[security-announce] Kernel: Security update

Sona Sarmadi sona.sarmadi at enea.com
Thu Jul 2 18:59:40 CEST 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

	Enea Linux Security Advisory

=========================================================
Product/package: kernel (x86/romley-ivb: 3.10.38)
Severity: Important
CVE Names: CVE-2015-3331
Layer: meta-enea
=========================================================

This security update fixes buffer overruns in RFC4106 implementation
using AESNI.

The patch and README files are gpg signed by ESRT (Enea Security
Response Team) for verification of origin.
To verify the integrity of patches download the ESRT public Key from:
https://pgp.mit.edu/pks/lookup?op=vindex&search=0x773EF6EF68716A14

For detailed info refer to https://linux.enea.com/4.0/patches/README.asc

Signed patch and README files
================================
0085-x86-Kernel-crypto-CVE-2015-3331.README.asc
0085-x86-Kernel-crypto-CVE-2015-3331.patch.asc

Description
===========
The __driver_rfc4106_decrypt function in
arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3
does not properly determine the memory locations used for encrypted
data, which allows context-dependent attackers to cause a denial of
service (buffer overflow and system crash) or possibly execute
arbitrary code by triggering a crypto API call, as demonstrated by
use of a libkcapi test program with an AF_ALG(aead) socket.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3331
http://www.openwall.com/lists/oss-security/2015/04/18/1
https://software.intel.com/en-us/articles/intel-advanced-encryption-stan
dard-instructions-aes-ni

How to apply the patches
=======================
 - Preparation
Make sure that you have an installation of Enea Linux and have
applied the existing FSL kernel patches in the right order

wget https://linux.enea.com/4.0/Enea-Linux-4.0.tar.gz
tar zxf Enea-Linux-4.0.tar.gz
cd Enea-Linux-4.0/poky/
<Fetch and apply the existing patches >

 - Fetch and apply the new patch
cd Enea-Linux-4.0/poky/meta-enea
wget
https://linux.enea.com/4.0/patches/0085-x86-Kernel-crypto-CVE-2015-3331.
patch.asc
patch -p1 < ./0085-x86-Kernel-crypto-CVE-2015-3331.patch.asc

If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJVlW38AAoJEHc+9u9ocWoU8MwP/3EgfHYwskNX6cKrz9LJ6tQv
MyjxTfuVDI6BjMQ+fVknFKYg/Yax1J3e5cp/+5hiq9ackqWMTQcT+JM8FPzEJATE
sqqxw/qpIT26O3sXN6JzJ9vIJkeXW/1c8RtqoeDtH2FSogQp1HDZiBBGR7AiELNp
Pd/m1c3qXDvsUTyPp4yAr5iuGypmoNaeM0CaxSTtaQu5lh9x8fwZpekSLn3mwJ3N
VuMI768Lpt49FY0w7DqKiteo35DyliuoIn5CATyO+ThKSrsh56DV87CjMZcmIDyN
+FJL/ZedZTFOCpTjCRuiEroISAyP3i1pytnjM13v56biy95iDz409302lsATTgE2
ub3P5jOSC6L4Asd6bx3zS5fM/dxqLxJtr7/m9mgk4YAvbfLcX3onUmhev4z7tK6x
3CsPiVcw7VcPIm00USvjqNPSKptXwF/aqoG2alsMpyScw+Z8ZerWqB9WHyHwSYLR
cmKL0P2ZpB7SGBxDQmo1GUjk3dTdnO3sf/x/xpemxOBlFGz0dGjyaYa1H2lfU3bu
yOB8JLcsOHwzLBiiJHgkyvADxiXmUFx39iNH4bqwv5T39tdOxo0Q3+Zly0Y3MtHa
LLEC0gl6MV+COsx95k2f9qsHOexUYF4MsDuKKUA2p00kCjHynMt36+0Ij5n7AwOP
69bZw1O3s+bR7fo2euDp
=j6XY
-----END PGP SIGNATURE-----



More information about the security-announce mailing list