[security-announce] Kernel (linux-yocto 3.14): Security Update

Sona Sarmadi sona.sarmadi at enea.com
Wed Dec 30 08:53:59 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

	Enea Linux Security Advisory

=========================================================
Product/package: kernel (linux-yocto 3.14)
Severity: Medium
CVE Name: CVE-2015-5707
Layer: meta-enea
=========================================================

This patch fixes a bug in the scsi block request handling code in
function start_req(). Specially crafted IOV requests could be created
which could overflow a counter used in the calculation of total number
of pages in bio_map_user_iov(). This can result in writing past the
end of the pages array containing pointers to kernel pages.

Description
===========
Integer overflow in the sg_start_req function in drivers/scsi/sg.c in
the Linux kernel 2.6.x through 4.x before 4.1 allows local users to
cause a denial of service or possibly have unspecified other impact
via a large iov_count value in a write request.

References:
===========
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5707
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5707
http://www.openwall.com/lists/oss-security/2015/08/01/6

Upstream/original fix:
======================
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/pat
ch/?id=08ac1787579cb8bd9e7333836269e76801905597

Correction for Enea Linux
=========================
http://git.enea.com/cgit/linux/meta-enea.git/patch/?id=fe643677a69c0d3d2
84be6d08bf200817468ecec

How to get the latest patches
=============================
- - If you have already cloned meta-enea, update it to get new security
patches.

cd Enea-Linux-5.0/poky/meta-enea
git pull

- - If you have not yet cloned needed repositories, do it as described
below. (Security patches are fetched implicitly when cloning the repos).

mkdir Enea-Linux-5.0
git -C Enea-Linux-5.0 clone -b dizzy git://git.enea.com/linux/poky.git
POKY=Enea-Linux-5.0/poky
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-enea.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/\
meta-hierofalcon.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-linaro.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/\
meta-openembedded.git
git -C $POKY clone -b dizzy
git://git.enea.com/linux/meta-virtualization.git
git -C $POKY/meta-enea clone -b dizzy
git://git.enea.com/linux/meta-enea/meta-vt.git


If you have any questions regarding the security patches and security
updates please contact security at enea.com.


Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWg42XAAoJEHc+9u9ocWoU0mIP/1E9QIsGXOCQa5NMpPvGH0ms
tARlbVIx3d68neyuzJxbe8I41zkWjnA06W5eP4MY8iTWxV7e+hLtpDR3RG8EVwpy
LvjsaXXe2cKlztlhFLP9n6/bP2LNzJY2akvouf5qAB+6Ib6cwHNiqw2h+4bjHnHr
CKvQXoE4HgH5UJ6hxUUmBOZZyUbhvN8eqblLyYwP0TFftzayG+lHP162cq4o5VwH
AncJ9lNHftlXYio7Mpi4NPHpEymH1L+nCIrTscVEn5xyz/F6MeY56etDUDJHXUOJ
XogcuKJGiKcv56aqSmcx5pXvy+hv4/EA62uEV45j1EIG7jFZssPRBIDdVfw1GGrx
ZI9AKKlMkBtxyys4I7krLNup1JUjtOuYTq81ahykGv/D7WsbCddmmzxESG7s/tIR
GNF/D65M5nZanCHC53cgMtLZ3jihcA9C3vG231gPWxxjOljfGW32E7mI5BaSK4TS
3e3iGVKHp9VW/CldqRqyHjgsWGq2/og095004W3IeaMKgwN8EdU7KXJt7K8C/ExN
W71j7X/7hk0zSqobVCVCylZkHOog4MYkkIpMzvPYhjwdIa+bApZfeDS1Hw92AwL3
uNfZjz1KCwVkeXUJEVUs70OOPibDHIaP6H9GWDj3/WJ9LkPubtry2Ou0fYugRdJ7
E43utMmDE/tApEjXhXjK
=aMq2
-----END PGP SIGNATURE-----



More information about the security-announce mailing list