[security-announce] Kernel (linux-yocto 3.14): Security Update

Sona Sarmadi sona.sarmadi at enea.com
Tue Jan 5 16:07:35 CET 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

	Enea Linux Security Advisory

=========================================================
Product/package: kernel (linux-yocto 3.14)
Severity: High
CVE Name: CVE-2015-1465
Layer: meta-enea
=========================================================

This patch fixes DoS due to routing packets to too many different
dsts/too fast. A remote attacker can use this flaw to crash the system.


Description
===========
The IPv4 implementation in the Linux kernel before 3.18.8 does not
properly consider the length of the Read-Copy Update (RCU) grace
period for redirecting lookups in the absence of caching, which allows
remote attackers to cause a denial of service (memory consumption or
system crash) via a flood of packets.

References:
===========
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1465
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1465

Upstream/original fix:
======================
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=ee6db0ad53c9805d31bd1b0b7c9ea901407dfc19


Correction for Enea Linux
=========================
http://git.enea.com/cgit/linux/meta-enea.git/patch/?id=1379026b984e169a3
bb8745b09f1000cae2d9535

How to get the latest patches
=============================
- - If you have already cloned meta-enea, update it to get new security
patches.

cd Enea-Linux-5.0/poky/meta-enea
git pull

- - If you have not yet cloned needed repositories, do it as described
below. (Security patches are fetched implicitly when cloning the repos).

mkdir Enea-Linux-5.0
git -C Enea-Linux-5.0 clone -b dizzy git://git.enea.com/linux/poky.git
POKY=Enea-Linux-5.0/poky
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-enea.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/\
meta-hierofalcon.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-linaro.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/\
meta-openembedded.git
git -C $POKY clone -b dizzy
git://git.enea.com/linux/meta-virtualization.git
git -C $POKY/meta-enea clone -b dizzy
git://git.enea.com/linux/meta-enea/meta-vt.git


If you have any questions regarding the security patches and security
updates please contact security at enea.com.


Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWi9w3AAoJEHc+9u9ocWoUMzsP/RaAPdw0uP42G116uIIhCIKr
jyhGm9Jzh+WnM1mYHdEL/Nv83D1ejDvMerT9EPlQpVCRg0iFkrnUhDLs+tQO9OeG
FL12nUnBnn+Vyv2LhMTQT6RrxSZU7dQ0jw+OM7qlVkFO0fctqPseIRbtYzq6gJeV
+6je+HXvTqywEki+ghj4SJbAwMUSDi9kv2muiRwbfsW/ilyFvjx6eEwnx0SnBhrz
YVmW7ZPKECccMWMYxMklLkLlJvo6rM0IP459cHbAONhzMO0OitlYGAlQSJN36iK5
sWp/WxN/sZaMbwi+y9uq9vO1et3Y9f1KRuNQohi31/wmLhL/1WLZJf01A9e7Qsu6
nymUomxt5XMhHdK/ODJQ6kygOqBcR5gHaP6QHLeojSTBtcpps80yQa3QUzs0nIDb
UwxAvO0Zx+QhC8P9a3zw/CqiOgo7QmesbFIxDuz1d/jDJie4oGmgFLL7bUm7wK+h
6263fdJ3DBKaATd2ocSm91vOWRtOmXrxgKVie5Gi00nE1kX/I7kf4A9RZD/PWR+D
PZI3c+gTWysm5shXMeEZQ6CFQR30Px9dSWYdmmD/yUhVV1CSzwkRPwbkKQp5OzSL
Pcrr6MOft3evYY6v7Uj50fEZB9u3oB2D3pDiGhNtZjKo+izhTKDoXR7OPvMAWMLS
0afDuPrOol+SdEGqYAKp
=NdyX
-----END PGP SIGNATURE-----



More information about the security-announce mailing list