MGASA-2015-0210

Source
https://advisories.mageia.org/MGASA-2015-0210.html
Import Source
https://advisories.mageia.org/MGASA-2015-0210.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2015-0210
Related
Published
2015-05-11T20:10:38Z
Modified
2015-05-11T19:58:37Z
Summary
Updated kernel packages fix security vulnerabilities
Details

This kernel update is based on upstream -longterm 3.14.41 and fixes the following security issues:

net/netfilter/nfconntrackproto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers (CVE-2014-8160).

The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction (CVE-2015-0239).

It was found that the Linux kernel's ping socket implementation didn't properly handle socket unhashing during spurious disconnects which could lead to use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On non-x86-64 architecture systems, a local user able to create ping sockets could use this flaw to increase their privileges on the system. Note: By default ping sockets are disabled on the system (net.ipv4.pinggrouprange = 1 0) and have to be explicitly enabled by the system administrator for specific user groups in order to exploit this issue (CVE-2015-3636).

For other fixes in this update, see the referenced changelogs.

References
Credits

Affected packages

Mageia:4 / kernel

Package

Name
kernel
Purl
pkg:rpm/mageia/kernel?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.14.41-1.mga4

Ecosystem specific

{
    "section": "core"
}

Mageia:4 / kernel-userspace-headers

Package

Name
kernel-userspace-headers
Purl
pkg:rpm/mageia/kernel-userspace-headers?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.14.41-1.mga4

Ecosystem specific

{
    "section": "core"
}

Mageia:4 / kmod-vboxadditions

Package

Name
kmod-vboxadditions
Purl
pkg:rpm/mageia/kmod-vboxadditions?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.26-7.mga4

Ecosystem specific

{
    "section": "core"
}

Mageia:4 / kmod-virtualbox

Package

Name
kmod-virtualbox
Purl
pkg:rpm/mageia/kmod-virtualbox?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.3.26-7.mga4

Ecosystem specific

{
    "section": "core"
}

Mageia:4 / kmod-xtables-addons

Package

Name
kmod-xtables-addons
Purl
pkg:rpm/mageia/kmod-xtables-addons?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.5-17.mga4

Ecosystem specific

{
    "section": "core"
}

Mageia:4 / kmod-broadcom-wl

Package

Name
kmod-broadcom-wl
Purl
pkg:rpm/mageia/kmod-broadcom-wl?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.30.223.141-52.mga4.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:4 / kmod-fglrx

Package

Name
kmod-fglrx
Purl
pkg:rpm/mageia/kmod-fglrx?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
14.010.1006-22.mga4.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:4 / kmod-nvidia173

Package

Name
kmod-nvidia173
Purl
pkg:rpm/mageia/kmod-nvidia173?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
173.14.39-37.mga4.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:4 / kmod-nvidia304

Package

Name
kmod-nvidia304
Purl
pkg:rpm/mageia/kmod-nvidia304?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
304.125-7.mga4.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:4 / kmod-nvidia-current

Package

Name
kmod-nvidia-current
Purl
pkg:rpm/mageia/kmod-nvidia-current?distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
331.113-7.mga4.nonfree

Ecosystem specific

{
    "section": "nonfree"
}