Parent Directory | Revision Log
MGASA-2017-0090: kernel-linus-4.4.55-1.mga5
1 | type: security |
2 | subject: Updated kernel-linus packages fixes security vulnerabilities |
3 | CVE: |
4 | - CVE-2017-2636 |
5 | - CVE-2017-6346 |
6 | - CVE-2017-6347 |
7 | - CVE-2017-6348 |
8 | src: |
9 | 5: |
10 | core: |
11 | - kernel-linus-4.4.55-1.mga5 |
12 | description: | |
13 | This kernel-linus update is based on upstream 4.4.55 and fixes atleast |
14 | the following security issues: |
15 | |
16 | Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 |
17 | allows local users to gain privileges or cause a denial of service (double |
18 | free) by setting the HDLC line discipline (CVE-2017-2636). |
19 | |
20 | Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 |
21 | allows local users to cause a denial of service (use-after-free) or possibly |
22 | have unspecified other impact via a multithreaded application that makes |
23 | PACKET_FANOUT setsockopt system calls (CVE-2017-6346). |
24 | |
25 | The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux |
26 | kernel before 4.10.1 has incorrect expectations about skb data layout, |
27 | which allows local users to cause a denial of service (buffer over-read) |
28 | or possibly have unspecified other impact via crafted system calls, as |
29 | demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP |
30 | transmission (CVE-2017-6347). |
31 | |
32 | The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before |
33 | 4.9.13 improperly manages lock dropping, which allows local users to cause a |
34 | denial of service (deadlock) via crafted operations on IrDA devices |
35 | (CVE-2017-6348). |
36 | |
37 | For other upstream fixes in this update, see the referenced changelogs. |
38 | references: |
39 | - https://bugs.mageia.org/show_bug.cgi?id=20529 |
40 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.51 |
41 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.52 |
42 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.53 |
43 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.54 |
44 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.55 |
45 | ID: MGASA-2017-0090 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |