[security-announce] Security Update (CVE-2014-4656, CVE-2014-3153, CVE-2014-4027) : Kernel (linux-qoriq 3.1)

Sona Sarmadi sona.sarmadi at enea.com
Tue Feb 9 10:50:12 CET 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

		Enea Linux Security Advisory

=========================================================
Product/package: kernel (linux-qoriq 3.12)
Severity: Medium, High, Low
CVE Name: CVE-2014-4656 (Medium), CVE-2014-3153 (High),
CVE-2014-4027 (Low)
Layer: meta-fsl-ppc
=========================================================

This update fixes several vulnerabilities in the  Freescale kernel
version 3.12:

ALSA: CVE-2014-4656: Handle numid overflow, Make sure that id->index
does not overflow
futex: CVE-2014-3153: Prevent requeue pi on same futex
target: CVE-2014-4027: Explicitly clear ramdisk_mcp backend pages

Description
===========
ALSA: CVE-2014-4656
Multiple integer overflows in sound/core/control.c in the ALSA control
implementation in the Linux kernel before 3.15.2 allow local users to
cause a denial of service by leveraging /dev/snd/controlCX access,
related to (1) index values in the snd_ctl_add function and (2) numid
values in the snd_ctl_remove_numid_conflict function.


futex: CVE-2014-3153
The futex_requeue function in kernel/futex.c in the Linux kernel
through 3.14.5 does not ensure that calls have two different futex
addresses, which allows local users to gain privileges via a crafted
FUTEX_REQUEUE command that facilitates unsafe waiter modification.

target: CVE-2014-4027
The rd_build_device_space function in drivers/target/target_core_rd.c
in the Linux kernel before 3.14 does not properly initialize a certain
data structure, which allows local users to obtain sensitive
information from ramdisk_mcp memory by leveraging access to a SCSI
initiator.

References:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4656
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4027

http://www.openwall.com/lists/oss-security/2014/06/05/22
http://www.openwall.com/lists/oss-security/2014/06/26/6

Reference to the upstream fixes:
===============================
CVE-2014-4656:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/com
mit/?id=7ee7663da07717a1b31ce60d2ebf12d2058ee975

CVE-2014-3153:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/com
mit/?id=b9103e5f3a197aec4ec3d78fd5ff2bb74a496b42

CVE-2014-4027:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
commit/?id=186f32e2096c7d9cd9106b8dedd79c596f4c8398


Correction for Enea Linux
=========================
ALSA: CVE-2014-4656:
http://git.enea.com/cgit/linux/meta-fsl-ppc.git/patch/?id=5182caec0d69dc
1a390c786f52a96a9f79e5ea11

futex: CVE-2014-3153:
http://git.enea.com/cgit/linux/meta-fsl-ppc.git/patch/?id=2e8c11547eeee4
a048230747b104ebf584860f40

target: CVE-2014-4027:
http://git.enea.com/cgit/linux/meta-fsl-ppc.git/patch/?id=bd3ce1b94bbab0
d1978692d0d66e3d21e094090e


How to get the latest patches
=============================
- - If you have already cloned meta-enea, update it to get new security
patches.

cd Enea-Linux-5.0/poky/meta-fsl-ppc
git pull

- - If you have not yet cloned needed repositories, do it as described
below. (Security patches are fetched implicitly when cloning the repos).

mkdir Enea-Linux-5.0
git -C Enea-Linux-5.0 clone -b dizzy git://git.enea.com/linux/poky.git
POKY=Enea-Linux-5.0/poky
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-enea.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-fsl-ppc.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/
meta-hierofalcon.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-linaro.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/
meta-openembedded.git
git -C $POKY clone -b dizzy
git://git.enea.com/linux/meta-virtualization.git
git -C $POKY/meta-enea clone -b dizzy
git://git.enea.com/linux/meta-enea/meta-vt.git

If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJWubZUAAoJEAilI68fskZd+6kH/AugDFyvJO/4/NymztzdcVW3
POpqSpgmEOq5oemXArm/wVG4h8AN2NSWxUhQAQZVVJcUCXd7iUeuzlO4C4iNNaCp
4I4yHu9WHI3tmrLvMuW91EDsfIUA8Nuiqz4Le+aF+1od5pl0r+FNBiMPYDaEJlcO
aVlSBEEeA3fpBemu9Be0mX/9g2FAWoDmcZTmmt4ANPCXl5piwZVJjMqN8EfwRZz7
1EBxLiTLjYIIqzHAhEn217yD6sVcvJEXauKMyP2V/eenSZ6xwJmAilvz6XweicKZ
qNMeilWLwKlI55ymaHXQqrYdu5ZOLu9ztVklyA4zr0KVyeS9AXufTeKcwFxPJ4c=
=xRzz
-----END PGP SIGNATURE-----



More information about the security-announce mailing list