[security-announce] Kernel (linux-yocto 3.14): Security Update CVE-2014-7822, CVE-2014-8160, CVE-2014-9529

Sona Sarmadi sona.sarmadi at enea.com
Tue Jan 12 09:41:04 CET 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

	Enea Linux Security Advisory

=========================================================
Product/package: kernel (linux-yocto 3.14)
Severity: Medium
CVE Name: CVE-2014-7822, CVE-2014-8160, CVE-2014-9529
Layer: meta-enea
=========================================================

Following CVEs have been backported to the linux-yocto 3.14 kernel
in the Enea Linux 5.0 release:

1: CVE-2014-7822

Description
===========
The implementation of certain splice_write file operations in the
Linux kernel before 3.16 does not enforce a restriction on the maximum
size of a single file, which allows local users to cause a denial of
service (system crash) or possibly have unspecified other impact via a
crafted splice system call, as demonstrated by use of a file
descriptor associated with an ext4 filesystem.

Reference:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7822

Upstream/original fix:
======================
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=b292fc7723b66d9796ae550b284223d95019ac44


Correction for Enea Linux
=========================
http://git.enea.com/cgit/linux/meta-enea.git/patch/?id=1ab831fc573b2a6db
71d41fe0f0e47b643cbc863

2: CVE-2014-8160

Description
===========
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before
3.18 generates incorrect conntrack entries during handling of certain
iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols,
which allows remote attackers to bypass intended access restrictions
via packets with disallowed port numbers.

Reference:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8160

Upstream/original fix:
======================
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=efbf300ed821a533c3af71b1b122227febc28142

Correction for Enea Linux
=========================
http://git.enea.com/cgit/linux/meta-enea.git/patch/?id=297be792a99a2ffdb
13871f07bfb35eef6febdf2


3: CVE-2014-9529

Description
===========
Race condition in the key_gc_unused_keys function in
security/keys/gc.c in the Linux kernel through 3.18.2 allows local
users to cause a denial of service (memory corruption or panic) or
possibly have unspecified other impact via keyctl commands that
trigger access to a key structure member during garbage collection of
a key.

Reference:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9529

Upstream/original fix:
======================
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=cf69173f59163182c12e0ecbda52721397468763

Correction for Enea Linux
=========================
49e3f5a83e0150115261225287385fdd2c93d811

How to get the latest patches
=============================
- - If you have already cloned meta-enea, update it to get new security
patches.

cd Enea-Linux-5.0/poky/meta-enea
git pull

- - If you have not yet cloned needed repositories, do it as described
below. (Security patches are fetched implicitly when cloning the repos).

mkdir Enea-Linux-5.0
git -C Enea-Linux-5.0 clone -b dizzy git://git.enea.com/linux/poky.git
POKY=Enea-Linux-5.0/poky
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-enea.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/
meta-hierofalcon.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/meta-linaro.git
git -C $POKY clone -b dizzy git://git.enea.com/linux/
meta-openembedded.git
git -C $POKY clone -b dizzy
git://git.enea.com/linux/meta-virtualization.git
git -C $POKY/meta-enea clone -b dizzy
git://git.enea.com/linux/meta-enea/meta-vt.git


If you have any questions regarding the security patches and security
updates please contact security at enea.com.


Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJWlLwfAAoJEHc+9u9ocWoU3QkP/3flqSSPE8sjnPBOa1enQ1ga
YYgcsMO1o3RgL3vnafEd+aeMm903KbjgUik6V/I1isr2kw4tEwQW+a+gWYTvyp2q
9GDacP8zoUS2bPIXotn5BFVVoudYc3VI16Qckh8rjRiXmdek9Ux3o1lYZSTwebeh
0YoOvPvtln4AH5QvC00yO8A437e94AfAVaAH7KhHt/nKsxcyk3aq7Cl+J4j5c9e8
KrggTLoWNLcc37ipAHdkZ59n6qwyf7vRMzqFlp2Rd7svon4qjx4RKcBQHbfn5mlb
K0SzfXpwLQrppCVPvJKdq6bDyA2q3MceSr+rsnUzEpv/P9naMv1WWuynFLNMlBgL
QsCNp4Do4gFXcQRyP2jJ3B+iUpIhUAtiqNOl5gQCEgTpDPdoYGRngGsqkSKHiSnr
h6U8QjaA3hRh5gEppLkHmE2WWzkBBPKSBjz40ZRKxKTwcmzFK/DYb6LbP6D/0AF4
cGF7GGOrYsn+04rqnI7+QWmgNt0QtD5xhVqx94fPJBZRc9P22xlFLSm4aiQCmctU
glkQayEE1M04me2l2guuXe4yNFf/65zGsMG7JdY9coAkk7UKGHlIxn/X47xWpNv+
4Db5JfxOGcv/JEfks3UkmXCN8TYAjfsesL0RXO2pVs02cSiCggceBNJQQZBpvggB
w8BvvtazSYQetDhjwyqT
=LIMr
-----END PGP SIGNATURE-----



More information about the security-announce mailing list