ALT-BU-2017-2891-1
Branch sisyphus update bulletin.
Package kernel-image-un-def updated to version 4.9.5-alt1 for branch sisyphus in task 176938.
Closed vulnerabilities
BDU:2017-00291
Уязвимость операционной системы Linux, позволяющая нарушителю получить конфиденциальную информацию
BDU:2017-00292
Уязвимость операционной системы Linux, позволяющая нарушителю получить конфиденциальную информацию
BDU:2017-00295
Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
BDU:2017-00297
Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2017-2583
The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a "MOV SS, NULL selector" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=33ab91103b3415e12457e3104f0e4517ce12d0f3
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=33ab91103b3415e12457e3104f0e4517ce12d0f3
- DSA-3791
- DSA-3791
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5
- [oss-security] 20170119 CVE-2017-2583 Kernel: Kvm: vmx/svm potential privilege escalation inside guest
- [oss-security] 20170119 CVE-2017-2583 Kernel: Kvm: vmx/svm potential privilege escalation inside guest
- 95673
- 95673
- RHSA-2017:1615
- RHSA-2017:1615
- RHSA-2017:1616
- RHSA-2017:1616
- https://bugzilla.redhat.com/show_bug.cgi?id=1414735
- https://bugzilla.redhat.com/show_bug.cgi?id=1414735
- https://github.com/torvalds/linux/commit/33ab91103b3415e12457e3104f0e4517ce12d0f3
- https://github.com/torvalds/linux/commit/33ab91103b3415e12457e3104f0e4517ce12d0f3
- USN-3754-1
- USN-3754-1
Modified: 2024-11-21
CVE-2017-5546
The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service (duplicate freelist entries and system crash) or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a large value for a random number.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c4e490cf148e85ead0d1b1c2caaba833f1d5b29f
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c4e490cf148e85ead0d1b1c2caaba833f1d5b29f
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5
- [oss-security] 20170120 Re: CVE REQUEST: linux kernel: process with pgid zero able to crash kernel
- [oss-security] 20170120 Re: CVE REQUEST: linux kernel: process with pgid zero able to crash kernel
- 95711
- 95711
- https://bugzilla.redhat.com/show_bug.cgi?id=1415733
- https://bugzilla.redhat.com/show_bug.cgi?id=1415733
- https://github.com/torvalds/linux/commit/c4e490cf148e85ead0d1b1c2caaba833f1d5b29f
- https://github.com/torvalds/linux/commit/c4e490cf148e85ead0d1b1c2caaba833f1d5b29f
Modified: 2024-11-21
CVE-2017-5549
The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel before 4.9.5 places uninitialized heap-memory contents into a log entry upon a failure to read the line status, which allows local users to obtain sensitive information by reading the log.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=146cc8a17a3b4996f6805ee5c080e7101277c410
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=146cc8a17a3b4996f6805ee5c080e7101277c410
- DSA-3791
- DSA-3791
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5
- [oss-security] 20170120 Re: CVE REQUEST: linux kernel: process with pgid zero able to crash kernel
- [oss-security] 20170120 Re: CVE REQUEST: linux kernel: process with pgid zero able to crash kernel
- 95715
- 95715
- https://bugzilla.redhat.com/show_bug.cgi?id=1416114
- https://bugzilla.redhat.com/show_bug.cgi?id=1416114
- https://github.com/torvalds/linux/commit/146cc8a17a3b4996f6805ee5c080e7101277c410
- https://github.com/torvalds/linux/commit/146cc8a17a3b4996f6805ee5c080e7101277c410
- USN-3754-1
- USN-3754-1
Modified: 2024-11-21
CVE-2017-5550
Off-by-one error in the pipe_advance function in lib/iov_iter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized heap-memory locations in opportunistic circumstances by reading from a pipe after an incorrect buffer-release decision.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9dc6f65bc5e232d1c05fe34b5daadc7e8bbf1fb
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b9dc6f65bc5e232d1c05fe34b5daadc7e8bbf1fb
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5
- [oss-security] 20170120 Re: CVE REQUEST: linux kernel: process with pgid zero able to crash kernel
- [oss-security] 20170120 Re: CVE REQUEST: linux kernel: process with pgid zero able to crash kernel
- 95716
- 95716
- https://bugzilla.redhat.com/show_bug.cgi?id=1416116
- https://bugzilla.redhat.com/show_bug.cgi?id=1416116
- https://github.com/torvalds/linux/commit/b9dc6f65bc5e232d1c05fe34b5daadc7e8bbf1fb
- https://github.com/torvalds/linux/commit/b9dc6f65bc5e232d1c05fe34b5daadc7e8bbf1fb