[security-announce] Kernel (linux-hierofalcon 3.19): Security Update

Sona Sarmadi sona.sarmadi at enea.com
Thu Dec 10 12:52:52 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

		Enea Linux Security Advisory

=========================================================
Product/package: kernel (linux-hierofalcon 3.19)
Severity: Medium
CVE Names: CVE-2015-3339
Layer: meta-hierofalcon
=========================================================

This security update fixes race condition between chown() and
execve() system calls in the linux-hierofalcon 3.19 (backported
from stable v3.18.24 kernel.org).


Description
===========
Race condition in the prepare_binprm function in fs/exec.c
in the Linux kernel before 3.19.6 allows local users to gain
privileges by executing a setuid program at a time instant
when a chown to root is in progress, and the ownership is
changed but the setuid bit is not yet stripped.

References:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3339
http://seclists.org/oss-sec/2015/q2/216


Upstream/original fix:
======================
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/pat
ch/?id=7f1a6ae73b5c2d24b21d9a27928ceacef3a9a939

Correction for Enea Linux
=========================
http://git.enea.com/cgit/linux/meta-hierofalcon.git/patch/?id=08b46ce9e3
3c472ae04a8f1ec6ad1601594797f7

How to get the latest patches
=============================
 - If you have already cloned meta-enea, update it to get new security
patches.

cd Enea-Linux-5.0/poky/meta-hierofalcon
git pull

 - If you have not yet cloned needed repositories, do it as described
below. (Security patches are fetched implicitly when cloning the repos).

mkdir Enea-Linux-5.0
git -C Enea-Linux-5.0 clone -b dizzy git://git.enea.com/linux/poky.git
POKY=Enea-Linux-5.0/poky
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-enea.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/\
meta-hierofalcon.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-linaro.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/\
meta-openembedded.git
git -C $POKY clone -b dizzy
git://git.enea.com/linux/meta-virtualization.git
git -C $POKY/meta-enea clone -b dizzy
git://git.enea.com/linux/meta-enea/meta-vt.git


If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWaWeTAAoJEHc+9u9ocWoUT6sP+gK4wHA7NMieyCF+dhJIP8K7
+Z435e9/8MxzGRJO4sgyRI7oc8o9BT0LIDCMf+vhWepQb2oX5peZ29GphEw/1jX4
ZRzDtjbT4r+1uIJlPGuCiI1j/0esXO24EI7d6hjuZSaYcZ3Vqd2QxfbabPX62OxD
XvintxA+ZqQ/qkHK/a6Nm9dccxaPc0cgw9XeV99pm6i/4A9HAd/fxJHsArr96IAX
Hixpbwyj2xSxHWnKZ8vKfVSnvMlnqR/rU7+p+y+MUTj4dBVUg4VQ5USTesfYsPS3
Ve2UZzgzA0PZ5vcjl+91r8TWslNfscrGItyM25slTYp1ycwFuc3RRYNRqa5DLkF8
CQE73s8R79bR2tfVrQfZe+331ykCMa79ZJ3VgXjEGvFkdoOnArgBy64h36iSR5km
JnjzJvzX08BNMaWQ3B72qLEZLqliAYXlb0YoCp/CdCnz/K10rdhxkQ4e0mr32Xca
XEr2zkGAYW8WFmBN4HZj+O3JoclRdI7343Xiq+ESwpkbO0QZBWn9ZiGiC1tPDhvF
+H7D3j28rMi4db+QkthcdN7tlMt7LkI7RzIAf0rkLD1R+8npOsn6ayiHVRs4Qs+O
cjN6peogZoTV7J6JTVJ/GPcYaSaiVOVe8XMHm7IbivGYIVjnwTkKSh55oe9hpVSw
bieI7yhE1o2ZCocdwTjy
=mlRG
-----END PGP SIGNATURE-----



More information about the security-announce mailing list