[security-announce] Kernel:net: Security update

Sona Sarmadi sona.sarmadi at enea.com
Thu Feb 12 10:35:18 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


		Enea Linux Security Advisory

=========================================================
Product/package: kernel (FSL kernel: 3.8.11)
Severity: Important
Issue date: 2015-02-12
CVE Names: CVE-2014-2851 ping: refcount issue in ping_init_sock()
Layer: meta-enea
=========================================================
A security patch that fixes a kernel vulnerability is now
available at http://linux.enea.com/4.0/patches:

README file:0035-PPC-kernel-net-ipv4-CVE-2014-2851.README
Patch file: 0035-PPC-kernel-net-ipv4-CVE-2014-2851.patch

Description
===========
Integer overflow in the ping_init_sock function in net/ipv4/ping.c
in the Linux kernel through 3.14.1 allows local users to cause a
denial of service (use-after-free and system crash) or possibly gain
privileges via a crafted application that leverages an improperly
managed reference counter.

Reference
==========
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2851

How to apply the patches
=======================
- - Preparation
Make sure that you have an installation of Enea Linux and have
applied the existing FSL kernel patches in the right order

wget http://linux.enea.com/4.0/Enea-Linux-4.0.tar.gz
tar zxf Enea-Linux-4.0.tar.gz
cd Enea-Linux-4.0/poky/
<Fetch and apply the existing patches >

- - Fetch and apply the new patch
cd Enea-Linux-4.0/poky/meta-enea
wget
http://linux.enea.com/4.0/patches/0035-PPC-kernel-net-ipv4-CVE-2014-2851.patch
patch -p1 < ./0035-PPC-kernel-net-ipv4-CVE-2014-2851.patch


If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com

This message, including attachments, is CONFIDENTIAL. It may also be
privileged or otherwise protected by law. If you received this email
by mistake please let us know by reply and then delete it from your
system; you should not copy it or disclose its contents to anyone.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJU3HPWAAoJEHc+9u9ocWoUhv0QAI37nyrJlD4CKKeREOmf2W4y
GXTMBmnIk1D6nL2wWnEOYqs4ahLWScK9nebsaeQejg4f8cVnPlOuYmtCpEUdK025
umHcTI0rWjoD4rG1PK1v4ZPluJIh0WmwvHbDS0rhuq+8A1+arAu7uhSJpcqhZc3Y
a0e7TQ4/jzSugnFJ/autcKObD7p9z55C7AdP5576WRbPzsDqklBd6EHbcPp6Vwis
gr5s8hPhjw1Pv8CNafbsum03gWthSg8Jcwp8i5ZiZ2K5uckkuArK2Fk0GpZZ4X09
TJ7YiaKVNzue9yhCbIduB2n6KaBzTYihr+bZ6db4qHTDo7719AD6Y5OfZoXZVwGK
eGlTfRvt+t67DN7PuGasjxg3vEivaBd9zhJYFoVf0vZDu1gkWHZ4/J8dBIST2Pp9
A3vufP6SAs3t4nlMnX4omXXKwJdAHen5KDmIQLF41qcJ7QDoywlS+lShhh6HmgXg
S6HHvtR2GZ6yC2YlNiE1DFMBgkElpXDGmcEnOJoU9KKSZYTgW3ZyfwbzbIUTKLz2
H63jb6t07CQ+qf0n50RU4rr3If8keVNWr/Yhr/iLx2hftFufh1JNnxrGo+nqBOqg
du3fKPRmwNRnyZKLQhJbAMRFs3YU1WFI8bVIjAYjfhg+0WpdPoybCIWkgtCgmgZg
LCJCE0pSfergmwbxalNL
=NrVn
-----END PGP SIGNATURE-----



More information about the security-announce mailing list