| Beschreibung: | Summary:
The remote host is missing an update for the 'kernel-linus' package(s) announced via the MGASA-2017-0148 advisory.
Vulnerability Insight:
This kernel-linus update is based on upstream 4.4.68 and fixes at least
the following security issues:
fs/namespace.c in the Linux kernel before 4.9 does not restrict how many
mounts may exist in a mount namespace, which allows local users to cause
a denial of service (memory consumption and deadlock) via MS_BIND mount
system calls, as demonstrated by a loop that triggers exponential growth
in the number of mounts (CVE-2016-6213).
The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in
the Linux kernel before 4.6 allows local users to gain privileges or cause
a denial of service (use-after-free) via vectors involving omission of the
firmware name from a certain data structure (CVE-2016-7913).
The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux
kernel before 4.5 does not check whether a batch message's length field is
large enough, which allows local users to obtain sensitive information from
kernel memory or cause a denial of service (infinite loop or out-of-bounds
read) by leveraging the CAP_NET_ADMIN capability (CVE-2016-7917).
The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through
4.8.11 does not validate the relationship between the minimum fragment
length and the maximum packet size, which allows local users to gain
privileges or cause a denial of service (heap-based buffer overflow) by
leveraging the CAP_NET_ADMIN capability (CVE-2016-8632).
drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local
users to bypass integer overflow checks, and cause a denial of service
(memory corruption) or have unspecified other impact, by leveraging access
to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a
'state machine confusion bug' (CVE-2016-9083).
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11
misuses the kzalloc function, which allows local users to cause a denial
of service (integer overflow) or have unspecified other impact by
leveraging access to a vfio PCI device file (CVE-2016-9084).
It was discovered that root can gain direct access to an internal keyring,
such as '.builtin_trusted_keys' upstream, by joining it as its session
keyring. This allows root to bypass module signature verification by adding
a new public key of its own devising to the keyring (CVE-2016-9604).
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through
4.10.8 is too late in obtaining a certain lock and consequently cannot
ensure that disconnect function calls are safe, which allows local users
to cause a denial of service (panic) by leveraging access to the protocol
value of IPPROTO_ICMP in a socket system call (CVE-2017-2671).
Race condition in kernel/events/core.c in the Linux kernel before 4.9.7
allows local users to gain privileges via a crafted application that makes
concurrent perf_event_open system calls for moving a software group into a
hardware ... [Please see the references for more information on the vulnerabilities]
Affected Software/OS:
'kernel-linus' package(s) on Mageia 5.
Solution:
Please install the updated package(s).
CVSS Score:
10.0
CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
