This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
תוכן מסופק על ידי Alex Murray and Ubuntu Security Team. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Alex Murray and Ubuntu Security Team או שותף פלטפורמת הפודקאסט שלו. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
דומה לUbuntu Security Podcast
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Daily update on current cyber security threats
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
An open show powered by community LINUX Unplugged takes the best attributes of open collaboration and turns it into a weekly show about Linux.
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
))
Episode 131
Manage episode 302497366 series 2423058
תוכן מסופק על ידי Alex Murray and Ubuntu Security Team. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Alex Murray and Ubuntu Security Team או שותף פלטפורמת הפודקאסט שלו. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
Overview
OWASP Top 10 gets updated for 2021 and we look at security vulnerabilities in the Linux kernel, Ghostscript, Git, curl and more.
This week in Ubuntu Security Updates
26 unique CVEs addressed
[USN-5069-2] mod-auth-mellon vulnerability [00:43]
- 1 CVEs addressed in Hirsute (21.04)
- Episode 130 - failed to properly handle crafted redirect links -> open redirect
[USN-5070-1] Linux kernel vulnerabilities
- 10 CVEs addressed in Focal (20.04 LTS), Hirsute (21.04)
[USN-5071-1] Linux kernel vulnerabilities
- 5 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
[USN-5072-1] Linux kernel vulnerabilities
- 2 CVEs addressed in Focal (20.04 LTS)
[USN-5073-1] Linux kernel vulnerabilities [00:56]
- 5 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS)
- 2 different AMD specific issue in KVM subsystem with nested virtualisation - 1 mentioned last week in Episode 130 - would fail to validate particular operations which could be performed by a guest VM - in this case would allow a guest to enable the Advanced Virtual Interrupt Controller for a nested VM (ie L2 VM) - this would then allow the L2 VM to write to host memory -> code execution on the host
- The other - L1 guest could disable interception of both VMLOAD/VMSAVE calls for a L2 guest - L2 guest could then read/write portions of host physical memory - code-exec on host
[LSN-0081-1] Linux kernel vulnerability [01:56]
- 4 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS)
- (Episode 124) seq_file vuln - this virt file-system contained an unsigned integer conversion error - would result in a local user being able to cause an OOB write and hence possible code-exec in the kernel -> privesc
- (Episode 127) netfilter setsockopt() - OOB write
- AMD nested virtualisation issues above
[USN-5074-1] Firefox vulnerabilities [02:53]
- 3 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)
- Memory safety bugs -> possible memory corruption, possible bypass in mixed content blocking (ie http content on a https page)
[USN-5075-1] Ghostscript vulnerability [03:36]
- 1 CVEs addressed in Focal (20.04 LTS), Hirsute (21.04)
- Trivial bypass of sandbox - exploit was apparently known about since March and publicly available since end of August but only reported to GS upstream on 8th August - fix available since 9th, updates for Ubuntu published on 10th (rare Friday publication)
[USN-5076-1] Git vulnerability [04:55]
- 1 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS)
- Possible cross-protocol requests by embedding a newline in the URL when cloning
[USN-5077-1, USN-5077-2] Apport vulnerabilities [05:34]
- 2 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)
- Arbitrary file reads in apport crash handling - reads certain file when apps crash, can be tricked to read other files and include these in the crash report which can then be seen by the user, uploaded to errors.ubuntu.com etc
[USN-5078-1] Squashfs-Tools vulnerability [06:46]
- 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)
- Similar to Episode 129 - symlink and file of same name - when unsquash, write out symlink, then write out file traversing the symlink -> arbitrary file overwrite
[USN-5079-1, USN-5079-2] curl vulnerabilities [07:48]
- 3 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)
- CVE-2021-22947
- CVE-2021-22946
- CVE-2021-22945 (non-ESM only)
- MQTT OOB write (malicious MQTT server) (non-ESM)
- Possible to cause to not upgrade to TLS even when specified -> info leak
- STARTTLS -> could inject responses / intercept comms etc
Goings on in Ubuntu Security Community
OWASP Top 10 updated after 4 years [08:55]
- https://owasp.org/Top10/
- Last updated in Nov 2017
- Increasing complexity of web-apps means vulns are now at the edges - ie. when combining two components, misconfigure one of them -> vuln in combination due to accidential misuse by the other component
Hiring [13:11]
Linux Cryptography and Security Engineer
Security Engineer - Ubuntu
Get in contact
231 פרקים
שתפו
Manage episode 302497366 series 2423058
תוכן מסופק על ידי Alex Murray and Ubuntu Security Team. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Alex Murray and Ubuntu Security Team או שותף פלטפורמת הפודקאסט שלו. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
Overview
OWASP Top 10 gets updated for 2021 and we look at security vulnerabilities in the Linux kernel, Ghostscript, Git, curl and more.
