Episode 96

Ubuntu Security Podcast

EpisodeNov 13, 20207m

Episode 96

Ubuntu Security Podcast

EpisodeNov 13, 20207m

Overview This week we look at results from the Tianfu Cup 2020, the PLATYPUS attack against Intel CPUs, a detailed writeup of the GDM/accountsservice vulnerabilities covered in Episode 95 and more. Goings on in Ubuntu Security Community Tianfu Cup 2020 [00:37] https://www.zdnet.com/article/windows-10-ios-chrome-and-many-others-fall-at-chinas-top-hacking-contest/ QEMU on Ubuntu, Firefox and docker all pwned (as well as Chrome, Safari, VMWare ESXi, CentOS 8, iPhone etc) qemu-kvm on Ubuntu - used a UAF and an info-leak to escape VM and get root code exec on host - by Xiao Wei from 360 ESG Vuln Research Institute who has previously found lots of QEMU bugs - $60k Still waiting on upstream qemu / docker to release details - Firefox already patched in CVE-2020-26950 Github writeup of GDM/accountsservice vulnerabilities [02:53] We covered the vulns in last week’s Episode 95 Kevin Backhouse provides a great amount of detail and a cool demo video of the attack - https://securitylab.github.com/research/Ubuntu-gdm3-accountsservice-LPE https://portswigger.net/daily-swig/vulnerabilities-in-ubuntu-desktop-enabled-root-access-in-two-simple-steps PLATYPUS attack against Intel CPUs [03:41] https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Platypus https://platypusattack.com/ https://www.zdnet.com/article/new-platypus-attack-can-steal-data-from-intel-cpus/ This week in Ubuntu Security Updates [05:27] 23 unique CVEs addressed [USN-4617-1] SPICE vdagent vulnerabilities 4 CVEs addressed in Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10) CVE-2020-25653 CVE-2020-25652 CVE-2020-25651 CVE-2020-25650 [USN-4616-2] AccountsService vulnerabilities 2 CVEs addressed in Trusty ESM (14.04 ESM) CVE-2018-14036 CVE-2020-16126 [USN-4618-1] tmux vulnerability 1 CVEs addressed in Focal (20.04 LTS), Groovy (20.10) CVE-2020-27347 [USN-4619-1] dom4j vulnerability 1 CVEs addressed in Xenial (16.04 LTS) CVE-2018-1000632 [USN-4599-3] Firefox regressions Affecting Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10) Episode 94 [USN-4620-1] phpLDAPadmin vulnerability 1 CVEs addressed in Bionic (18.04 LTS) CVE-2017-11107 [USN-4621-1] netqmail vulnerabilities 5 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS) CVE-2020-3812 CVE-2020-3811 CVE-2005-1515 CVE-2005-1514 CVE-2005-1513 [USN-4622-1] OpenLDAP vulnerability 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10) CVE-2020-25692 [USN-4623-1] Pacemaker vulnerability 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10) CVE-2020-25654 [USN-4624-1] libexif vulnerability 1 CVEs addressed in Precise ESM (12.04 ESM), Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10) CVE-2020-0452 [USN-4625-1] Firefox vulnerability 1 CVEs addressed in Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10) CVE-2020-26950 [USN-4626-1] Linux kernel vulnerabilities 2 CVEs addressed in Groovy (20.10) CVE-2020-8694 CVE-2020-27194 [USN-4627-1] Linux kernel vulnerability 1 CVEs addressed in Precise ESM (12.04 ESM), Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS) CVE-2020-8694 [USN-4628-1] Intel Microcode vulnerabilities 3 CVEs addressed in Trusty ESM (14.04 ESM), Xenial (16.04 LTS), Bionic (18.04 LTS), Focal (20.04 LTS), Groovy (20.10) CVE-2020-8698 CVE-2020-8696 CVE-2020-8695 Get in contact security@ubuntu.com #ubuntu-security on the Libera.Chat IRC network ubuntu-hardened mailing list Security section on discourse.ubuntu.com @ubuntu_sec on twitter

Top comments

A fortnightly podcast talking about the latest developments and updates from the Ubuntu Security team, including a summary of recent security vulnerabilities and fixes as well as a discussion on some of the goings on in the wider Ubuntu Security community.

ubuntusecuritypodcast.org

Switch to the Fountain App

Open in Fountain