diff options
author | Ben Hutchings <benh@debian.org> | 2017-02-22 16:31:24 +0000 |
---|---|---|
committer | Ben Hutchings <benh@debian.org> | 2017-02-22 16:31:24 +0000 |
commit | 31cdf984c31ba58cf54eaa10b4984612c1775852 (patch) | |
tree | 4083af9f701a3a5c9fabe083314a9d6fbebadb22 /dsa-texts/3.16.39-1+deb8u1 | |
parent | 4c4dab8de46147e7b21303886087476766c6dd40 (diff) |
Add mitigations for issues fixed in 3.16.39-1+deb8u1
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@4996 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'dsa-texts/3.16.39-1+deb8u1')
-rw-r--r-- | dsa-texts/3.16.39-1+deb8u1 | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/dsa-texts/3.16.39-1+deb8u1 b/dsa-texts/3.16.39-1+deb8u1 index a6afb7c1..741eafb1 100644 --- a/dsa-texts/3.16.39-1+deb8u1 +++ b/dsa-texts/3.16.39-1+deb8u1 @@ -12,7 +12,9 @@ CVE-2016-6786 / CVE-2016-6787 It was discovered that the performance events subsystem does not properly manage locks during certain migrations, allowing a local - attacker to escalate privileges. + attacker to escalate privileges. This can be mitigated by + disabling unprivileged use of performance events: + sysctl kernel.perf_event_paranoid=3 CVE-2016-8405 @@ -85,13 +87,16 @@ CVE-2017-6001 Di Shen discovered a race condition between concurrent calls to the performance events subsystem, allowing a local attacker to escalate privileges. This flaw exists because of an incomplete fix - of CVE-2016-6786. + of CVE-2016-6786. This can be mitigated by disabling unprivileged + use of performance events: sysctl kernel.perf_event_paranoid=3 CVE-2017-6074 Andrey Konovalov discovered a use-after-free vulnerability in the DCCP networking code, which could result in denial of service or - local privilege escalation. + local privilege escalation. On systems that do not already have + the dccp module loaded, this can be mitigated by disabling it: + echo >> /etc/modprobe.d/disable-dccp.conf install dccp false For the stable distribution (jessie), these problems have been fixed in version 3.16.39-1+deb8u1. |