Ubuntu Secutity Notices

ghostscript regression

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10
• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

USN-3831-1 introduced a regression in Ghostscript.

Software Description

• ghostscript - PostScript and PDF interpreter

Details

USN-3831-1 fixed vulnerabilities in Ghostscript. Ghostscript 9.26 introduced a regression when used with certain options. This update fixes the problem.

Original advisory details:

It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

ghostscript - 9.26~dfsg+0-0ubuntu0.18.10.3

libgs9 - 9.26~dfsg+0-0ubuntu0.18.10.3

Ubuntu 18.04 LTS

ghostscript - 9.26~dfsg+0-0ubuntu0.18.04.3

libgs9 - 9.26~dfsg+0-0ubuntu0.18.04.3

Ubuntu 16.04 LTS

ghostscript - 9.26~dfsg+0-0ubuntu0.16.04.3

libgs9 - 9.26~dfsg+0-0ubuntu0.16.04.3

Ubuntu 14.04 LTS

ghostscript - 9.26~dfsg+0-0ubuntu0.14.04.3

libgs9 - 9.26~dfsg+0-0ubuntu0.14.04.3

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

• USN-3831-1
• LP: 1806517

openssl, openssl1.0 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10
• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

Several security issues were fixed in OpenSSL.

Software Description

• openssl - Secure Socket Layer (SSL) cryptographic library and tools
• openssl1.0 - Secure Socket Layer (SSL) cryptographic library and tools

Details

Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private DSA keys. (CVE-2018-0734)

Samuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-0735)

Billy Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola Tuveri, and Alejandro Cabrera Aldaya discovered that Simultaneous Multithreading (SMT) architectures are vulnerable to side-channel leakage. This issue is known as "PortSmash". An attacker could possibly use this issue to perform a timing side-channel attack and recover private keys. (CVE-2018-5407)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

libssl1.0.0 - 1.0.2n-1ubuntu6.1

libssl1.1 - 1.1.1-1ubuntu2.1

Ubuntu 18.04 LTS

libssl1.0.0 - 1.0.2n-1ubuntu5.2

libssl1.1 - 1.1.0g-2ubuntu4.3

Ubuntu 16.04 LTS

libssl1.0.0 - 1.0.2g-1ubuntu4.14

Ubuntu 14.04 LTS

libssl1.0.0 - 1.0.1f-1ubuntu2.27

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

References

• CVE-2018-0734
• CVE-2018-0735
• CVE-2018-5407

wavpack vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10
• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

Several security issues were fixed in WavPack.

Software Description

• wavpack - audio codec (lossy and lossless) - encoder and decoder

Details

It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-19840, CVE-2018-19841)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

libwavpack1 - 5.1.0-4ubuntu0.1

wavpack - 5.1.0-4ubuntu0.1

Ubuntu 18.04 LTS

libwavpack1 - 5.1.0-2ubuntu1.2

wavpack - 5.1.0-2ubuntu1.2

Ubuntu 16.04 LTS

libwavpack1 - 4.75.2-2ubuntu0.2

wavpack - 4.75.2-2ubuntu0.2

Ubuntu 14.04 LTS

libwavpack1 - 4.70.0-1ubuntu0.2

wavpack - 4.70.0-1ubuntu0.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

• CVE-2018-19840
• CVE-2018-19841

libraw vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

LibRaw could be made to crash or run programs as your login if it opened a specially crafted file.

Software Description

• libraw - raw image decoder library

Details

It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS

libraw16 - 0.18.8-1ubuntu0.2

Ubuntu 16.04 LTS

libraw15 - 0.17.1-1ubuntu0.4

Ubuntu 14.04 LTS

libraw9 - 0.15.4-1ubuntu0.3

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart your session to make all the necessary changes.

References

• CVE-2018-5807
• CVE-2018-5810
• CVE-2018-5811
• CVE-2018-5812
• CVE-2018-5813
• CVE-2018-5815
• CVE-2018-5816

spamassassin vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 12.04 ESM

Summary

Several security issues were fixed in SpamAssassin.

