[security-announce] Security Update: linux-hierofalcon 4.1: CVE-2016-2383

Sona Sarmadi sona.sarmadi at enea.com
Thu Apr 7 09:06:37 CEST 2016


	Enea Linux Security Advisory

=========================================================
Product/package: kernel (linux-hierofalcon 4.1) /Enea Linux 5.0
Severity: Low
CVE Name: CVE-2016-2383
Layer: meta-hierofalcon
=========================================================

This update fixes incorrect branch fixups for eBPG. This flaw could
allow arbitrary read.

Description
===========
When ctx access is used, the kernel often needs to expand/rewrite
instructions, so after that patching, branch offsets have to be
adjusted for both forward and backward jumps in the new eBPF program,
but for backward jumps it fails to account the delta. Meaning, for
example, if the expansion happens exactly on the insn that sits at
the jump target, it doesn't fix up the back jump offset.

References:
===========
CVE assignement: http://seclists.org/oss-sec/2016/q1/333
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-2383

Reference to the upstream fix:
===============================
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=0f912f6700a3f14481c13cbda2b9cc1b636948ac

Correction for Enea Linux
=========================
http://git.enea.com/cgit/linux/meta-hierofalcon.git/patch/?id=36a40ded7cf283f89b6d0f30bd474f822f94359d

How to get the latest patches
=============================
- If you have already cloned needed repositories, update it to get new
security atches.

cd Enea-Linux-5.0/poky/meta-hierofalcon
git pull

- If you have not yet cloned needed repositories, do it as described
below. (Security patches are fetched implicitly when cloning the repos).

mkdir Enea-Linux-5.0
git -C Enea-Linux-5.0 clone -b dizzy git://git.enea.com/linux/poky.git
POKY=Enea-Linux-5.0/poky
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-enea.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-fsl-ppc.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/
meta-hierofalcon.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-linaro.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/
meta-openembedded.git
git -C $POKY clone -b dizzy
git://git.enea.com/linux/meta-virtualization.git
git -C $POKY/meta-enea clone -b dizzy
git://git.enea.com/linux/meta-enea/meta-vt.git

If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://mail.lists.enea.com/pipermail/security-announce/attachments/20160407/19ebdcb7/attachment.sig>


More information about the security-announce mailing list