ALT-BU-2016-3139-1
Branch sisyphus update bulletin.
Package kernel-image-un-def updated to version 4.8.7-alt1 for branch sisyphus in task 172151.
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-8630
The x86_decode_insn function in arch/x86/kvm/emulate.c in the Linux kernel before 4.8.7, when KVM is enabled, allows local users to cause a denial of service (host OS crash) via a certain use of a ModR/M byte in an undefined instruction.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d9092f52d7e61dd1557f2db2400ddb430e85937e
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d9092f52d7e61dd1557f2db2400ddb430e85937e
- RHSA-2017:0386
- RHSA-2017:0386
- RHSA-2017:0387
- RHSA-2017:0387
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7
- [oss-security] 20161122 CVE-2016-8630 kernel: kvm: x86: NULL pointer dereference duringinstruction decode
- [oss-security] 20161122 CVE-2016-8630 kernel: kvm: x86: NULL pointer dereference duringinstruction decode
- 94459
- 94459
- https://bugzilla.redhat.com/show_bug.cgi?id=1393350
- https://bugzilla.redhat.com/show_bug.cgi?id=1393350
- https://github.com/torvalds/linux/commit/d9092f52d7e61dd1557f2db2400ddb430e85937e
- https://github.com/torvalds/linux/commit/d9092f52d7e61dd1557f2db2400ddb430e85937e
Modified: 2024-11-21
CVE-2016-8633
drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7
- [oss-security] 20161106 Re: [engineering.redhat.com #426293] CVE Request - firewire driver RCE - linux 4.8
- [oss-security] 20161106 Re: [engineering.redhat.com #426293] CVE Request - firewire driver RCE - linux 4.8
- 94149
- 94149
- RHSA-2018:0676
- RHSA-2018:0676
- RHSA-2018:1062
- RHSA-2018:1062
- RHSA-2019:1170
- RHSA-2019:1170
- RHSA-2019:1190
- RHSA-2019:1190
- https://bugzilla.redhat.com/show_bug.cgi?id=1391490
- https://bugzilla.redhat.com/show_bug.cgi?id=1391490
- https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/
- https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/
- https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac
- https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac
Modified: 2024-11-21
CVE-2016-9313
security/keys/big_key.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration in conjunction with successful key-type registration, which allows local users to cause a denial of service (NULL pointer dereference and panic) or possibly have unspecified other impact via a crafted application that uses the big_key data type.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7df3e59c3d1df4f87fe874c7956ef7a3d2f4d5fb
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7df3e59c3d1df4f87fe874c7956ef7a3d2f4d5fb
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7
- [oss-security] 20160722 panic at big_key_preparse #4.7-r6/rc7 & master
- [oss-security] 20160722 panic at big_key_preparse #4.7-r6/rc7 & master
- 94546
- 94546
- https://github.com/torvalds/linux/commit/7df3e59c3d1df4f87fe874c7956ef7a3d2f4d5fb
- https://github.com/torvalds/linux/commit/7df3e59c3d1df4f87fe874c7956ef7a3d2f4d5fb