Software Description

• spamassassin - Perl-based spam filter using text analysis

Details

USN-3811-1 fixed a vulnerability in spamassassin. This update provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code. (CVE-2018-11780)

It was discovered that SpamAssassin incorrectly handled meta rule syntax. A local attacker could possibly use this issue to execute arbitrary code. (CVE-2018-11781)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04 ESM

spamassassin - 3.4.2-0ubuntu0.12.04.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.

References

• USN-3811-1
• CVE-2018-11780
• CVE-2018-11781

poppler vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10
• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

Several security issues were fixed in poppler.

Software Description

• poppler - PDF rendering library

Details

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-16646, CVE-2018-19058, CVE-2018-19059, CVE-2018-19060)

It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2018-19149)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

libpoppler79 - 0.68.0-0ubuntu1.2

poppler-utils - 0.68.0-0ubuntu1.2

Ubuntu 18.04 LTS

libpoppler73 - 0.62.0-2ubuntu2.4

poppler-utils - 0.62.0-2ubuntu2.4

Ubuntu 16.04 LTS

libpoppler58 - 0.41.0-0ubuntu1.9

poppler-utils - 0.41.0-0ubuntu1.9

Ubuntu 14.04 LTS

libpoppler44 - 0.24.5-2ubuntu4.13

poppler-utils - 0.24.5-2ubuntu4.13

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

• CVE-2018-16646
• CVE-2018-19058
• CVE-2018-19059
• CVE-2018-19060
• CVE-2018-19149

linux-hwe, linux-gcp vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 16.04 LTS

Summary

Several security issues were fixed in the Linux kernel.

Software Description

• linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
• linux-hwe - Linux hardware enablement (HWE) kernel

Details

USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS.

Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. (CVE-2018-18955)

Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from within a unprivileged user namespace. A local attacker could use this to expose sensitive information (protected file names). (CVE-2018-6559)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04 LTS

linux-image-4.15.0-1025-gcp - 4.15.0-1025.26~16.04.1

linux-image-4.15.0-42-generic - 4.15.0-42.45~16.04.1

linux-image-4.15.0-42-generic-lpae - 4.15.0-42.45~16.04.1

linux-image-4.15.0-42-lowlatency - 4.15.0-42.45~16.04.1

linux-image-gcp - 4.15.0.1025.39

linux-image-generic-hwe-16.04 - 4.15.0.42.63

linux-image-generic-lpae-hwe-16.04 - 4.15.0.42.63

linux-image-gke - 4.15.0.1025.39

linux-image-lowlatency-hwe-16.04 - 4.15.0.42.63

linux-image-oem - 4.15.0.42.63

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References

• USN-3836-1
• CVE-2018-18955
• CVE-2018-6559

linux, linux-gcp, linux-kvm, linux-raspi2 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.04 LTS

Summary

Several security issues were fixed in the Linux kernel.

Software Description

• linux - Linux kernel
• linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
• linux-kvm - Linux kernel for cloud environments
• linux-raspi2 - Linux kernel for Raspberry Pi 2

Details

Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. (CVE-2018-18955)

Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from within a unprivileged user namespace. A local attacker could use this to expose sensitive information (protected file names). (CVE-2018-6559)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS

linux-image-4.15.0-1025-gcp - 4.15.0-1025.26

linux-image-4.15.0-1027-kvm - 4.15.0-1027.27

linux-image-4.15.0-1029-raspi2 - 4.15.0-1029.31

linux-image-4.15.0-42-generic - 4.15.0-42.45

linux-image-4.15.0-42-generic-lpae - 4.15.0-42.45

linux-image-4.15.0-42-lowlatency - 4.15.0-42.45

linux-image-4.15.0-42-snapdragon - 4.15.0-42.45

linux-image-gcp - 4.15.0.1025.27

linux-image-generic - 4.15.0.42.44

linux-image-generic-lpae - 4.15.0.42.44

linux-image-gke - 4.15.0.1025.27

linux-image-kvm - 4.15.0.1027.27

linux-image-lowlatency - 4.15.0.42.44

linux-image-raspi2 - 4.15.0.1029.27

linux-image-snapdragon - 4.15.0.42.44

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References

• CVE-2018-18955
• CVE-2018-6559

linux, linux-gcp, linux-kvm, linux-raspi2 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10

Summary

Several security issues were fixed in the Linux kernel.

