{"id":"MGASA-2016-0401","summary":"Updated kernel-4.4.32 packages fixes security vulnerabilities","details":"This update is based on upstream 4.4.32 and fixes at least the following\nsecurity issues:\n\nThe proc_keys_show function in security/keys/proc.c in the Linux kernel\nthrough 4.8.2, when the GNU Compiler Collection (gcc) stack protector is\nenabled, uses an incorrect buffer size for certain timeout data, which\nallows local users to cause a denial of service (stack memory corruption\nand panic) by reading the /proc/keys file (CVE-2016-7042).\n\nNull pointer dereference in kvm/emulate.c (CVE-2016-8630).\n\nA buffer overflow vulnerability due to a lack of input filtering of\nincoming fragmented datagrams was found in the IP-over-1394 driver\n[firewire-net] in a fragment handling code in the Linux kernel. A\nmaliciously formed fragment with a respectively large datagram offset\nwould cause a memcpy() past the datagram buffer, which would cause a\nsystem panic or possible arbitrary code execution. The flaw requires\n[firewire-net] module to be loaded and is remotely exploitable from\nconnected firewire devices, but not over a local network (CVE-2016-8633).\n\nFor other fixes in this update, see the referenced changelogs.\n","modified":"2026-04-16T01:48:54.012276691Z","published":"2016-11-26T10:41:56Z","upstream":["CVE-2016-7042","CVE-2016-8630","CVE-2016-8633"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0401.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=19791"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.31"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.32"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.32-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0401.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.32-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0401.json"}},{"package":{"name":"kmod-vboxadditions","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kmod-vboxadditions?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.1.2-11.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0401.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.1.2-11.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0401.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.10-16.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0401.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}