|
|
Subscribe / Log in / New account

Mageia alert MGASA-2016-0033 (kernel)



From:
    	      Mageia Updates <buildsystem-daemon@mageia.org> 


To:
    	      updates-announce@ml.mageia.org 


Subject:
    	      [updates-announce] MGASA-2016-0033: Updated kernel packages fix security vulnerability 


Date:
    	      Thu, 21 Jan 2016 07:10:23 +0100


Message-ID:
    	      <20160121061023.D210E21E8A7@valstar.mageia.org>


MGASA-2016-0033 - Updated kernel packages fix security vulnerability

Publication date: 21 Jan 2016
URL: http://advisories.mageia.org/MGASA-2016-0033.html
Type: security
Affected Mageia releases: 5
CVE: CVE-2016-0728

Description:
Perception Point Research Team found a reference leak in keyring in
join_session_keyring() that can be exploited to successfully escalate
privileges from a local user to root (CVE-2016-0728).

Other fixes in this kernel update:
- netfilter: nf_nat_redirect: add missing NULL pointer check

References:
- https://bugs.mageia.org/show_bug.cgi?id=17557
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0728

SRPMS:
- 5/core/kernel-4.1.15-2.mga5
- 5/core/kernel-userspace-headers-4.1.15-2.mga5
- 5/core/kmod-vboxadditions-5.0.12-2.mga5
- 5/core/kmod-virtualbox-5.0.12-2.mga5
- 5/core/kmod-xtables-addons-2.7-8.mga5
- 5/nonfree/kmod-broadcom-wl-6.30.223.271-5.mga5.nonfree
- 5/nonfree/kmod-fglrx-15.200.1046-9.mga5.nonfree
- 5/nonfree/kmod-nvidia304-304.128-5.mga5.nonfree
- 5/nonfree/kmod-nvidia340-340.93-5.mga5.nonfree
- 5/nonfree/kmod-nvidia-current-346.96-5.mga5.nonfree
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds