Mageia alert MGASA-2015-0171 (kernel)
| From: | Mageia Updates <buildsystem-daemon@mageia.org> | |
| To: | updates-announce@ml.mageia.org | |
| Subject: | [updates-announce] MGASA-2015-0171: Updated kernel package fixes security vulnerabilities | |
| Date: | Thu, 30 Apr 2015 23:57:51 +0200 | |
| Message-ID: | <20150430215751.35E2241607@valstar.mageia.org> |
MGASA-2015-0171 - Updated kernel package fixes security vulnerabilities Publication date: 30 Apr 2015 URL: http://advisories.mageia.org/MGASA-2015-0171.html Type: security Affected Mageia releases: 4 CVE: CVE-2014-8159, CVE-2015-1593, CVE-2015-2150 Description: This kernel update is based on upstream -longterm 3.14.39 and fixes the following security issues: It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system (CVE-2014-8159) The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c (CVE-2015-1593) Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response (CVE-2015-2150) For other fixes in this update, see the referenced changelogs. References: - https://bugs.mageia.org/show_bug.cgi?id=15612 - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.... - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.... - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.... - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.... - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.... - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.... - https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.... - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8159 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1593 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2150 SRPMS: - 4/core/kernel-3.14.39-1.mga4 - 4/core/kernel-userspace-headers-3.14.39-1.mga4 - 4/core/kmod-vboxadditions-4.3.26-6.mga4 - 4/core/kmod-virtualbox-4.3.26-6.mga4 - 4/core/kmod-xtables-addons-2.5-16.mga4 - 4/nonfree/kmod-broadcom-wl-6.30.223.141-51.mga4.nonfree - 4/nonfree/kmod-fglrx-14.010.1006-21.mga4.nonfree - 4/nonfree/kmod-nvidia173-173.14.39-36.mga4.nonfree - 4/nonfree/kmod-nvidia304-304.125-6.mga4.nonfree - 4/nonfree/kmod-nvidia-current-331.113-6.mga4.nonfree