[security-announce] Security Update: linux-yocto 4.x: CVE-2016-5829

Sona Sarmadi sona.sarmadi at enea.com
Fri Jul 29 09:24:38 CEST 2016


	Enea Linux Security Advisory

====================================================================
Product/package: EL 6.0: kernel (linux-yocto 4.x)
Severity: Medium
Architecture: qemuarm, qemuppc, qemux86
CVE Name: CVE-2016-5829
====================================================================
This security update fixes a heap-based buffer overflow vulnerability
in the Linux kernel's hiddev driver. This flaw could allow a local
attacker to corrupt kernel memory, possible privilege escalation or
crashing the system.

Description
===========
Multiple heap-based buffer overflows in the hiddev_ioctl_usage function
in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow
local users to cause a denial of service or possibly have unspecified
other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl
call.

References:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5829
https://bugzilla.redhat.com/show_bug.cgi?id=%20CVE-2016-5829

Reference to the upstream fixes:
===============================
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=f67b6920a0cf03d363c5f3bfb14f5d258168dc8c

Correction for Enea Linux
=========================
http://git.enea.com/cgit/linux/meta-enea-bsp-common.git/patch/?id=40894e99a839ce0e337bb3a7b83327bd64417d56


How to get the latest patches
=============================
- If you have already cloned needed repositories, update it to get new
security patches.

cd Enea-Linux-6.0
$ repo sync

- If you have not yet cloned needed repositories, do it as described
below. (Security patches are fetched implicitly when cloning the repos).

Use repo tool to download the source for Enea Linux, follow the steps below:
1. Make sure that the repo tool is installed. If not, follow the
instructions below:

$ curl https://storage.googleapis.com/git-repo-downloads/repo >
~/bin/repo
$ chmod a+x ~/bin/repo

The instruction assumes that ~/bin exists and is included in the PATH
variable.

2.Use the repo tool to download the source:
$ mkdir Enea-Linux-6.0
$ cd Enea-Linux-6.0
$ repo init \
-u git://git.enea.com/linux/el_manifests-standard.git \
-b krogoth\
-m <manifest file>
$ repo sync

The parameter <manifest file> depends on the target:
P2041RDB: p2041rdb/default.xml
LS1021a-IoT: ls1021aiot/default.xml
QEMUARM: qemuarm/default.xml
QEMUPCC: qemuppc/default.xml
QEMUX86: qemux86/default.xml

If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://mail.lists.enea.com/pipermail/security-announce/attachments/20160729/43599b3d/attachment.sig>


More information about the security-announce mailing list