[security-announce] Kernel (linux-hierofalcon 3.19): Security Update

Sona Sarmadi sona.sarmadi at enea.com
Wed Dec 23 10:00:08 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

	Enea Linux Security Advisory

=========================================================
Product/package: kernel (linux-hierofalcon 3.19)
Severity: Medium
CVE Names: CVE-2015-4178
Layer: meta-hierofalcon
=========================================================

This patch fixes a denial-of-service attack in the Linux kernel
(inux-hierofalcon 3.19).

Description
===========
A flaw was found in the Linux kernel which is related to
the user namespace lazily unmounting file systems. The
fs_pin struct has two members (m_list and s_list) which
are usually initialized on use in the pin_insert_group
function. However, these members might go unmodified; in
this case, the system panics when it attempts to destroy
or free them. This flaw could be used to launch a
denial-of-service attack.

References:
===========
http://seclists.org/oss-sec/2015/q2/640
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-4178

Upstream/original fix:
======================
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-
stable.git/patch/?id=11bf6b1ea65f1580477827831d05711e5b87ac7b

Correction for Enea Linux
=========================
http://git.enea.com/cgit/linux/meta-hierofalcon.git/patch/?id=172827599c
fe85e9df117b794ce5b935303fa96e


How to get the latest patches
=============================
- - If you have already cloned meta-enea, update it to get new security
patches.

cd Enea-Linux-5.0/poky/meta-hierofalcon
git pull

- - If you have not yet cloned needed repositories, do it as described
below. (Security patches are fetched implicitly when cloning the repos).

mkdir Enea-Linux-5.0
git -C Enea-Linux-5.0 clone -b dizzy git://git.enea.com/linux/poky.git
POKY=Enea-Linux-5.0/poky
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-enea.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-
hierofalcon.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-linaro.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-
openembedded.git
git -C $POKY clone -b
dizzygit://git.enea.com/linux/meta-virtualization.git
git -C $POKY/meta-enea clone -b dizzy
git://git.enea.com/linux/meta-enea/meta-vt.git


If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWemKYAAoJEHc+9u9ocWoUUa4QAJY/2AvMYtwHwxE6rSQCuTyx
k30l8kq7eG1H6H6UXNV6iWwuKElI2wqm1cu5Z2r3kiG6UK8p3jmsdnWkKOlX69MA
plRpXZAv0UxME120Il3lX4Nrlk3sIxzrdigD1ljOs6vD0u5uMF6XHdG+9PlPyonw
emxGDQcRo13Td0vDQHTYho8KJJW0F1ueLJz/T7aP7niHgc26RFVX3gDeRRm+LglL
t+um+PHatoUXrG2c0YOdUT2HDB2T0wl1MbPEE7RMbzu6jLHzXPBny4qhOsJSC4pz
x8I87SW54ytJipOeDYHlfMBpCScSeXyEp0pXeyEt8ChU3qHOKUIRawZ1TurHJv7v
ckKtoIyB/tlboEfywxidvcYFCcTit1cXmrMeUPPN5KXh8bSU0gIQrcz2oKHM71f2
J9Z2iXZMZz21XuNgqzVz1GVmCq+JqCn5xwzFWgdrED5Fb9vggmiqR9vnOBR88ikw
nRUHha0e4Sy9TqycF1/BdKd4utudQXelLr8icTV2JUziGEf00SVRdr+88I9ghT8H
Uh+KbovfOMHeEcJh0o346wmxOYvN40eVHOKlibPsPGe6+GeD33lUmPK0Z0ngPmZG
5YLdn61yMb+NxvspI+frqAwDEO3eUhfjgwbXQkQPAujaybEAjrOkyRH9AJaDBBnn
Qz6kTVnUSABbcCREJgkE
=O61/
-----END PGP SIGNATURE-----



More information about the security-announce mailing list