Re: Copy on Write - Dirty COW Kernel bug

[Steve Beattie]

On Mon, Oct 24, 2016 at 09:56:32AM +0100, Ian Bruntlett wrote:
> On 24 October 2016 at 07:16, Steve Beattie  wrote:
> > What are the specific versions you are seeing?
> >
> Here they are:-
> i$ cat /proc/version_signature
> Ubuntu 4.4.0-45.66-generic 4.4.21
> i
> $ uname -a
> Linux turing 4.4.0-45-generic #66-Ubuntu SMP Wed Oct 19 14:12:37 UTC 2016
> x86_64 x86_64 x86_64 GNU/Linux
> 
> $ lsb_release -a
> No LSB modules are available.
> Distributor ID:Ubuntu
> Description:Ubuntu 16.04.1 LTS
> Release:16.04
> Codename:xenial

You're good to go, that version contains the fix for the Copy on Write
issue, CVE-2016-5195.

Thanks.

-- 
Steve Beattie

http://NxNW.org/~steve/


signature.asc
Description: PGP signature
-- 
Ubuntu-quality mailing list
Ubuntu-quality@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-quality

Re: Copy on Write - Dirty COW Kernel bug

[Ian Bruntlett]

Hi Steve,

On 24 October 2016 at 07:16, Steve Beattie  wrote:

> What are the specific versions you are seeing?
>
Here they are:-
i$ cat /proc/version_signature
Ubuntu 4.4.0-45.66-generic 4.4.21
i
$ uname -a
Linux turing 4.4.0-45-generic #66-Ubuntu SMP Wed Oct 19 14:12:37 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux

$ lsb_release -a
No LSB modules are available.
Distributor ID:Ubuntu
Description:Ubuntu 16.04.1 LTS
Release:16.04
Codename:xenial

HTH,


Ian

-- 
-- ACCU - Professionalism in programming - http://www.accu.org
-- My writing - https://sites.google.com/site/ianbruntlett/
-- Free Software page -
https://sites.google.com/site/ianbruntlett/home/free-software
-- 
Ubuntu-quality mailing list
Ubuntu-quality@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-quality

Re: Copy on Write - Dirty COW Kernel bug

[Steve Beattie]

Hi Ian,

On Sat, Oct 22, 2016 at 06:41:30PM +0100, Ian Bruntlett wrote:
> I stumbled across this bug here
> http://www.bbc.co.uk/news/technology-37728010

Security updates were issued for this issue, identified as
CVE-2016-5195, on Thursday, October 18. Specifically, the following
kernels address the issue:

  Ubuntu 12.04 LTS  3.2.0-113.155   https://www.ubuntu.com/usn/usn-3104-1/
  Ubuntu 14.04 LTS  3.13.0-100.147  https://www.ubuntu.com/usn/usn-3105-1/
  Ubuntu 16.04 LTS  4.4.0-45.66 https://www.ubuntu.com/usn/usn-3106-1/
  Ubuntu 16.10  4.8.0-26.28 https://www.ubuntu.com/usn/usn-3107-1/

as well as the associated derived kernels (e.g. linux-lts-xenial).
Besides being announced in the Ubuntu Security Notices referred to
above, the status for specific CVE can be found in
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html

> First thing I did was quit all my programmes, ran Software Updater and
> rebooted. However, my Kernel wasn't updated (I used the command uname -a to
> check for this). When will the updated Kernel be available from the
> software updates?

It helps to report specific versions that you're seeing, i.e. what
Ubuntu release you're using as well as the kernel version. The uname -a
command can be used, but the contents of /proc/version_signature is a
little more straightforward for identifying the specific version.

Also note that you may need to refresh your apt lists information, either
via update-manager or on the command line via apt-get update.

What are the specific versions you are seeing?

Thanks.

-- 
Steve Beattie

http://NxNW.org/~steve/


signature.asc
Description: PGP signature
-- 
Ubuntu-quality mailing list
Ubuntu-quality@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-quality

Re: Copy on Write - Dirty COW Kernel bug

[Alberto Salvia Novella]

Ian Bruntlett:

At one stage Software Updater would run and give you details about
updates in a window. I miss that. Is there a configuration setting for that?


If I set security updates to download and install automatically, 
Software Updater will never show up. Instead updates are installed 
silently in the background.


Exceptionally, if the computer hasn't been used for a long time, it 
could happen that Software Updater actually asks me to upgrade. But the 
behaviour seems to be that, if there's a security update, to do all the 
updates in the background.


So as long as you have the computer configured to check for updates 
daily, and security updates to download and install automatically, any 
exploit shall get patched in the next boot.




-- 
Ubuntu-quality mailing list
Ubuntu-quality@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-quality

Re: Copy on Write - Dirty COW Kernel bug

[Ian Bruntlett]

Hi Alberto,

On 23 October 2016 at 02:19, Alberto Salvia Novella 
wrote:

>
> Wouldn't it be better to configure security updates to automatically
> install?
>

Where security is concerned, I rely on more than one thing. Software
Updater on my computer is configured to "Download and install
automatically" when there are security updates available.

At one stage Software Updater would run and give you details about updates
in a window. I miss that. Is there a configuration setting for that?

HTH,


Ian

-- 
-- ACCU - Professionalism in programming - http://www.accu.org
-- My writing - https://sites.google.com/site/ianbruntlett/
-- Free Software page -
https://sites.google.com/site/ianbruntlett/home/free-software
-- 
Ubuntu-quality mailing list
Ubuntu-quality@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-quality

Re: Copy on Write - Dirty COW Kernel bug

[Ian Bruntlett]

Hi Chris,

On 22 October 2016 at 20:24, chris hermansen  wrote:

> Ian and list,
>
Thanks for that, much appreciated.

BW,


Ian

-- 
-- ACCU - Professionalism in programming - http://www.accu.org
-- My writing - https://sites.google.com/site/ianbruntlett/
-- Free Software page -
https://sites.google.com/site/ianbruntlett/home/free-software
-- 
Ubuntu-quality mailing list
Ubuntu-quality@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-quality