Mageia alert MGASA-2017-0345 (kernel)
| From: | Mageia Updates <buildsystem-daemon@mageia.org> | |
| To: | updates-announce@ml.mageia.org | |
| Subject: | [updates-announce] MGASA-2017-0345: Updated kernel packages fix security vulnerabilities | |
| Date: | Sat, 16 Sep 2017 10:25:39 +0200 | |
| Message-ID: | <20170916082539.B16439F875@duvel.mageia.org> |
MGASA-2017-0345 - Updated kernel packages fix security vulnerabilities Publication date: 16 Sep 2017 URL: http://advisories.mageia.org/MGASA-2017-0345.html Type: security Affected Mageia releases: 5 CVE: CVE-2017-11600, CVE-2017-12134, CVE-2017-14340, CVE-2017-1000251 Description: This kernel update is based on upstream 4.4.88 and fixes atleast the following security issues: net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message (CVE-2017-11600). The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation (CVE-2017-12134 / XSA-229). The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory (CVE-2017-14340). The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 3.3-rc1 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space (CVE-2017-1000251). For other upstream fixes in this update, read the referenced changelogs. References: - https://bugs.mageia.org/show_bug.cgi?id=21711 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.... - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.... - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.... - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.... - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.... - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.... - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11600 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12134 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14340 - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10... SRPMS: - 5/core/kernel-4.4.88-1.mga5 - 5/core/kernel-userspace-headers-4.4.88-1.mga5 - 5/core/kmod-vboxadditions-5.1.26-3.mga5 - 5/core/kmod-virtualbox-5.1.26-3.mga5 - 5/core/kmod-xtables-addons-2.10-46.mga5