-5.4.0-190-generic-lpae – 5.4.0-190.210
linux-image-5.4.0-190-lowlatency – 5.4.0-190.210
linux-image-azure-lts-20.04 – 5.4.0.1134.128
linux-image-bluefield – 5.4.0.1089.85
linux-image-gcp-lts-20.04 – 5.4.0.1133.135
linux-image-generic – 5.4.0.190.188
linux-image-generic-lpae – 5.4.0.190.188
linux-image-gkeop – 5.4.0.1096.94
linux-image-gkeop-5.4 – 5.4.0.1096.94
linux-image-ibm-lts-20.04 – 5.4.0.1076.105
linux-image-kvm – 5.4.0.1117.113
linux-image-lowlatency – 5.4.0.190.188
linux-image-oem – 5.4.0.190.188
linux-image-oem-osp1 – 5.4.0.190.188
linux-image-raspi – 5.4.0.1113.143
linux-image-raspi2 – 5.4.0.1113.143
linux-image-virtual – 5.4.0.190.188
linux-image-xilinx-zynqmp – 5.4.0.1048.48
linux-image-5.15.0-1049-gkeop – 5.15.0-1049.56~20.04.1
linux-image-5.15.0-1061-intel-iotg – 5.15.0-1061.67~20.04.1
linux-image-5.15.0-117-generic – 5.15.0-117.127~20.04.1
linux-image-5.15.0-117-generic-64k – 5.15.0-117.127~20.04.1
linux-image-5.15.0-117-generic-lpae – 5.15.0-117.127~20.04.1
linux-image-5.15.0-117-lowlatency – 5.15.0-117.127~20.04.1
linux-image-5.15.0-117-lowlatency-64k – 5.15.0-117.127~20.04.1
linux-image-generic-64k-hwe-20.04 – 5.15.0.117.127~20.04.1
linux-image-generic-hwe-20.04 – 5.15.0.117.127~20.04.1
linux-image-generic-lpae-hwe-20.04 – 5.15.0.117.127~20.04.1
linux-image-gkeop-5.15 – 5.15.0.1049.56~20.04.1
linux-image-intel – 5.15.0.1061.67~20.04.1
linux-image-intel-iotg – 5.15.0.1061.67~20.04.1
linux-image-lowlatency-64k-hwe-20.04 – 5.15.0.117.127~20.04.1
linux-image-lowlatency-hwe-20.04 – 5.15.0.117.127~20.04.1
linux-image-oem-20.04 – 5.15.0.117.127~20.04.1
linux-image-oem-20.04b – 5.15.0.117.127~20.04.1
linux-image-oem-20.04c – 5.15.0.117.127~20.04.1
linux-image-oem-20.04d – 5.15.0.117.127~20.04.1
linux-image-virtual-hwe-20.04 – 5.15.0.117.127~20.04.1

Ubuntu 18.04
libtomcat8-java – 8.5.39-1ubuntu1~18.04.3+esm2 (dostupné pre Ubuntu Pro)
libtomcat9-java – 9.0.16-3ubuntu0.18.04.2+esm2 (dostupné pre Ubuntu Pro)
tomcat8 – 8.5.39-1ubuntu1~18.04.3+esm2 (dostupné pre Ubuntu Pro)
tomcat8-docs – 8.5.39-1ubuntu1~18.04.3+esm2 (dostupné pre Ubuntu Pro)
tomcat9 – 9.0.16-3ubuntu0.18.04.2+esm2 (dostupné pre Ubuntu Pro)
tomcat9-docs – 9.0.16-3ubuntu0.18.04.2+esm2 (dostupné pre Ubuntu Pro)
bind9 – 1:9.11.3+dfsg-1ubuntu1.19+esm4 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1179-azure – 4.15.0-1179.194 (dostupné pre Ubuntu Pro)
linux-image-azure-lts-18.04 – 4.15.0.1179.147 (dostupné pre Ubuntu Pro)
gross – 1.0.2-4ubuntu0.18.04.1~esm1 (dostupné pre Ubuntu Pro)
exim4 – 4.90.1-1ubuntu1.10+esm5 (dostupné pre Ubuntu Pro)
exim4-base – 4.90.1-1ubuntu1.10+esm5 (dostupné pre Ubuntu Pro)
eximon4 – 4.90.1-1ubuntu1.10+esm5 (dostupné pre Ubuntu Pro)
golang-github-prometheus-alertmanager-dev – 0.6.2+ds-3ubuntu0.1+esm1 (dostupné pre Ubuntu Pro)
prometheus-alertmanager – 0.6.2+ds-3ubuntu0.1+esm1 (dostupné pre Ubuntu Pro)
openjdk-8-jdk – 8u422-b05-1~18.04 (dostupné pre Ubuntu Pro)
openjdk-8-jdk-headless – 8u422-b05-1~18.04 (dostupné pre Ubuntu Pro)
