[security-announce] Kernel:mm/shmem: Security update

Sona Sarmadi sona.sarmadi at enea.com
Tue Feb 17 08:15:15 CET 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

		Enea Linux Security Advisory

=========================================================
Product/package: kernel (FSL kernel: 3.8.11)
Severity: Moderate
Issue date: 2015-02-17
CVE Name: CVE-2014-4171  denial of service
Layer: meta-enea
=========================================================

A security patch that fixes a denial of service flaw in the
Linux kernel built with the shared memory support is now
available at http://linux.enea.com/4.0/patches:

README file: 0038-PPC-mm-shmem-CVE-2014-4171.README
Patch file:  0038-PPC-mm-shmem-CVE-2014-4171.patch

Description
===========
mm/shmem.c in the Linux kernel through 3.15.1 does not
properly implement the interaction between range notification
and hole punching, which allows local users to cause a denial
of service (i_mutex hold) by using the mmap system call to
access a hole, as demonstrated by interfering with intended
shmem activity by blocking completion of (1) an MADV_REMOVE
madvise call or (2) an FALLOC_FL_PUNCH_HOLE fallocate call.

References
==========
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4171

How to apply the patches
=======================
- - Preparation
Make sure that you have an installation of Enea Linux and have
applied the existing FSL kernel patches in the right order

wget http://linux.enea.com/4.0/Enea-Linux-4.0.tar.gz
tar zxf Enea-Linux-4.0.tar.gz
cd Enea-Linux-4.0/poky/
<Fetch and apply the existing patches >

- - Fetch and apply the new patch
cd Enea-Linux-4.0/poky/meta-enea
wget
http://linux.enea.com/4.0/patches/0038-PPC-mm-shmem-CVE-2014-4171.patch
patch -p1 < ./0038-PPC-mm-shmem-CVE-2014-4171.patch

If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com

This message, including attachments, is CONFIDENTIAL. It may also be
privileged or otherwise protected by law. If you received this email
by mistake please let us know by reply and then delete it from your
system; you should not copy it or disclose its contents to anyone.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJU4uqCAAoJEHc+9u9ocWoUmO0P/iJNGNLXencWmQp0BrMX4sLZ
Y9+fGPvXWBGGE92v+bIlZFRlA+tw/vy+vxYVqqd3ot1YkIpHahshxmmB6Kt40bGU
w0JWKgeGBxVctuCugawWeQ4vjRRfNy5gLupcTs23VCiGkKSsSuECRIB43+ZUNosB
8TfbO/0OzODgVLOJkjpbWwefuOTbb7OQuQNa/UzTGrDhFepuXP6Glextb/HFwtkD
os+ROePFut9e6skiJqUWj2nqKa1ky5+d6dAw3w/FdWBbS6NxSDTVr6HrG7M0lfqA
+F9l7GCUn6iCbarwv3iw+9qbX8VJsJ2GTD6EJFzBOW3eDfgRMphISXHtn+ZBFLhj
4f5l0A8StYy+52HY6GivWN7LVsN56qynKPFWEq0EldtXictvzg7gtjCIRUWLjDoQ
TMbNDtI/xl89XwVa6hrspTIeeqPumkcBmHS6uz62l792DJUScdaadQ7Qj/kwujfA
XFfygm5mYa+NJbC2k3j2y3YtSDAdhz85IkEDGJaLpbOQ0VE0PseX5SIiCoKGAVyp
MAxS+O1BgaP3h5eQyw/3s0d1QvwaIdnKymz2K5WdxsUGShO3S0vSSXNPg0DQ7a+j
su/lHr2tEquwAvezQxVKpUHVXrKae9Uay36JA6o3X0eweKzcrpNKxgZ6TClViZvp
zRZVGioYZ/ZBBjQWzclj
=YuED
-----END PGP SIGNATURE-----



More information about the security-announce mailing list