diff options
| author | Ben Hutchings <benh@debian.org> | 2017-03-08 15:28:00 +0000 |
|---|---|---|
| committer | Ben Hutchings <benh@debian.org> | 2017-03-08 15:28:00 +0000 |
| commit | 5354e208cc22167ae818e062a2068229e2176bc4 (patch) | |
| tree | 27f2440eff3148af8cb0f012066d2606f8a3589c /dsa-texts/3.16.39-1+deb8u2 | |
| parent | 735474feccdcfd478492646a8a4bbb6ae8b82cdd (diff) | |
Fill in advisory text for most issues fixed in 3.16.39-1+deb8u2
git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@5060 e094ebfe-e918-0410-adfb-c712417f3574
Diffstat (limited to 'dsa-texts/3.16.39-1+deb8u2')
| -rw-r--r-- | dsa-texts/3.16.39-1+deb8u2 | 37 |
1 files changed, 36 insertions, 1 deletions
diff --git a/dsa-texts/3.16.39-1+deb8u2 b/dsa-texts/3.16.39-1+deb8u2 index 427fac13..8d403dc9 100644 --- a/dsa-texts/3.16.39-1+deb8u2 +++ b/dsa-texts/3.16.39-1+deb8u2 @@ -25,12 +25,47 @@ CVE-2017-2636 echo >> /etc/modprobe.d/disable-n_hdlc.conf install n_hdlc false CVE-2017-5669 + + Gareth Evans reported that privileged users can map memory at + address 0 through the shmat() system call. This could make it + easier to exploit other kernel security vulnerabilities via a + set-UID program. + CVE-2017-5986 + + Alexander Popov reported a race condition in the SCTP + implementation that can be used by local users to cause a + denial-of-service (crash). The initial fix for this was incorrect + and introduced further security issues (CVE-2017-6353). This + update includes a later fix that avoids those. On systems that do + not already have the sctp module loaded, this can be mitigated by + disabling it: + echo >> /etc/modprobe.d/disable-sctp.conf install sctp false + CVE-2017-6214 + + Dmitry Vyukov reported a bug in the TCP implementation's handling + of urgent data in the splice() system call. This can be used by a + remote attacker for denial-of-service (hang) against applications + that read from TCP sockets with splice(). + CVE-2017-6345 + + Andrey Konovalov reported that the LLC type 2 implementation + incorrectly assigns socket buffer ownership. This can be used + by a local user to cause a denial-of-service (crash). On systems + that do not already have the llc2 module loaded, this can be + mitigated by disabling it: + echo >> /etc/modprobe.d/disable-llc2.conf install llc2 false + CVE-2017-6346 + + Dmitry Vyukov reported a race condition in the raw packet (af_packet) + fanout feature. Local users with the CAP_NET_RAW capability (in any + user namespace) can use this for denial-of-service and possibly for + privilege escalation. + CVE-2017-6348 -CVE-2017-6353 For the stable distribution (jessie), these problems have been fixed in version 3.16.39-1+deb8u2. |