Advisory: This updates kernel-vserver to upstream stable 3.4.34. It also fixes the following security issues: An unprivileged user can send a netlink message resulting in an out-of-bounds access of the sock_diag_handlers[] array which, in turn, allows userland to take over control while in kernel mode. (CVE-2013-1763). Linux kernel is prone to a local privilege-escalation vulnerability due to a tmpfs use-after-free error. Local attackers can exploit the issue to execute arbitrary code with kernel privileges or to crash the kernel, effectively denying service to legitimate users (CVE-2013-1767). Linux kernel built with Edgeport USB serial converter driver io_ti, is vulnerable to a NULL pointer dereference flaw. It happens if the device is disconnected while corresponding /dev/ttyUSB? file is in use. An unprivileged user could use this flaw to crash the system, resulting DoS (CVE-2013-1774). References: ----------- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1763 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1767 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1774 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.34 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.33 i586: ----- kernel-vserver-3.4.34-1.mga2-1-1.mga2.i586.rpm kernel-vserver-devel-3.4.34-1.mga2-1-1.mga2.i586.rpm kernel-vserver-devel-latest-3.4.34-1.mga2.i586.rpm kernel-vserver-doc-3.4.34-1.mga2.noarch.rpm kernel-vserver-latest-3.4.34-1.mga2.i586.rpm kernel-vserver-source-3.4.34-1.mga2-1-1.mga2.noarch.rpm kernel-vserver-source-latest-3.4.34-1.mga2.noarch.rpm x86_64: ------- kernel-vserver-3.4.34-1.mga2-1-1.mga2.x86_64.rpm kernel-vserver-devel-3.4.34-1.mga2-1-1.mga2.x86_64.rpm kernel-vserver-devel-latest-3.4.34-1.mga2.x86_64.rpm kernel-vserver-doc-3.4.34-1.mga2.noarch.rpm kernel-vserver-latest-3.4.34-1.mga2.x86_64.rpm kernel-vserver-source-3.4.34-1.mga2-1-1.mga2.noarch.rpm kernel-vserver-source-latest-3.4.34-1.mga2.noarch.rpm SRPMS: ------ kernel-vserver-3.4.34-1.mga2.src.rpm Reproducible: Steps to Reproduce:
Priority: Normal => High
PoC: http://www.securityfocus.com/bid/58137/exploit
Testing complete on Mageia 2 i586. The poc doesn't work on i586, so just testing that the updating works properly, etc. As expected, dkms generated modules still fail to load with errors such as ... ERROR: could not insert 'fglrx': Exec format error insmod /lib/modules/3.4.34-vserver-1.mga2/dkms/drivers/char/drm/fglrx.ko.xz Other then that, it's working ok. Claire, have you tested the vserver kernel on x86_64?
CC: (none) => davidwhodgins
Testing complete on Mageia 2 x86_64. Could someone from the sysadmin team push the kernel-vserver-3.4.34-1.mga2 srpms from updates testing to updates. See description for list of srpms and advisory.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsWhiteboard: (none) => MGA2-64-OK MGA2-32-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0082
Status: NEW => RESOLVEDResolution: (none) => FIXED