MGASA-2015-0386

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2015-0386.html

Import Source

https://advisories.mageia.org/MGASA-2015-0386.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2015-0386

Related

Published

2015-09-30T21:35:18Z

Modified

2022-02-17T18:21:47Z

Summary

Updated kernel packages provides 4.1 longterm and fixes security issues

Details

This kernel update provides an upgrade to the upstream 4.1 longterm kernel series, currently based on 4.1.8 and resolves at least the following security issues:

It was found that the Linux kernel's keyring implementation would leak memory when adding a key to a keyring via the add_key() function. A local attacker could use this flaw to exhaust all available memory on the system. (CVE-2015-1333)

A flaw was found in the Linux kernel where the deletion of a file or directory could trigger an unmount and reveal data under a mount point. This flaw was inadvertently introduced with the new feature of being able to lazily unmount a mount tree when using file system user namespaces. (CVE-2015-4176)

A flaw was discovered in the kernel's collectmounts function. If the kernel audit subsystem called collectmounts to audit an unmounted path, it could panic the system. With this flaw, an unprivileged user could call umount (MNT_DETACH) to launch a denial-of-service attack. (CVE-2015-4177)

A flaw was found in the Linux kernel which is related to the user namespace lazily unmounting file systems. The fspin struct has two members (mlist and slist) which are usually initialized on use in the pininsert_group function. However, these members might go unmodified; in this case, the system panics when it attempts to destroy or free them. This flaw could be used to launch a denial-of-service attack. (CVE-2015-4178)

A DoS flaw was found for a Linux kernel built for the x86 architecture which had the KVM virtualization support(CONFIGKVM) enabled. The kernel would be vulnerable to a NULL pointer dereference flaw in Linux kernel's kvmapichasevents() function while doing an ioctl. An unprivileged user able to access the "/dev/kvm" device could use this flaw to crash the system kernel. (CVE-2015-4692)

A flaw was found in the kernel's implementation of the Berkeley Packet Filter (BPF). A local attacker could craft BPF code to crash the system by creating a situation in which the JIT compiler would fail to correctly optimize the JIT image on the last pass. This would lead to the CPU executing instructions that were not part of the JIT code. (CVE-2015-4700)

The getbitmapfile function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from kernel memory via a GETBITMAPFILE ioctl call. (CVE-2015-5697)

Use-after-free vulnerability in the pathopenat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via OTMPFILE filesystem operations that leverage a duplicate cleanup operation. (CVE-2015-5706)

It was discovered that an integer overflow error existed in the SCSIgeneric (sg) driver in the Linux kernel. A local attacker with writepermission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-5707)

Additionally the following packages have been updated to add or improve support for the 4.1 series kernels: btrfs-progs, iproute2, xtables-addons, nvidia304, nvidia340, kernel-firmware-nonfree, radeon-firmware.

For other changes, see the referenced changelogs:

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / kernel-firmware-nonfree

Package

Name: kernel-firmware-nonfree
Purl: pkg:rpm/mageia/kernel-firmware-nonfree?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

20150824-1.mga5.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:5 / radeon-firmware

Package

Name: radeon-firmware
Purl: pkg:rpm/mageia/radeon-firmware?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

20150824-1.mga5.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:5 / kmod-broadcom-wl

Package

Name: kmod-broadcom-wl
Purl: pkg:rpm/mageia/kmod-broadcom-wl?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.30.223.248-36.mga5.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:5 / kmod-fglrx

Package

Name: kmod-fglrx
Purl: pkg:rpm/mageia/kmod-fglrx?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

15.200.1046-5.mga5.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:5 / nvidia304

Package

Name: nvidia304
Purl: pkg:rpm/mageia/nvidia304?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

304.125-5.mga5.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:5 / kmod-nvidia304

Package

Name: kmod-nvidia304
Purl: pkg:rpm/mageia/kmod-nvidia304?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

304.125-41.mga5.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:5 / nvidia340

Package

Name: nvidia340
Purl: pkg:rpm/mageia/nvidia340?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

340.76-2.mga5.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:5 / kmod-nvidia340

Package

Name: kmod-nvidia340
Purl: pkg:rpm/mageia/kmod-nvidia340?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

340.76-31.mga5.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:5 / kmod-nvidia-current

Package

Name: kmod-nvidia-current
Purl: pkg:rpm/mageia/kmod-nvidia-current?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

346.82-3.mga5.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:5 / kernel

Package

Name: kernel
Purl: pkg:rpm/mageia/kernel?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.1.8-1.mga5

Ecosystem specific

{
    "section": "core"
}

Mageia:5 / kernel-userspace-headers

Package

Name: kernel-userspace-headers
Purl: pkg:rpm/mageia/kernel-userspace-headers?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.1.8-1.mga5

Ecosystem specific

{
    "section": "core"
}

Mageia:5 / kernel-firmware

Package

Name: kernel-firmware
Purl: pkg:rpm/mageia/kernel-firmware?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

20150722-1.mga5

Ecosystem specific

{
    "section": "core"
}

Mageia:5 / btrfs-progs

Package

Name: btrfs-progs
Purl: pkg:rpm/mageia/btrfs-progs?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.1.2-1.mga5

Ecosystem specific

{
    "section": "core"
}

Mageia:5 / iproute2

Package

Name: iproute2
Purl: pkg:rpm/mageia/iproute2?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.1.1-1.mga5

Ecosystem specific

{
    "section": "core"
}

Mageia:5 / xtables-addons

Package

Name: xtables-addons
Purl: pkg:rpm/mageia/xtables-addons?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.7-1.mga5

Ecosystem specific

{
    "section": "core"
}

Mageia:5 / kmod-xtables-addons

Package

Name: kmod-xtables-addons
Purl: pkg:rpm/mageia/kmod-xtables-addons?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.7-4.mga5

Ecosystem specific

{
    "section": "core"
}