Univention Bugzilla – Bug 53603
linux: Multiple issues (4.4)
Last modified: 2021-07-28 18:37:59 CEST
New Debian linux 4.9.272-2 fixes: This update addresses the following issues: * race condition in net/can/bcm.c leads to local privilege escalation (CVE-2021-3609) * arm: SIGPAGE information disclosure vulnerability (CVE-2021-21781) * size_t-to-int conversion vulnerability in the filesystem layer (CVE-2021-33909) * allows local users to obtain sensitive information from stack memory because of uninitialized data structure in net/can/bcm.c (CVE-2021-34693)
--- mirror/ftp/4.4/unmaintained/component/4.4-8-errata/source/linux_4.9.272-1A~4.4.0.202106231520.dsc +++ apt/ucs_4.4-0-errata4.4-8/source/linux_4.9.272-2.dsc @@ -1,8 +1,13 @@ -4.9.272-1A~4.4.0.202106231520 [Wed, 23 Jun 2021 15:20:26 +0200] Univention builddaemon <buildd@univention.de>: +4.9.272-2 [Mon, 19 Jul 2021 22:08:03 +0200] Ben Hutchings <benh@debian.org>: - * UCS auto build. The following patches have been applied to the original source package - 0000-do-not-abort-on-gentrol.py - 0001-i40e-Be-much-more-verbose-about-what-we-can-and-cann + * can: bcm: fix infoleak in struct bcm_msg_head (CVE-2021-34693) + * can: bcm: delay release of struct bcm_op after synchronize_rcu() + (CVE-2021-3609) + * lib/string.c: add multibyte memset function + * [armel,armhf] ensure the signal page contains defined contents + (CVE-2021-21781) + * proc: Track /proc/$pid/attr/ opener mm_struct (Closes: #990072) + * seq_file: Disallow extremely large seq buffer allocations (CVE-2021-33909) 4.9.272-1 [Mon, 21 Jun 2021 02:35:23 +0200] Ben Hutchings <benh@debian.org>: <http://piuparts.knut.univention.de/4.4-8/#3236169534898893256>
Manual kernel rebuild to include 0001-i40e-Be-much-more-verbose-about-what-we-can-and-cann.quilt linux 4.9.272-2A~4.4.0.202107271455 dacdb57fab Bug #53603: linux 4.9.272-2 e7021aba4c Bug #53603: Update to linux-4.9.272-2 d7749f393c Bug #53603: yaml linux-image-4.9.0-16-amd64-signed univention-kernel-image-signed 5.0.0-18A~4.4.0.202107272238 OK: DVD Rebuild + Install Tests OK: Package Install + Update tests on 4.4-8, secure-boot Verified
<https://errata.software-univention.de/#/?erratum=4.4x1018> <https://errata.software-univention.de/#/?erratum=4.4x1019>