| Description: | Summary:
The remote host is missing an update for the 'kernel-linus' package(s) announced via the MGASA-2015-0221 advisory.
Vulnerability Insight:
This kernel update is based on upstream -longterm 3.14.41 and fixes
the following security issues:
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before
3.18 generates incorrect conntrack entries during handling of certain
iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols,
which allows remote attackers to bypass intended access restrictions
via packets with disallowed port numbers (CVE-2014-8160).
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel
before 3.18.5, when the guest OS lacks SYSENTER MSR initialization,
allows guest OS users to gain guest OS privileges or cause a denial of
service (guest OS crash) by triggering use of a 16-bit code segment for
emulation of a SYSENTER instruction (CVE-2015-0239).
It was found that the Linux kernel's ping socket implementation didn't
properly handle socket unhashing during spurious disconnects which could
lead to use-after-free flaw. On x86-64 architecture systems, a local user
able to create ping sockets could use this flaw to crash the system. On
non-x86-64 architecture systems, a local user able to create ping sockets
could use this flaw to increase their privileges on the system.
Note: By default ping sockets are disabled on the system
(net.ipv4.ping_group_range = 1 0) and have to be explicitly enabled by the
system administrator for specific user groups in order to exploit this issue
(CVE-2015-3636).
For other fixes in this update, see the referenced changelogs.
Affected Software/OS:
'kernel-linus' package(s) on Mageia 4.
Solution:
Please install the updated package(s).
CVSS Score:
5.0
CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
