Episode 6

Show Notes

This week we look at some details of the 17 unique CVEs addressed across the supported Ubuntu releases and more.

17 unique CVEs addressed

4 CVEs addressed in Trusty, Xenial, Bionic
2 CVEs: flaws in RSA implementation allow Bleichenbacher-style attacks in parsing of the ASN.1 encoded digestInfo
strongSwan implementation was too lenient and would allow arbitrary random data to be contained following various elements in the ASN.1
Also would not check the correct amount of padding had been used
Allows attackers to potentially forge low-exponent signature forgery and hence authentication during IKE authentication
2 CVEs for DoS due to missing length check and missing variable initialization

1 CVEs addressed in Bionic
- CVE-2018-17336
Format string vulnerability which could be exploited via specially crafted disk label
udisks prints volume label via printf() passing the label as part of the format string
- Simple fix to replace the label with a %s directive and then pass the label to that
- ie. don’t interpret label as printf() directives directly

Casey Schaufler (Intel, SMACK maintainer) primary developer along with John Johansen and Kees Cook (Google) to upstream support for LSM stacking
Currently upstream allows use of one ‘major’ module (SELinux / AppArmor / Tomoyo) with a minor module (Yama etc)
Goal of stacking is to allow multiple major modules to be used in conjunction (AppArmor with SELinux)
- Primary use-case is containers
Current stacking patches allow to stack Tomoyo with either SELinux / AppArmor
- Eventually should be able to stack SELinux with AppArmor but still WIP
- Ubuntu already carries these patches in Bionic etc
Likely to be merged in the near future

Jann Horn (GPZ) reported gaps in evince AppArmor profile
Clever use of GNOME thumbnailer infrastructure to specify a new ’evil’ thumbnailer and the use of systemd via DBus to escape AppArmor confinement
Policy fixed in Cosmic, in process of updating for Bionic etc