Bug 20608 - Update request: kernel-tmb-4.4.59-1.mga5
Summary: Update request: kernel-tmb-4.4.59-1.mga5
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 5
Hardware: All Linux
Priority: High critical
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA5-64-OK MGA5-32-OK advisory
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2017-03-31 07:20 CEST by Thomas Backlund
Modified: 2017-03-31 22:28 CEST (History)
2 users (show)

See Also:
Source RPM: kernel-tmb
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Thomas Backlund 2017-03-31 07:20:01 CEST 
Primaryly relased for the local root exploit that hacked Ubuntu during pwn2own competition

a better advisory will follow...


SRPM:
kernel-tmb-4.4.59-1.mga5.src.rpm


i586:
kernel-tmb-desktop-4.4.59-1.mga5-1-1.mga5.i586.rpm
kernel-tmb-desktop-devel-4.4.59-1.mga5-1-1.mga5.i586.rpm
kernel-tmb-desktop-devel-latest-4.4.59-1.mga5.i586.rpm
kernel-tmb-desktop-latest-4.4.59-1.mga5.i586.rpm
kernel-tmb-source-4.4.59-1.mga5-1-1.mga5.noarch.rpm
kernel-tmb-source-latest-4.4.59-1.mga5.noarch.rpm


x86_64:
kernel-tmb-desktop-4.4.59-1.mga5-1-1.mga5.x86_64.rpm
kernel-tmb-desktop-devel-4.4.59-1.mga5-1-1.mga5.x86_64.rpm
kernel-tmb-desktop-devel-latest-4.4.59-1.mga5.x86_64.rpm
kernel-tmb-desktop-latest-4.4.59-1.mga5.x86_64.rpm
kernel-tmb-source-4.4.59-1.mga5-1-1.mga5.noarch.rpm
kernel-tmb-source-latest-4.4.59-1.mga5.noarch.rpm
Thomas Backlund 2017-03-31 07:20:26 CEST

Priority: Normal => High

Comment 1 Dave Hodgins 2017-03-31 08:13:52 CEST 
Validating the update

Keywords: (none) => validated_update
Whiteboard: (none) => MGA5-64-OK MGA5-64-OK
CC: (none) => davidwhodgins, sysadmin-bugs

Dave Hodgins 2017-03-31 08:14:52 CEST

Whiteboard: MGA5-64-OK MGA5-64-OK => MGA5-64-OK MGA5-32-OK

Comment 2 Thomas Backlund 2017-03-31 22:12:42 CEST 
advisory, also added to svn

type: security
subject: Updated kernel-tmb packages fixes security vulnerability
CVE:
 - CVE-2017-7184
src:
  5:
   core:
     - kernel-tmb-4.4.59-1.mga5
description: |
  This kernel-tmb update is based on upstream 4.4.59 and fixes atleast
  the following security issue:

  The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux
  kernel through 4.10.6 does not validate certain size data after an
  XFRM_MSG_NEWAE update, which allows local users to obtain root privileges
  or cause a denial of service (heap-based out-of-bounds access) by
  leveraging the CAP_NET_ADMIN capability (CVE-2017-7184).

  For other upstream fixes in this update, see the referenced changelogs.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=20608
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.56
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.57
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.58
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.59

Whiteboard: MGA5-64-OK MGA5-32-OK => MGA5-64-OK MGA5-32-OK advisory

Comment 3 Mageia Robot 2017-03-31 22:28:52 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0098.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.