User login
Qlustar: Install and enjoy!

[QSA-0401171] Linux kernel vulnerabilities

Qlustar Security Advisory 0401171

April 3rd, 2017


Summary:

The system could crash or be made to run programs as an administrator.


    Package(s)       : linux-image-ql-generic,
                       qlustar-module-core-trusty-amd64-9.1.1,
                       qlustar-module-core-wheezy-amd64-9.1.1
    Qlustar releases : 9.1
    Affected versions: All versions prior to this update
    Vulnerability    : privilege escalation/denial of service
    Problem type     : local
    Qlustar-specific : no
    CVE Id(s)        : CVE-2017-7184, CVE-2017-6074, CVE-2016-9806,
        CVE-2016-9793, CVE-2016-9756, CVE-2016-7911, CVE-2016-7910
  

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problem(s):

CVE-2017-7184

It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges.

CVE-2017-6074

Andrey Konovalov discovered a use-after-free vulnerability in the DCCP implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges.

CVE-2016-9806

Baozeng Ding discovered a double free in the netlink_dump() function in the Linux kernel. A local attacker could use this to cause a denial of service (system crash).

CVE-2016-9793

Andrey Konovalov discovered that signed integer overflows existed in the setsockopt() system call when handling the SO_SNDBUFFORCE and SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service (system crash or memory corruption).

CVE-2016-9756

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment (CS) in certain error cases. A local attacker could use this to expose sensitive information (kernel memory).

CVE-2016-7911

Dmitry Vyukov discovered a use-after-free vulnerability in the sys_ioprio_get() function in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges.

CVE-2016-7910

It was discovered that a use-after-free vulnerability existed in the block device layer of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following or more recent package versions (follow the Qlustar Update Instructions):

    linux-image-ql-generic                     3.12.72-ql-generic-9.1-87
    qlustar-module-core-trusty-amd64-9.1.1     9.1.1.4-b461f1064
    qlustar-module-core-wheezy-amd64-9.1.1     9.1.1.4-b461f1064
  
glqxz9283 sfy39587stf02 mnesdcuix8
sfy39587stf03
sfy39587p08