[security-announce] Kernel (linux-hierofalcon 3.19): Security Update

Sona Sarmadi sona.sarmadi at enea.com
Wed Dec 23 09:58:55 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

	Enea Linux Security Advisory

=========================================================
Product/package: kernel (linux-hierofalcon 3.19)
Severity: Medium
CVE Names: CVE-2015-4177
Layer: meta-hierofalcon
=========================================================

This patch fixes a denial-of-service attack in the Linux kernel
(inux-hierofalcon 3.19).

Description
===========
A flaw was discovered in the kernel's collect_mounts function.
If the kernel's audit subsystem called collect_mounts to audit
an unmounted path, it could panic the system. With this flaw,
an unprivileged user could call umount(MNT_DETACH) to launch
a denial-of-service attack.

References:
===========
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-4177
http://seclists.org/oss-sec/2015/q2/640

Upstream/original fix:
======================
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=0de0e610f6b359c52d4f8b02bac2963f4968c9d6

Correction for Enea Linux
=========================
http://git.enea.com/cgit/linux/meta-hierofalcon.git/patch/?id=4b78021ae9
78a0639b5b4bb7c877d4a66b9b43f2

How to get the latest patches
=============================
 - If you have already cloned meta-enea, update it to get new security
patches.

cd Enea-Linux-5.0/poky/meta-hierofalcon
git pull

 - If you have not yet cloned needed repositories, do it as described
below. (Security patches are fetched implicitly when cloning the repos).

mkdir Enea-Linux-5.0
git -C Enea-Linux-5.0 clone -b dizzy git://git.enea.com/linux/poky.git
POKY=Enea-Linux-5.0/poky
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-enea.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-
hierofalcon.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-linaro.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-
openembedded.git
git -C $POKY clone -b
dizzygit://git.enea.com/linux/meta-virtualization.git
git -C $POKY/meta-enea clone -b dizzy
git://git.enea.com/linux/meta-enea/meta-vt.git


If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWemJOAAoJEHc+9u9ocWoU5BQQAJBW6tA+2lS/j5mjFfIEWgPD
/4pLq/3bP0KZMpHkqu4PirP1+SVURpcmc7u8SQp0dhfB5WzZYX8pq0c6FGK7smnQ
KJ/GBL4fKRSMmniLvPNPFr7ESYD9aFlYFtGhl60lxkG7H23jK8ouJRUg4YvrGZap
250OanF6hluGsGscVGateZ/K09xSl/R7eLqvGg6HNLZm6QxTe3Upt+jyyP3d+nEF
9/zUrXUBd8eVbCFV16TITwVMDe95Safy4VpAJ8Ctq2IWE+PQIwTd9FnLrcQKLeWz
GZEugZqR5cCo0LLwwZeHokDnIsqXNOl1ocGYD3UdtRSaRDX82n2wiwzLI7ZUVhth
zUCH1IC7qX5x8tf4pMyysG58lHVddC8oMvj829hCBx+G4vP/+7VIky8ARPXuwWR4
ptp6DVxPbEeW6fdCZ5JM6lUyQ0G35JKIZyvdBNi0dTSZpf5BDQ6kUqktztR3jh3X
pQYzmQ7vjHElPyE0usCMAW9hSHJzwbudKn6XJa4I6ejLi9UpuXbYIhz7daDHmT9G
gD7wbTaazVyG5V5sMJqtHQGajRtUjFiGPBwKejlWwYtbHJ5UhvbB3Sx/FqSO24Ug
HIP2o6By/SSVgw4YwUT5cbYztJXvfl3ENIAtjOpUQtCmnQpGHDI8KBWejLviJ3Gz
HzbSlofX5+jq1bSd04iX
=zrd2
-----END PGP SIGNATURE-----



More information about the security-announce mailing list