{"id":"MGASA-2016-0005","summary":"Updated kernel packages fix security vulnerabilities","details":"This kernel update is based on upstream 4.1.15 longterm kernel and fixes\nthe following security issues:\n\nThe __rds_conn_create function in net/rds/connection.c in the Linux kernel\nthrough 4.2.3 allows local users to cause a denial of service (NULL pointer\ndereference and system crash) or possibly have unspecified other impact by\nusing a socket that was not properly bound (CVE-2015-6937).\n\nThe key_gc_unused_keys function in security/keys/gc.c in the Linux kernel\nthrough 4.2.6 allows local users to cause a denial of service (OOPS) via\ncrafted keyctl commands (CVE-2015-7872).\n\nThe vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in\nthe Linux kernel through 4.3.3 does not initialize a certain structure\nmember, which allows local users to obtain sensitive information from\nkernel memory via a crafted application (CVE-2015-7884).\n\nThe dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the\nLinux kernel through 4.3.3 does not initialize a certain structure member,\nwhich allows local users to obtain sensitive information from kernel memory\nvia a crafted application (CVE-2015-7885).\n\nFelix Wilhelm discovered a race condition in the Xen paravirtualized\ndrivers which can cause double fetch vulnerabilities. An attacker in the\nparavirtualized guest could exploit this flaw to cause a denial of service\n(crash the host) or potentially execute arbitrary code on the host\n(CVE-2015-8550 / XSA-155).\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service (NULL dereference) on the host\n(CVE-2015-8551 / XSA-157).\n\nKonrad Rzeszutek Wilk discovered the Xen PCI backend driver does not\nperform sanity checks on the device's state. An attacker could exploit\nthis flaw to cause a denial of service by flooding the logging system\nwith WARN() messages causing the initial domain to exhaust disk space\n(CVE-2015-8552 / XSA-157).\n\nThe ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel\nthrough 4.3.3 attempts to merge distinct setattr operations, which allows\nlocal users to bypass intended access restrictions and modify the\nattributes of arbitrary overlay files via a crafted application\n(CVE-2015-8660).\n\nFor other fixes in this update, see the referenced changelogs.\n","modified":"2026-01-31T12:12:45.808435Z","published":"2016-01-11T10:44:41Z","related":["CVE-2015-6937","CVE-2015-7872","CVE-2015-7884","CVE-2015-7885","CVE-2015-8550","CVE-2015-8551","CVE-2015-8552","CVE-2015-8660"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0005.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=17397"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.14"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.15"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.1.15-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0005.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.1.15-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0005.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7-7.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0005.json"}},{"package":{"name":"kmod-broadcom-wl","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kmod-broadcom-wl?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.30.223.271-4.mga5.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0005.json"}},{"package":{"name":"kmod-fglrx","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kmod-fglrx?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"15.200.1046-8.mga5.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0005.json"}},{"package":{"name":"kmod-nvidia304","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kmod-nvidia304?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"304.128-4.mga5.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0005.json"}},{"package":{"name":"kmod-nvidia340","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kmod-nvidia340?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"340.93-4.mga5.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0005.json"}},{"package":{"name":"kmod-nvidia-current","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kmod-nvidia-current?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"346.96-4.mga5.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0005.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}