[security-announce] Kernel (linux-hierofalcon-4.1 & linux-hierofalcon 3.19): Security Update

Sona Sarmadi sona.sarmadi at enea.com
Wed Dec 30 14:58:37 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

	Enea Linux Security Advisory

=========================================================
Product/package: (linux-hierofalcon-4.1 & linux-hierofalcon 3.19)
Severity: Low
CVE Name: CVE-2015-6252 vhost fd leak in ioctl VHOST_SET_LOG_FD
Layer: meta-hierofalcon
=========================================================
This patch fixes a flaw in the Linux kernel's vhost driver.
A privileged local user with access to the /dev/vhost-net
files could use this flaw to create a denial-of-service attack.


Description
===========
The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux
kernel before 4.1.5 allows local users to cause a denial of service
(memory consumption) via a VHOST_SET_LOG_FD ioctl call that triggers
permanent file-descriptor allocation.

References:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6252
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-6252
http://www.openwall.com/lists/oss-security/2015/08/18/3

Upstream/original fix:
======================
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/pat
ch/?id=7932c0bd7740f4cd2aa168d3ce0199e7af7d72d5

Correction for Enea Linux
=========================
http://git.enea.com/cgit/linux/meta-hierofalcon.git/patch/?id=037538df55
21a1a963b30fa01e9ac854a0ee431b

How to get the latest patches
=============================
- - If you have already cloned meta-enea, update it to get new security
patches.

cd Enea-Linux-5.0/poky/meta-hierofalcon
git pull

- - If you have not yet cloned needed repositories, do it as described
below. (Security patches are fetched implicitly when cloning the repos).

mkdir Enea-Linux-5.0
git -C Enea-Linux-5.0 clone -b dizzy git://git.enea.com/linux/poky.git
POKY=Enea-Linux-5.0/poky
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-enea.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/\
meta-hierofalcon.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-linaro.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/\
meta-openembedded.git
git -C $POKY clone -b dizzy
git://git.enea.com/linux/meta-virtualization.git
git -C $POKY/meta-enea clone -b dizzy
git://git.enea.com/linux/meta-enea/meta-vt.git


If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWg+MNAAoJEHc+9u9ocWoUaYYP/j2qxCece6hYudmHoCdJTlOv
PiVT8Dm8Zy9Ejzv7eNPA4iU7Wvn5a3wxclMafYzi6w9vH+TPZxuipeKjSEjx7J0j
iw0E9xNtwPal0ZSwGPxdSvvjvdNf/uNze7+lM08xWUIgao6YL8VQ+7AhwpiT58XP
QYkSzxRZ5uHazjegs46IGbgvsvA5XFfiITfmjEBeNlXtHvBEIhc6PXW64hbbEl3V
0KzErzVEMuxfYfRzrI4My09LfW3d5roI9i5kCyixt17ZQVC+J5tUiBx7de1qHlnq
63qyeY1tyYLStFtPVaD2GoRVZOywSa11CepPOB5+nHGGg0Stp7Rw63n5vyfRBamE
efMeJy9+2oBddTU2wPI8sFk/aWeJ1PD30yUtCOGUDcA23MrPj2E2Ta4MFSejA0Q0
zoqVzyE+BYoQkYcd4gtfAtVhXrma/VRdauGV1HHNqM2DBRyoFCmfIQUjBkirGz55
93/eSP1iS8skufCACWsfaqNQzihmZvqnO7ITXeZNh3Hpj/+VShfdxiv2R4vHqTTf
/q0Bn9edvV3nCDpp0WDiml2gNK4t/v+WhUTB6+VbxAs29aZWyUqdu/OvvuAmr50K
kzua0E76DDtviXIryLaOnnOZFEu47k/07h5IEQY84vojMNJ2przVtTNUZwKcutUF
2AefCWo+oYGDhnO0pqZZ
=maKK
-----END PGP SIGNATURE-----



More information about the security-announce mailing list