[security-announce] Security Update: Linux kernel: CVE-2016-6480

Sona Sarmadi sona.sarmadi at enea.com
Fri Nov 4 14:08:50 CET 2016


		Enea Linux Security Advisory

====================================================================
Product/package: Enea Linux 6.0: (kernel 4.4, 3.12)
Severity: Medium
Architecture: QEMU (x86, ARM, PPC), PPC and ARM
CVE Name: CVE-2016-6480
====================================================================

This security update fixes double fetch in ioctl_send_fib() in
linux-yocto 4.4, linux-qoriq_3.12  and linux-ls1_3.12 kernels,

Description
===========
Race condition in the ioctl_send_fib function in
drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows
local users to cause a denial of service (out-of-bounds access or system
crash) by changing a certain size value, aka a "double fetch"
vulnerability.

Reference:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6480
Upstream bug: https://bugzilla.kernel.org/show_bug.cgi?id=116751


Reference to the upstream fix
===============================
linux-yocto 4.4:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=e4878ef66e5b8d01d6734b1952f9abb3eeea454c

linux-qoriq_3.12 and linux-ls1_3.12:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=bcc85e09fc60d2e99053eae3fd0515c343189375

Correction for Enea Linux
=========================
linux-yocto 4.4:
http://git.enea.com/cgit/linux/meta-enea-bsp-common.git/patch/?id=5e6193026858039b0015b6adfd4fe37955b1d222

linux-qoriq_3.12:
http://git.enea.com/cgit/linux/meta-enea-bsp-ppc.git/patch/?id=5efb264f10ac2c2753500f862a11b0d9de175930

linux-ls1_3.12:http://git.enea.com/cgit/linux/meta-enea-bsp-arm.git/patch/?id=4f88be3f5aca8b19343fe093ac2790890e0c36f0

How to get the latest patches
=============================
- If you have already cloned needed repositories, update it to get new
security patches.

cd Enea-Linux-6.0
$ repo sync

- If you have not yet cloned needed repositories, do it as described
below. (Security patches are fetched implicitly when cloning the repos).

Use repo tool to download the source for the Enea Linux 6.0 standard,
follow the steps below:
1. Make sure that the repo tool is installed. If not, follow the
instructions below:

$ curl https://storage.googleapis.com/git-repo-downloads/repo >
~/bin/repo $ chmod a+x ~/bin/repo

The instruction assumes that ~/bin exists and is included in the PATH
variable.

2.Use the repo tool to download the source:
$ mkdir Enea-Linux-6.0
$ cd Enea-Linux-6.0
$ repo init -u git://git.enea.com/linux/el_manifests-standard.git
 -b krogoth -m <manifest file> $ repo sync

The parameter <manifest file> depends on the target:
P2041RDB: p2041rdb/default.xml
LS1021a-IoT: ls1021aiot/default.xml
QEMUARM: qemuarm/default.xml
QEMUPCC: qemuppc/default.xml
QEMUX86: qemux86/default.xml

If you have any questions regarding the security patches and security
updates please contact security at enea.com.

For gerneral security refer to Enea Linux Security page:
http://www.enea.com/solutions/Enea-Linux/Security/

For the CVEs fixed at Enea Linux releases see CVE list:
http://www.enea.com/solutions/Enea-Linux/Security/CVEs-list/

For custom packages/releases please use the Support Channel:
http://www.enea.com/solutions/support.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com






-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://mail.lists.enea.com/pipermail/security-announce/attachments/20161104/09e3c44a/attachment.sig>


More information about the security-announce mailing list