openjdk-8-jre – 8u422-b05-1~18.04 (dostupné pre Ubuntu Pro)
openjdk-8-jre-headless – 8u422-b05-1~18.04 (dostupné pre Ubuntu Pro)
openjdk-8-jre-zero – 8u422-b05-1~18.04 (dostupné pre Ubuntu Pro)
linux-image-5.4.0-1129-aws – 5.4.0-1129.139~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-aws – 5.4.0.1129.139~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1133-oracle – 4.15.0-1133.144 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1154-kvm – 4.15.0-1154.159 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1164-gcp – 4.15.0-1164.181 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1170-aws – 4.15.0-1170.183 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-227-generic – 4.15.0-227.239 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-227-lowlatency – 4.15.0-227.239 (dostupné pre Ubuntu Pro)
linux-image-aws-lts-18.04 – 4.15.0.1170.168 (dostupné pre Ubuntu Pro)
linux-image-gcp-lts-18.04 – 4.15.0.1164.177 (dostupné pre Ubuntu Pro)
linux-image-generic – 4.15.0.227.211 (dostupné pre Ubuntu Pro)
linux-image-kvm – 4.15.0.1154.145 (dostupné pre Ubuntu Pro)
linux-image-lowlatency – 4.15.0.227.211 (dostupné pre Ubuntu Pro)
linux-image-oracle-lts-18.04 – 4.15.0.1133.138 (dostupné pre Ubuntu Pro)
linux-image-virtual – 4.15.0.227.211 (dostupné pre Ubuntu Pro)
linux-image-5.4.0-1076-ibm – 5.4.0-1076.81~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-5.4.0-1133-gcp – 5.4.0-1133.142~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-5.4.0-1134-azure – 5.4.0-1134.141~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-5.4.0-190-generic – 5.4.0-190.210~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-5.4.0-190-lowlatency – 5.4.0-190.210~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-azure – 5.4.0.1134.141~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-gcp – 5.4.0.1133.142~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-generic-hwe-18.04 – 5.4.0.190.210~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-ibm – 5.4.0.1076.81~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-lowlatency-hwe-18.04 – 5.4.0.190.210~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-oem – 5.4.0.190.210~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-oem-osp1 – 5.4.0.190.210~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-snapdragon-hwe-18.04 – 5.4.0.190.210~18.04.1 (dostupné pre Ubuntu Pro)
linux-image-virtual-hwe-18.04 – 5.4.0.190.210~18.04.1 (dostupné pre Ubuntu Pro)
ovmf – 0~20180205.c0d9813c-2ubuntu0.3+esm1 (dostupné pre Ubuntu Pro)
qemu-efi – 0~20180205.c0d9813c-2ubuntu0.3+esm1 (dostupné pre Ubuntu Pro)
qemu-efi-aarch64 – 0~20180205.c0d9813c-2ubuntu0.3+esm1 (dostupné pre Ubuntu Pro)
qemu-efi-arm – 0~20180205.c0d9813c-2ubuntu0.3+esm1 (dostupné pre Ubuntu Pro)

Ubuntu 16.04
libtomcat8-java – 8.0.32-1ubuntu1.13+esm1 (dostupné pre Ubuntu Pro)
tomcat8 – 8.0.32-1ubuntu1.13+esm1 (dostupné pre Ubuntu Pro)
gross – 1.0.2-4ubuntu0.16.04.1~esm1 (dostupné pre Ubuntu Pro)
exim4 – 4.86.2-2ubuntu2.6+esm8 (dostupné pre Ubuntu Pro)
