Federico Manuel Bento discovered that the Linux kernel did not properly apply Address Space Layout Randomization (ASLR) in some situations for setuid a.out binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid a.out binary.
As a hardening measure, this update disables a.out support.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "4.15.0-51.55", "binary_name": "block-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "block-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "crypto-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "crypto-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "dasd-extra-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "dasd-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "fat-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "fat-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "fb-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "firewire-core-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "floppy-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "fs-core-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "fs-core-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "fs-secondary-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "fs-secondary-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "input-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "input-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "ipmi-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "ipmi-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "irda-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "irda-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "kernel-image-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "kernel-image-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-buildinfo-4.15.0-51-generic" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-buildinfo-4.15.0-51-generic-lpae" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-buildinfo-4.15.0-51-lowlatency" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-cloud-tools-4.15.0-51" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-cloud-tools-4.15.0-51-generic" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-cloud-tools-4.15.0-51-lowlatency" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-cloud-tools-common" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-doc" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-headers-4.15.0-51" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-headers-4.15.0-51-generic" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-headers-4.15.0-51-generic-lpae" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-headers-4.15.0-51-lowlatency" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-image-4.15.0-51-generic" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-image-4.15.0-51-generic-dbgsym" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-image-4.15.0-51-generic-lpae" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-image-4.15.0-51-generic-lpae-dbgsym" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-image-4.15.0-51-lowlatency" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-image-4.15.0-51-lowlatency-dbgsym" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-image-unsigned-4.15.0-51-generic" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-image-unsigned-4.15.0-51-generic-dbgsym" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-image-unsigned-4.15.0-51-lowlatency" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-image-unsigned-4.15.0-51-lowlatency-dbgsym" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-libc-dev" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-modules-4.15.0-51-generic" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-modules-4.15.0-51-generic-lpae" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-modules-4.15.0-51-lowlatency" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-modules-extra-4.15.0-51-generic" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-source-4.15.0" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-tools-4.15.0-51" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-tools-4.15.0-51-generic" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-tools-4.15.0-51-generic-lpae" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-tools-4.15.0-51-lowlatency" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-tools-common" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-tools-host" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-udebs-generic" }, { "binary_version": "4.15.0-51.55", "binary_name": "linux-udebs-generic-lpae" }, { "binary_version": "4.15.0-51.55", "binary_name": "md-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "md-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "message-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "mouse-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "mouse-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "multipath-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "multipath-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "nfs-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "nfs-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "nic-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "nic-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "nic-pcmcia-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "nic-shared-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "nic-shared-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "nic-usb-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "nic-usb-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "parport-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "parport-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "pata-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "pcmcia-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "pcmcia-storage-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "plip-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "plip-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "ppp-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "ppp-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "sata-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "sata-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "scsi-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "scsi-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "serial-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "storage-core-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "storage-core-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "usb-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "usb-modules-4.15.0-51-generic-lpae-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "virtio-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "vlan-modules-4.15.0-51-generic-di" }, { "binary_version": "4.15.0-51.55", "binary_name": "vlan-modules-4.15.0-51-generic-lpae-di" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "4.15.0-1040.42", "binary_name": "linux-aws-cloud-tools-4.15.0-1040" }, { "binary_version": "4.15.0-1040.42", "binary_name": "linux-aws-headers-4.15.0-1040" }, { "binary_version": "4.15.0-1040.42", "binary_name": "linux-aws-tools-4.15.0-1040" }, { "binary_version": "4.15.0-1040.42", "binary_name": "linux-buildinfo-4.15.0-1040-aws" }, { "binary_version": "4.15.0-1040.42", "binary_name": "linux-cloud-tools-4.15.