[PVE-User] [SECURITY] [DSA 2906-1] linux-2.6 security update

Iosif Peterfi iosif.peterfi at gmail.com
Fri Apr 25 07:27:34 CEST 2014


Guys,

Has this been fixed in the pve-kernel 2.6 ?! This has just been patched in
debian last night (CET).

Let me know,
Iosif


On Fri, Apr 25, 2014 at 2:12 AM, dann frazier <dannf at debian.org> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - ----------------------------------------------------------------------
> Debian Security Advisory DSA-2906-1                security at debian.org
> http://www.debian.org/security/                           Dann Frazier
> April 24, 2014                      http://www.debian.org/security/faq
> - ----------------------------------------------------------------------
>
> Package        : linux-2.6
> Vulnerability  : privilege escalation/denial of service/information leak
> Problem type   : local/remote
> Debian-specific: no
> CVE Id(s)      : CVE-2013-0343 CVE-2013-2147 CVE-2013-2889 CVE-2013-2893
>                  CVE-2013-4162 CVE-2013-4299 CVE-2013-4345 CVE-2013-4512
>                  CVE-2013-4587 CVE-2013-6367 CVE-2013-6380 CVE-2013-6381
>                  CVE-2013-6382 CVE-2013-6383 CVE-2013-7263 CVE-2013-7264
>                  CVE-2013-7265 CVE-2013-7339 CVE-2014-0101 CVE-2014-1444
>                  CVE-2014-1445 CVE-2014-1446 CVE-2014-1874 CVE-2014-2039
>                  CVE-2014-2523 CVE-2103-2929
>
> Several vulnerabilities have been discovered in the Linux kernel that may
> lead
> to a denial of service, information leak or privilege escalation. The
> Common
> Vulnerabilities and Exposures project identifies the following problems:
>
> CVE-2013-0343
>
>     George Kargiotakis reported an issue in the temporary address handling
>     of the IPv6 privacy extensions. Users on the same LAN can cause a
> denial
>     of service or obtain access to sensitive information by sending router
>     advertisement messages that cause temporary address generation to be
>     disabled.
>
> CVE-2013-2147
>
>     Dan Carpenter reported issues in the cpqarray driver for Compaq
>     Smart2 Controllers and the cciss driver for HP Smart Array controllers
>     allowing users to gain access to sensitive kernel memory.
>
> CVE-2013-2889
>
>     Kees Cook discovered missing input sanitization in the HID driver for
>     Zeroplus game pads that could lead to a local denial of service.
>
> CVE-2013-2893
>
>     Kees Cook discovered that missing input sanitization in the HID driver
>     for various Logitech force feedback devices could lead to a local
> denial
>     of service.
>
> CVE-2013-2929
>
>     Vasily Kulikov discovered that a flaw in the get_dumpable() function of
>     the ptrace subsytsem could lead to information disclosure. Only systems
>     with the fs.suid_dumpable sysctl set to a non-default value of '2' are
>     vulnerable.
>
> CVE-2013-4162
>
>     Hannes Frederic Sowa discovered that incorrect handling of IPv6 sockets
>     using the UDP_CORK option could result in denial of service.
>
> CVE-2013-4299
>
>     Fujitsu reported an issue in the device-mapper subsystem. Local users
>     could gain access to sensitive kernel memory.
>
> CVE-2013-4345
>
>     Stephan Mueller found in bug in the ANSI pseudo random number generator
>     which could lead to the use of less entropy than expected.
>
> CVE-2013-4512
>
>     Nico Golde and Fabian Yamaguchi reported an issue in the user mode
>     linux port. A buffer overflow condition exists in the write method
>     for the /proc/exitcode file. Local users with sufficient privileges
>     allowing them to write to this file could gain further elevated
>     privileges.
>
> CVE-2013-4587
>
>     Andrew Honig of Google reported an issue in the KVM virtualization
>     subsystem. A local user could gain elevated privileges by passing
>     a large vcpu_id parameter.
>
> CVE-2013-6367
>
>     Andrew Honig of Google reported an issue in the KVM virtualization
>     subsystem. A divide-by-zero condition could allow a guest user to
>     cause a denial of service on the host (crash).
>
> CVE-2013-6380
>
>     Mahesh Rajashekhara reported an issue in the aacraid driver for storage
>     products from various vendors. Local users with CAP_SYS_ADMIN
> privileges
>     could gain further elevated privileges.
>
> CVE-2013-6381
>
>     Nico Golde and Fabian Yamaguchi reported an issue in the Gigabit
> Ethernet
>     device support for s390 systems. Local users could cause a denial of
>     service or gain elevated privileges via the
> SIOC_QETH_ADP_SET_SNMP_CONTROL
>     ioctl.
>
> CVE-2013-6382
>