exim4-base – 4.86.2-2ubuntu2.6+esm8 (dostupné pre Ubuntu Pro)
eximon4 – 4.86.2-2ubuntu2.6+esm8 (dostupné pre Ubuntu Pro)
linux-image-4.4.0-1135-kvm – 4.4.0-1135.145 (dostupné pre Ubuntu Pro)
linux-image-4.4.0-1172-aws – 4.4.0-1172.187 (dostupné pre Ubuntu Pro)
linux-image-4.4.0-257-generic – 4.4.0-257.291 (dostupné pre Ubuntu Pro)
linux-image-4.4.0-257-lowlatency – 4.4.0-257.291 (dostupné pre Ubuntu Pro)
linux-image-aws – 4.4.0.1172.176 (dostupné pre Ubuntu Pro)
linux-image-generic – 4.4.0.257.263 (dostupné pre Ubuntu Pro)
linux-image-generic-lts-xenial – 4.4.0.257.263 (dostupné pre Ubuntu Pro)
linux-image-kvm – 4.4.0.1135.132 (dostupné pre Ubuntu Pro)
linux-image-lowlatency – 4.4.0.257.263 (dostupné pre Ubuntu Pro)
linux-image-lowlatency-lts-xenial – 4.4.0.257.263 (dostupné pre Ubuntu Pro)
linux-image-virtual – 4.4.0.257.263 (dostupné pre Ubuntu Pro)
linux-image-virtual-lts-xenial – 4.4.0.257.263 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1133-oracle – 4.15.0-1133.144~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1164-gcp – 4.15.0-1164.181~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-1170-aws – 4.15.0-1170.183~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-227-generic – 4.15.0-227.239~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-4.15.0-227-lowlatency – 4.15.0-227.239~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-aws-hwe – 4.15.0.1170.183~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-gcp – 4.15.0.1164.181~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-generic-hwe-16.04 – 4.15.0.227.239~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-gke – 4.15.0.1164.181~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-lowlatency-hwe-16.04 – 4.15.0.227.239~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-oem – 4.15.0.227.239~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-oracle – 4.15.0.1133.144~16.04.1 (dostupné pre Ubuntu Pro)
linux-image-virtual-hwe-16.04 – 4.15.0.227.239~16.04.1 (dostupné pre Ubuntu Pro)
ovmf – 0~20160408.ffea0a2c-2ubuntu0.2+esm1 (dostupné pre Ubuntu Pro)
qemu-efi – 0~20160408.ffea0a2c-2ubuntu0.2+esm1 (dostupné pre Ubuntu Pro)

Ubuntu 14.04
linux-image-4.15.0-1179-azure – 4.15.0-1179.194~14.04.1 (dostupné pre Ubuntu Pro)
linux-image-azure – 4.15.0.1179.194~14.04.1 (dostupné pre Ubuntu Pro)
libcommons-collections3-java – 3.2.1-6ubuntu0.1~esm1 (dostupné pre Ubuntu Pro)
linux-image-4.4.0-1134-aws – 4.4.0-1134.140 (dostupné pre Ubuntu Pro)
linux-image-4.4.0-257-generic – 4.4.0-257.291~14.04.1 (dostupné pre Ubuntu Pro)
linux-image-4.4.0-257-lowlatency – 4.4.0-257.291~14.04.1 (dostupné pre Ubuntu Pro)
linux-image-aws – 4.4.0.1134.131 (dostupné pre Ubuntu Pro)
linux-image-generic-lts-xenial – 4.4.0.257.291~14.04.1 (dostupné pre Ubuntu Pro)
linux-image-lowlatency-lts-xenial – 4.4.0.257.291~14.04.1 (dostupné pre Ubuntu Pro)
linux-image-virtual-lts-xenial – 4.4.0.257.291~14.04.1 (dostupné pre Ubuntu Pro)