0-1040-aws" }, { "binary_version": "4.15.0-1040.42", "binary_name": "linux-headers-4.15.0-1040-aws" }, { "binary_version": "4.15.0-1040.42", "binary_name": "linux-image-4.15.0-1040-aws" }, { "binary_version": "4.15.0-1040.42", "binary_name": "linux-image-4.15.0-1040-aws-dbgsym" }, { "binary_version": "4.15.0-1040.42", "binary_name": "linux-modules-4.15.0-1040-aws" }, { "binary_version": "4.15.0-1040.42", "binary_name": "linux-tools-4.15.0-1040-aws" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "4.15.0-1033.35", "binary_name": "linux-buildinfo-4.15.0-1033-gcp" }, { "binary_version": "4.15.0-1033.35", "binary_name": "linux-gcp-headers-4.15.0-1033" }, { "binary_version": "4.15.0-1033.35", "binary_name": "linux-gcp-tools-4.15.0-1033" }, { "binary_version": "4.15.0-1033.35", "binary_name": "linux-headers-4.15.0-1033-gcp" }, { "binary_version": "4.15.0-1033.35", "binary_name": "linux-image-unsigned-4.15.0-1033-gcp" }, { "binary_version": "4.15.0-1033.35", "binary_name": "linux-image-unsigned-4.15.0-1033-gcp-dbgsym" }, { "binary_version": "4.15.0-1033.35", "binary_name": "linux-modules-4.15.0-1033-gcp" }, { "binary_version": "4.15.0-1033.35", "binary_name": "linux-modules-extra-4.15.0-1033-gcp" }, { "binary_version": "4.15.0-1033.35", "binary_name": "linux-tools-4.15.0-1033-gcp" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "4.15.0-1035.35", "binary_name": "linux-buildinfo-4.15.0-1035-kvm" }, { "binary_version": "4.15.0-1035.35", "binary_name": "linux-headers-4.15.0-1035-kvm" }, { "binary_version": "4.15.0-1035.35", "binary_name": "linux-image-4.15.0-1035-kvm" }, { "binary_version": "4.15.0-1035.35", "binary_name": "linux-image-4.15.0-1035-kvm-dbgsym" }, { "binary_version": "4.15.0-1035.35", "binary_name": "linux-kvm-headers-4.15.0-1035" }, { "binary_version": "4.15.0-1035.35", "binary_name": "linux-kvm-tools-4.15.0-1035" }, { "binary_version": "4.15.0-1035.35", "binary_name": "linux-modules-4.15.0-1035-kvm" }, { "binary_version": "4.15.0-1035.35", "binary_name": "linux-tools-4.15.0-1035-kvm" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "4.15.0-1039.44", "binary_name": "block-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "crypto-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "fat-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "fb-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "firewire-core-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "floppy-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "fs-core-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "fs-secondary-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "input-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "ipmi-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "irda-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "kernel-image-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "linux-buildinfo-4.15.0-1039-oem" }, { "binary_version": "4.15.0-1039.44", "binary_name": "linux-headers-4.15.0-1039-oem" }, { "binary_version": "4.15.0-1039.44", "binary_name": "linux-image-unsigned-4.15.0-1039-oem" }, { "binary_version": "4.15.0-1039.44", "binary_name": "linux-image-unsigned-4.15.0-1039-oem-dbgsym" }, { "binary_version": "4.15.0-1039.44", "binary_name": "linux-modules-4.15.0-1039-oem" }, { "binary_version": "4.15.0-1039.44", "binary_name": "linux-oem-headers-4.15.0-1039" }, { "binary_version": "4.15.0-1039.44", "binary_name": "linux-oem-tools-4.15.0-1039" }, { "binary_version": "4.15.0-1039.44", "binary_name": "linux-tools-4.15.0-1039-oem" }, { "binary_version": "4.15.0-1039.44", "binary_name": "linux-udebs-oem" }, { "binary_version": "4.15.0-1039.44", "binary_name": "md-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "message-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "mouse-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "multipath-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "nfs-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "nic-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "nic-pcmcia-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "nic-shared-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "nic-usb-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "parport-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "pata-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "pcmcia-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "pcmcia-storage-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "plip-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "ppp-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "sata-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "scsi-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "serial-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "storage-core-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "usb-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "virtio-modules-4.15.0-1039-oem-di" }, { "binary_version": "4.15.0-1039.44", "binary_name": "vlan-modules-4.15.0-1039-oem-di" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "4.15.0-1014.16", "binary_name": "linux-buildinfo-4.15.0-1014-oracle" }, { "binary_version": "4.15.0-1014.16", "binary_name": "linux-headers-4.15.0-1014-oracle" }, { "binary_version": "4.15.0-1014.16", "binary_name": "linux-image-unsigned-4.15.0-1014-oracle" }, { "binary_version": "4.15.0-1014.16", "binary_name": "linux-image-unsigned-4.15.0-1014-oracle-dbgsym" }, { "binary_version": "4.15.0-1014.16", "binary_name": "linux-modules-4.15.0-1014-oracle" }, { "binary_version": "4.15.0-1014.16", "binary_name": "linux-modules-extra-4.15.0-1014-oracle" }, { "binary_version": "4.15.0-1014.16", "binary_name": "linux-oracle-headers-4.15.0-1014" }, { "binary_version": "4.15.0-1014.16", "binary_name": "linux-oracle-tools-4.15.0-1014" }, { "binary_version": "4.15.0-1014.16", "binary_name": "linux-tools-4.15.0-1014-oracle" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "4.15.0-1037.39", "binary_name": "linux-buildinfo-4.15.0-1037-raspi2" }, { "binary_version": "4.15.0-1037.39", "binary_name": "linux-headers-4.15.0-1037-raspi2" }, { "binary_version": "4.15.0-1037.39", "binary_name": "linux-image-4.15.0-1037-raspi2" }, { "binary_version": "4.15.0-1037.39", "binary_name": "linux-image-4.15.0-1037-raspi2-dbgsym" }, { "binary_version": "4.15.0-1037.39", "binary_name": "linux-modules-4.15.0-1037-raspi2" }, { "binary_version": "4.15.0-1037.39", "binary_name": "linux-raspi2-headers-4.15.0-1037" }, { "binary_version": "4.15.0-1037.39", "binary_name": "linux-raspi2-tools-4.15.0-1037" }, { "binary_version": "4.15.0-1037.39", "binary_name": "linux-tools-4.15.0-1037-raspi2" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "4.15.0-1054.58", "binary_name": "linux-buildinfo-4.15.0-1054-snapdragon" }, { "binary_version": "4.15.0-1054.58", "binary_name": "linux-headers-4.15.0-1054-snapdragon" }, { "binary_version": "4.15.0-1054.58", "binary_name": "linux-image-4.15.0-1054-snapdragon" }, { "binary_version": "4.15.0-1054.58", "binary_name": "linux-image-4.15.0-1054-snapdragon-dbgsym" }, { "binary_version": "4.15.0-1054.58", "binary_name": "linux-modules-4.15.0-1054-snapdragon" }, { "binary_version": "4.15.0-1054.58", "binary_name": "linux-snapdragon-headers-4.15.0-1054" }, { "binary_version": "4.15.0-1054.58", "binary_name": "linux-snapdragon-tools-4.15.0-1054" }, { "binary_version": "4.15.0-1054.58", "binary_name": "linux-tools-4.15.0-1054-snapdragon" } ] }