This week in Ubuntu Security Updates
26 unique CVEs addressed
[USN-5069-2] mod-auth-mellon vulnerability [00:43]
- 1 CVEs addressed in Hirsute (21.04)
- Episode 130 - failed to properly handle crafted redirect links -> open redirect
[USN-5070-1] Linux kernel vulnerabilities
- 10 CVEs addressed in Focal (20.04 LTS), Hirsute (21.04)
[USN-5071-1] Linux kernel vulnerabilities
- 5 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS)
[USN-5072-1] Linux kernel vulnerabilities
- 2 CVEs addressed in Focal (20.04 LTS)
[USN-5073-1] Linux kernel vulnerabilities [00:56]
- 5 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS)
- 2 different AMD specific issue in KVM subsystem with nested virtualisation - 1 mentioned last week in Episode 130 - would fail to validate particular operations which could be performed by a guest VM - in this case would allow a guest to enable the Advanced Virtual Interrupt Controller for a nested VM (ie L2 VM) - this would then allow the L2 VM to write to host memory -> code execution on the host
- The other - L1 guest could disable interception of both VMLOAD/VMSAVE calls for a L2 guest - L2 guest could then read/write portions of host physical memory - code-exec on host
[LSN-0081-1] Linux kernel vulnerability [01:56]
- 4 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS)
- (Episode 124) seq_file vuln - this virt file-system contained an unsigned integer conversion error - would result in a local user being able to cause an OOB write and hence possible code-exec in the kernel -> privesc
- (Episode 127) netfilter setsockopt() - OOB write
- AMD nested virtualisation issues above
[USN-5074-1] Firefox vulnerabilities [02:53]
- 3 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)
- Memory safety bugs -> possible memory corruption, possible bypass in mixed content blocking (ie http content on a https page)
[USN-5075-1] Ghostscript vulnerability [03:36]
- 1 CVEs addressed in Focal (20.04 LTS), Hirsute (21.04)
- Trivial bypass of sandbox - exploit was apparently known about since March and publicly available since end of August but only reported to GS upstream on 8th August - fix available since 9th, updates for Ubuntu published on 10th (rare Friday publication)
[USN-5076-1] Git vulnerability [04:55]
- 1 CVEs addressed in Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS)
- Possible cross-protocol requests by embedding a newline in the URL when cloning
[USN-5077-1, USN-5077-2] Apport vulnerabilities [05:34]
- 2 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)
- Arbitrary file reads in apport crash handling - reads certain file when apps crash, can be tricked to read other files and include these in the crash report which can then be seen by the user, uploaded to errors.ubuntu.com etc
[USN-5078-1] Squashfs-Tools vulnerability [06:46]
- 1 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)
- Similar to Episode 129 - symlink and file of same name - when unsquash, write out symlink, then write out file traversing the symlink -> arbitrary file overwrite
[USN-5079-1, USN-5079-2] curl vulnerabilities [07:48]
- 3 CVEs addressed in Trusty ESM (14.04 ESM), Xenial ESM (16.04 ESM), Bionic (18.04 LTS), Focal (20.04 LTS), Hirsute (21.04)
- CVE-2021-22947
- CVE-2021-22946
- CVE-2021-22945 (non-ESM only)
- MQTT OOB write (malicious MQTT server) (non-ESM)
- Possible to cause to not upgrade to TLS even when specified -> info leak
- STARTTLS -> could inject responses / intercept comms etc
Goings on in Ubuntu Security Community
OWASP Top 10 updated after 4 years [08:55]
- https://owasp.org/Top10/
- Last updated in Nov 2017
- Increasing complexity of web-apps means vulns are now at the edges - ie. when combining two components, misconfigure one of them -> vuln in combination due to accidential misuse by the other component
Hiring [13:11]
Linux Cryptography and Security Engineer
Security Engineer - Ubuntu
Get in contact
231 פרקים
كل الحلقات
×
ברוכים הבאים אל Player FM!
Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.
דומה לUbuntu Security Podcast
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
This feed includes all episodes of Paul's Security Weekly, Enterprise Security Weekly, Business Security Weekly, Application Security Weekly, and Security Weekly News! Your one-stop shop for all things Security Weekly!
…
continue reading
Daily update on current cyber security threats
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Hungry for Technology Talk? Get All You Can Eat at the Android Buffet
…
continue reading
An open show powered by community LINUX Unplugged takes the best attributes of open collaboration and turns it into a weekly show about Linux.
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