linux-image-3.13.0-198-generic – 3.13.0-198.249 (dostupné pre Ubuntu Pro)
linux-image-3.13.0-198-lowlatency – 3.13.0-198.249 (dostupné pre Ubuntu Pro)
linux-image-generic – 3.13.0.198.208 (dostupné pre Ubuntu Pro)
linux-image-generic-lts-quantal – 3.13.0.198.208 (dostupné pre Ubuntu Pro)
linux-image-generic-lts-raring – 3.13.0.198.208 (dostupné pre Ubuntu Pro)
linux-image-generic-lts-saucy – 3.13.0.198.208 (dostupné pre Ubuntu Pro)
linux-image-generic-lts-trusty – 3.13.0.198.208 (dostupné pre Ubuntu Pro)
linux-image-lowlatency – 3.13.0.198.208 (dostupné pre Ubuntu Pro)
linux-image-server – 3.13.0.198.208 (dostupné pre Ubuntu Pro)
linux-image-virtual – 3.13.0.198.208 (dostupné pre Ubuntu Pro)
Následky
Vykonanie škodlivého kódu
Eskalácia privilégií
Neoprávnený prístup k citlivým údajom
Neoprávnená zmena v systéme
Zneprístupnenie služby
Odporúčania
Administrátorom a používateľom odporúčame bezodkladne vykonať aktualizáciu zasiahnutých systémov.
Po odstránení zraniteľností, ktoré mohli spôsobiť vzdialené vykonanie kódu, je dobrou praxou kontrola systému a zmena všetkých hesiel a kľúčov na dotknutom systéme a aj na iných systémoch, kde sa používalo rovnaké heslo či kľúč.
Taktiež odporúčame poučiť používateľov, aby neotvárali neoverené e-mailové správy, prílohy z neznámych zdrojov a nenavštevovali nedôveryhodné webové stránky.
Zdroje
https://ubuntu.com/security/notices/USN-6927-1
https://ubuntu.com/security/notices/USN-6921-2
https://ubuntu.com/security/notices/USN-6926-1
https://ubuntu.com/security/notices/USN-6925-1
https://ubuntu.com/security/notices/USN-6924-1
https://ubuntu.com/security/notices/USN-6921-1
https://ubuntu.com/security/notices/USN-6923-1
https://ubuntu.com/security/notices/USN-6922-1
https://ubuntu.com/security/notices/USN-6920-1
https://ubuntu.com/security/notices/USN-6916-1
https://ubuntu.com/security/notices/USN-6941-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/223769
https://ubuntu.com/security/notices/USN-6940-1
https://ubuntu.com/security/notices/USN-6933-1
https://ubuntu.com/security/CVE-2022-28805
https://ubuntu.com/security/notices/USN-6895-4
https://ubuntu.com/security/notices/USN-6943-1
https://ubuntu.com/security/notices/USN-6909-2
https://ubuntu.com/security/notices/USN-6926-2
https://ubuntu.com/security/notices/USN-6942-1
https://ubuntu.com/security/notices/USN-6922-2
https://ubuntu.com/security/notices/USN-6939-1
https://ubuntu.com/security/notices/USN-6936-1
https://ubuntu.com/security/CVE-2015-4852
https://ubuntu.com/security/notices/USN-6938-1
https://ubuntu.com/security/notices/USN-6937-1
https://ubuntu.com/security/notices/USN-6935-1
https://ubuntu.com/security/notices/USN-6934-1
https://ubuntu.com/security/notices/USN-6931-1
https://ubuntu.com/security/notices/USN-6930-1
https://ubuntu.com/security/notices/USN-6929-1
https://ubuntu.com/security/notices/USN-6928-1
https://ubuntu.com/security/notices/USN-6924-2
https://ubuntu.com/security/notices/USN-6923-2

« Späť na zoznam
Aktuálne hrozby
všetky oznámenia
Odkazy