| Summary: | Update request: kernel-linus-4.9.50-1.mga6 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Thomas Backlund <tmb> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | critical | ||
| Priority: | Normal | CC: | davidwhodgins, lewyssmith, sysadmin-bugs |
| Version: | 6 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA6-64-OK MGA6-32-OK | ||
| Source RPM: | kernel-linus | CVE: | |
| Status comment: | |||
|
Description
Thomas Backlund
2017-09-14 19:58:20 CEST
Conflicts with kernel-firmware-nonfree ... kernel-linus-4.4.82-1.mga5-1-1.mga5.i586 (due to conflicts with kernel-firmware-nonfree[< 20170707-1]) kernel-linus-4.4.88-1.mga5-1-1.mga5.i586 (due to conflicts with kernel-firmware-nonfree[< 20170707-1]) Same with kernel-tmb CC:
(none) =>
davidwhodgins Tested on both real hardware, and under vb, both arches. Adding the OKs. Whiteboard:
(none) =>
MGA6-64-OK MGA6-32-OK Advisory: This kernel-linus update is based on upstream 4.9.50 and fixes atleast the following security issues: net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message (CVE-2017-11600). The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation (CVE-2017-12134 / XSA-229). The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel before 4.13.2 does not verify that a filesystem has a realtime device, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via vectors related to setting an RHINHERIT flag on a directory (CVE-2017-14340). The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 3.3-rc1 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space (CVE-2017-1000251). For other upstream fixes in this update, read the referenced changelogs. references: - https://bugs.mageia.org/show_bug.cgi?id=21710 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.44 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.45 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.46 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.47 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.48 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.49 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.50 Whiteboard:
MGA6-64-OK MGA6-32-OK =>
MGA6-64-OK MGA6-32-OK advisory M6/64 Just to confirm that: kernel-linus-4.9.50-1.mga6-1-1.mga6 $ uname -r 4.9.50-1.mga6 looks OK for me. CC:
(none) =>
lewyssmith
Dave Hodgins
2017-09-15 20:59:45 CEST
Keywords:
(none) =>
advisory, validated_update An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0344.html Status:
NEW =>
RESOLVED |