ALT-BU-2016-3050-1
Branch sisyphus update bulletin.
Package kernel-image-std-def updated to version 4.4.24-alt1 for branch sisyphus in task 170638.
Closed vulnerabilities
BDU:2017-01560
Уязвимость функции aio_mount в fs/aio.c ядра операционной системы Android, позволяющая нарушителю обойти политику ограничений и повысить свои привилегии
Modified: 2024-11-21
CVE-2016-10044
The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=22f6b4d34fcf039c63a94e7670e0da24f8575a5a
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=22f6b4d34fcf039c63a94e7670e0da24f8575a5a
- http://source.android.com/security/bulletin/2017-02-01.html
- http://source.android.com/security/bulletin/2017-02-01.html
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.7
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.7
- 96122
- 96122
- 1037798
- 1037798
- https://github.com/torvalds/linux/commit/22f6b4d34fcf039c63a94e7670e0da24f8575a5a
- https://github.com/torvalds/linux/commit/22f6b4d34fcf039c63a94e7670e0da24f8575a5a
Package kernel-image-un-def updated to version 4.7.7-alt1 for branch sisyphus in task 170640.
Closed vulnerabilities
BDU:2017-01560
Уязвимость функции aio_mount в fs/aio.c ядра операционной системы Android, позволяющая нарушителю обойти политику ограничений и повысить свои привилегии
Modified: 2024-11-21
CVE-2016-10044
The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=22f6b4d34fcf039c63a94e7670e0da24f8575a5a
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=22f6b4d34fcf039c63a94e7670e0da24f8575a5a
- http://source.android.com/security/bulletin/2017-02-01.html
- http://source.android.com/security/bulletin/2017-02-01.html
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.7
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.7
- 96122
- 96122
- 1037798
- 1037798
- https://github.com/torvalds/linux/commit/22f6b4d34fcf039c63a94e7670e0da24f8575a5a
- https://github.com/torvalds/linux/commit/22f6b4d34fcf039c63a94e7670e0da24f8575a5a
Modified: 2024-11-21
CVE-2017-7273
The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibly have unspecified other impact via a crafted HID report.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1ebb71143758f45dc0fa76e2f48429e13b16d110
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1ebb71143758f45dc0fa76e2f48429e13b16d110
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4faec4a2ef5dd481682cc155cb9ea14ba2534b76
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4faec4a2ef5dd481682cc155cb9ea14ba2534b76
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.4
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.4
- 97190
- 97190
- https://github.com/torvalds/linux/commit/1ebb71143758f45dc0fa76e2f48429e13b16d110
- https://github.com/torvalds/linux/commit/1ebb71143758f45dc0fa76e2f48429e13b16d110
Package openconnect updated to version 7.06-alt1 for branch sisyphus in task 170600.
Closed bugs
Обновить пакет до 7-ой версии