Software Description

• linux - Linux kernel
• linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
• linux-kvm - Linux kernel for cloud environments
• linux-raspi2 - Linux kernel for Raspberry Pi 2

Details

Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. (CVE-2018-17972)

Jann Horn discovered that the mremap() system call in the Linux kernel did not properly flush the TLB when completing, potentially leaving access to a physical page after it has been released to the page allocator. A local attacker could use this to cause a denial of service (system crash), expose sensitive information, or possibly execute arbitrary code. (CVE-2018-18281)

It was discovered that the BPF verifier in the Linux kernel did not correctly compute numeric bounds in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-18445)

Daniel Dadap discovered that the module loading implementation in the Linux kernel did not properly enforce signed module loading when booted with UEFI Secure Boot in some situations. A local privileged attacker could use this to execute untrusted code in the kernel. (CVE-2018-18653)

Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. (CVE-2018-18955)

Philipp Wendler discovered that the overlayfs implementation in the Linux kernel did not properly verify the directory contents permissions from within a unprivileged user namespace. A local attacker could use this to expose sensitive information (protected file names). (CVE-2018-6559)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

linux-image-4.18.0-1004-gcp - 4.18.0-1004.5

linux-image-4.18.0-1005-kvm - 4.18.0-1005.5

linux-image-4.18.0-1007-raspi2 - 4.18.0-1007.9

linux-image-4.18.0-12-generic - 4.18.0-12.13

linux-image-4.18.0-12-generic-lpae - 4.18.0-12.13

linux-image-4.18.0-12-lowlatency - 4.18.0-12.13

linux-image-4.18.0-12-snapdragon - 4.18.0-12.13

linux-image-gcp - 4.18.0.1004.4

linux-image-generic - 4.18.0.12.13

linux-image-generic-lpae - 4.18.0.12.13

linux-image-gke - 4.18.0.1004.4

linux-image-kvm - 4.18.0.1005.5

linux-image-lowlatency - 4.18.0.12.13

linux-image-raspi2 - 4.18.0.1007.4

linux-image-snapdragon - 4.18.0.12.13

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References

• CVE-2018-17972
• CVE-2018-18281
• CVE-2018-18445
• CVE-2018-18653
• CVE-2018-18955
• CVE-2018-6559

perl vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 12.04 ESM

Summary

Several security issues were fixed in Perl.

Software Description

• perl - Practical Extraction and Report Language

Details

USN-3834-1 fixed a vulnerability in perl. This update provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-18311)

Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. (CVE-2018-18313)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04 ESM

perl - 5.14.2-6ubuntu2.9

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

• USN-3834-1
• CVE-2018-18311
• CVE-2018-18313

perl vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 18.10
• Ubuntu 18.04 LTS
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

Several security issues were fixed in Perl.

Software Description

• perl - Practical Extraction and Report Language

Details

Jayakrishna Menon discovered that Perl incorrectly handled Perl_my_setenv. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2018-18311)

Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18312)

Eiichi Tsukata discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. (CVE-2018-18313)

Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10. (CVE-2018-18314)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.10

perl - 5.26.2-7ubuntu0.1

Ubuntu 18.04 LTS

perl - 5.26.1-6ubuntu0.3

Ubuntu 16.04 LTS

perl - 5.22.1-9ubuntu0.6

Ubuntu 14.04 LTS

perl - 5.18.2-2ubuntu1.7

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

• CVE-2018-18311
• CVE-2018-18312
• CVE-2018-18313
• CVE-2018-18314