>     Nico Golde and Fabian Yamaguchi reported an issue in the XFS
> filesystem.
>     Local users with CAP_SYS_ADMIN privileges could gain further elevated
>     privileges.
>
> CVE-2013-6383
>
>     Dan Carpenter reported an issue in the aacraid driver for storage
> devices
>     from various vendors. A local user could gain elevated privileges due
> to
>     a missing privilege level check in the aac_compat_ioctl function.
>
> CVE-2013-7263 CVE-2013-7264 CVE-2013-7265
>
>     mpb reported an information leak in the recvfrom, recvmmsg and recvmsg
>     system calls. A local user could obtain access to sensitive kernel
> memory.
>
> CVE-2013-7339
>
>     Sasha Levin reported an issue in the RDS network protocol over
> Infiniband.
>     A local user could cause a denial of service condition.
>
> CVE-2014-0101
>
>     Nokia Siemens Networks reported an issue in the SCTP network protocol
>     subsystem. Remote users could cause a denial of service (NULL pointer
>     dereference).
>
> CVE-2014-1444
>
>     Salva Peiro reported an issue in the FarSync WAN driver. Local users
>     with the CAP_NET_ADMIN capability could gain access to sensitive kernel
>     memory.
>
> CVE-2014-1445
>
>     Salva Peiro reported an issue in the wanXL serial card driver. Local
>     users could gain access to sensitive kernel memory.
>
> CVE-2014-1446
>
>     Salva Peiro reported an issue in the YAM radio modem driver. Local
> users
>     with the CAP_NET_ADMIN capability could gain access to sensitive kernel
>     memory.
>
> CVE-2014-1874
>
>     Matthew Thode reported an issue in the SELinux subsystem. A local user
>     with CAP_MAC_ADMIN privileges could cause a denial of service by
> setting
>     an empty security context on a file.
>
> CVE-2014-2039
>
>     Martin Schwidefsky reported an issue on s390 systems. A local user
>     could cause a denial of service (kernel oops) by executing an
> application
>     with a linkage stack instruction.
>
> CVE-2014-2523
>
>     Daniel Borkmann provided a fix for an issue in the nf_conntrack_dccp
>     module. Remote users could cause a denial of service (system crash)
>     or potentially gain elevated privileges.
>
> For the oldstable distribution (squeeze), this problem has been fixed in
> version 2.6.32-48squeeze5.
>
> The following matrix lists additional source packages that were rebuilt for
> compatibility with or to take advantage of this update:
>
>                                              Debian 6.0 (squeeze)
>      user-mode-linux                         2.6.32-1um-4+48squeeze5
>
> We recommend that you upgrade your linux-2.6 and user-mode-linux packages.
>
> Note: Debian carefully tracks all known security issues across every
> linux kernel package in all releases under active security support.
> However, given the high frequency at which low-severity security
> issues are discovered in the kernel and the resource requirements of
> doing an update, updates for lower priority issues will normally not
> be released for all kernels at the same time. Rather, they will be
> released in a staggered or "leap-frog" fashion.
>
> Further information about Debian Security Advisories, how to apply
> these updates to your system and frequently asked questions can be
> found at: http://www.debian.org/security/
>
> Mailing list: debian-security-announce at lists.debian.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQIcBAEBAgAGBQJTWaeAAAoJEBv4PF5U/IZAzFkP/2+YLfDXhZaBIoR1gugvac+F
> q3/PgKXURH35N2vOU3pTkmYgwZh6gOHCzLJ3/ae2qL2GDTw5ZLu2EYv+xiJLOk8a
> 9k5dki6j2k38EI7ktTn7BMVfOgoZTmlfYYVjdGmRU+2YEXu1ATr4zt0wN4azvThU
> 25sgo21rYcaMPvOwng922/RAFQPtDZmAODTXxfpkL6c/zzeMLOILqlAYRe9uMfu5
> 4X8G1/wglfSzx6b4yWZPvltWCgW+yi3OklrAalSsn8PnDf7yS8wWmxXsZ0pOEHHV
> 7bbUCMDYtUkqqTq9/Ak/ohGo3mJkPJnzSeg8ShemSEY40NTlIbSmfUTYepTovhCF
> A7A8TmYUhsAavD+DUxbQvYJjRKufzsymCg3yA0qp9JTKVRr5/IVkqpSeAx2Hpo7C
> Jqkf0Or4t9BYc5juJasgicb4ttyYlleGnlJ8+ojelxXLROkH8EnIv3CDP87WGnOt
> Dora/G+Al0AmRuk6TQuZofMtXK9dcBanN2+jr7HipE6dnH7vMo7xn979NdEaTkHs
> Yskm+FJJXFoTGS49/V2YlIhDU2zuCnXodGYsZl+RSI54XPMkKrrfKZ6zRIJ5r3vJ
> IFiqcMUlNJtEU4viwMjBkXlMvQZoN0e44ufK+/+VfQYPrj3puYoYLq1FOeF0JFaE
> 8D7zI3prwl5DKG9kWEaq
> =T6VL
> -----END PGP SIGNATURE-----
>
>
> --
> To UNSUBSCRIBE, email to debian-security-announce-REQUEST at lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster at lists.debian.org
> Archive: https://lists.debian.org/20140425001210.GA6824@fluid.dannf
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.proxmox.com/pipermail/pve-user/attachments/20140425/40d70e03/attachment.htm>


More information about the pve-user mailing list