Bug 20609

Summary: Update request: kernel-linus-4.4.59-1.mga5
Product: Mageia Reporter: Thomas Backlund <tmb>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: High CC: davidwhodgins, sysadmin-bugs
Version: 5Keywords: validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA5-64-OK MGA5-32-OK advisory
Source RPM: kernel-linus CVE:
Status comment:

Description Thomas Backlund 2017-03-31 07:20:07 CEST 
Primaryly relased for the local root exploit that hacked Ubuntu during pwn2own competition

a better advisory will follow...


SRPM:
kernel-linus-4.4.59-1.mga5.src.rpm


i586:
kernel-linus-4.4.59-1.mga5-1-1.mga5.i586.rpm
kernel-linus-devel-4.4.59-1.mga5-1-1.mga5.i586.rpm
kernel-linus-devel-latest-4.4.59-1.mga5.i586.rpm
kernel-linus-doc-4.4.59-1.mga5.noarch.rpm
kernel-linus-latest-4.4.59-1.mga5.i586.rpm
kernel-linus-source-4.4.59-1.mga5-1-1.mga5.noarch.rpm
kernel-linus-source-latest-4.4.59-1.mga5.noarch.rpm


x86_64:
kernel-linus-4.4.59-1.mga5-1-1.mga5.x86_64.rpm
kernel-linus-devel-4.4.59-1.mga5-1-1.mga5.x86_64.rpm
kernel-linus-devel-latest-4.4.59-1.mga5.x86_64.rpm
kernel-linus-doc-4.4.59-1.mga5.noarch.rpm
kernel-linus-latest-4.4.59-1.mga5.x86_64.rpm
kernel-linus-source-4.4.59-1.mga5-1-1.mga5.noarch.rpm
kernel-linus-source-latest-4.4.59-1.mga5.noarch.rpm
Thomas Backlund 2017-03-31 07:20:33 CEST

Priority: Normal => High

Comment 1 Dave Hodgins 2017-03-31 08:13:45 CEST 
Validated update

Keywords: (none) => validated_update
Whiteboard: (none) => MGA5-64-OK MGA5-64-OK
CC: (none) => davidwhodgins, sysadmin-bugs

Dave Hodgins 2017-03-31 08:15:01 CEST

Whiteboard: MGA5-64-OK MGA5-64-OK => MGA5-64-OK MGA5-32-OK

Comment 2 Thomas Backlund 2017-03-31 22:12:54 CEST 
Advisory, also added to svn

type: security
subject: Updated kernel-linus packages fixes security vulnerability
CVE:
 - CVE-2017-7184
src:
  5:
   core:
     - kernel-linus-4.4.59-1.mga5
description: |
  This kernel-linus update is based on upstream 4.4.59 and fixes atleast
  the following security issue:

  The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux
  kernel through 4.10.6 does not validate certain size data after an
  XFRM_MSG_NEWAE update, which allows local users to obtain root privileges
  or cause a denial of service (heap-based out-of-bounds access) by
  leveraging the CAP_NET_ADMIN capability (CVE-2017-7184).

  For other upstream fixes in this update, see the referenced changelogs.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=20609
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.56
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.57
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.58
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.59

Whiteboard: MGA5-64-OK MGA5-32-OK => MGA5-64-OK MGA5-32-OK advisory

Comment 3 Mageia Robot 2017-03-31 22:28:53 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0099.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED