MGASA-2015-0450

Description

Updated kernel packages fix security vulnerabilities This kernel update is based on upstream 4.1.13 longterm kernel and fixes the following security issues: The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets. (CVE-2015-5156) A guest to host DoS issue was found affecting various hypervisors. In that, a guest can DoS the host by triggering an infinite stream of "alignment check" (#AC) exceptions. This causes the microcode to enter an infinite loop where the core never receives another interrupt. The host kernel panics due to this effect (CVE-2015-5307). A guest to host DoS issue was found affecting various hypervisors. In that, a guest can DoS the host by triggering an infinite stream of "debug check" (#DB) exceptions. This causes the microcode to enter an infinite loop where the core never receives another interrupt. The host kernel panics due to this effect (CVE-2015-8104). For other fixes in this update, see the referenced changelog.

Affected Systems

• mageia•kernel

  < 4.1.13-2.mga5

• mageia•kernel-userspace-headers

  < 4.1.13-2.mga5

• mageia•kmod-broadcom-wl

  < 6.30.223.271-3.mga5.nonfree

• mageia•kmod-fglrx

  < 15.200.1046-7.mga5.nonfree

• mageia•kmod-nvidia-current

  < 346.96-3.mga5.nonfree

• mageia•kmod-nvidia304

  < 304.128-3.mga5.nonfree

• mageia•kmod-nvidia340

  < 340.93-3.mga5.nonfree

• mageia•kmod-xtables-addons

  < 2.7-6.mga5

References (3)

• https://advisories.mageia.org/MGASA-2015-0450.html
• https://bugs.mageia.org/show_bug.cgi?id=17129
• https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.13