Univention Bugzilla – Bug 49364
linux: Multiple issues (4.3)
Last modified: 2019-05-02 12:35:00 CEST
New Debian linux 4.9.168-1 fixes: This update addresses the following issues: * Information Exposure through dmesg data from a "software IO TLB" printk call (CVE-2018-5953) * use-after-free Read in vhost_transport_send_pkt (CVE-2018-14625) * nfs: use-after-free in svc_process_common() (CVE-2018-16884) * Use-after-free in sound/usb/card.c:usb_audio_probe() (CVE-2018-19824) * oob memory read in hso_probe in drivers/net/usb/hso.c (CVE-2018-19985) * usb: missing size check in the __usb_get_extra_descriptor() leading to DoS (CVE-2018-20169) * Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet (CVE-2018-1000026) * Heap address information leak while using L2CAP_GET_CONF_OPT (CVE-2019-3459) * Heap address information leak while using L2CAP_PARSE_CONF_RSP (CVE-2019-3460) * Missing check in net/can/gw.c:can_can_gw_rcv() allows for crash by users with CAP_NET_ADMIN (CVE-2019-3701) * infinite loop in drivers/hid/hid-debug.c:hid_debug_events_read() (CVE-2019-3819) * KVM: potential use-after-free via kvm_ioctl_create_device() (CVE-2019-6974) * KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer (CVE-2019-7221) * KVM: leak of uninitialized stack contents to guest (CVE-2019-7222) * memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service (CVE-2019-8980) * lack of check for mmap minimum address in expand_downwards in mm/mmap.c leads to NULL pointer dereferences exploit on non-SMAP platforms (CVE-2019-9213) * hwpoison implementation in mm/memory-failure.c leads to denial of service (CVE-2019-10124)
--- mirror/ftp/4.3/unmaintained/4.3-4/source/univention-kernel-image_11.0.1-11A~4.3.0.201812211117.dsc +++ apt/ucs_4.3-0-errata4.3-4/source/univention-kernel-image_11.0.1-12A~4.3.0.201904301019.dsc @@ -1,6 +1,10 @@ -11.0.1-11A~4.3.0.201812211117 [Fri, 21 Dec 2018 11:17:14 +0100] Univention builddaemon <buildd@univention.de>: +11.0.1-12A~4.3.0.201904301019 [Tue, 30 Apr 2019 10:19:46 +0200] Univention builddaemon <buildd@univention.de>: * UCS auto build. No patches were applied to the original source package + +11.0.1-12 [Tue, 30 Apr 2019 10:16:32 +0200] Philipp Hahn <hahn@univention.de>: + + * Bug #49364: Update to linux-4.9.0-9 11.0.1-11 [Thu, 20 Dec 2018 16:31:02 +0100] Philipp Hahn <hahn@univention.de>: <http://10.200.17.11/4.3-4/#7323101353368736309>
--- mirror/ftp/4.3/unmaintained/4.3-4/source/univention-kernel-image-signed_4.0.0-10A~4.3.0.201902270914.dsc +++ apt/ucs_4.3-0-errata4.3-4/source/univention-kernel-image-signed_4.0.0-11A~4.3.0.201904300918.dsc @@ -1,6 +1,10 @@ -4.0.0-10A~4.3.0.201902270914 [Wed, 27 Feb 2019 09:14:39 +0100] Univention builddaemon <buildd@univention.de>: +4.0.0-11A~4.3.0.201904300918 [Tue, 30 Apr 2019 09:18:28 +0200] Univention builddaemon <buildd@univention.de>: * UCS auto build. No patches were applied to the original source package + +4.0.0-11 [Tue, 30 Apr 2019 09:02:54 +0200] Philipp Hahn <hahn@univention.de>: + + * Bug #49364: Update to linux-4.9.168-1 4.0.0-10 [Wed, 27 Feb 2019 09:07:51 +0100] Philipp Hahn <hahn@univention.de>: <http://10.200.17.11/4.3-4/#7323101353368736309>
[4.3-4] e0f6926564 Bug #49364: Update to linux-4.9.168-1 .../univention-kernel-image-signed/debian/changelog | 6 ++++++ kernel/univention-kernel-image-signed/debian/control | 10 +++++----- .../vmlinuz-4.9.0-9-amd64.efi.signed | Bin 0 -> 4249200 bytes 3 files changed, 11 insertions(+), 5 deletions(-) [4.3-4] 47b4028717 Bug #49364: Update to linux-4.9.168-1 2 .../univention-kernel-image-signed/debian/copyright | 2 +- kernel/univention-kernel-image-signed/debian/rules | 2 +- .../vmlinuz-4.9.0-8-amd64.efi.signed | Bin 4245104 -> 0 bytes 3 files changed, 2 insertions(+), 2 deletions(-) Package: univention-kernel-image-signed Version: 4.0.0-11A~4.3.0.201904300918 Branch: ucs_4.3-0 Scope: errata4.3-4 [4.3-4] fda1f4c4bb Bug #49364: Update to linux-4.9.0-9 kernel/univention-kernel-image/debian/changelog | 6 ++++++ kernel/univention-kernel-image/debian/copyright | 2 +- kernel/univention-kernel-image/debian/rules | 4 ++-- .../debian/univention-kernel-image.postinst.in | 2 +- kernel/univention-kernel-image/ucs-reboot-required | 2 +- 5 files changed, 11 insertions(+), 5 deletions(-) Package: univention-kernel-image Version: 11.0.1-12A~4.3.0.201904301019 Branch: ucs_4.3-0 Scope: errata4.3-4 [4.3-4] 1fb83ad3a1 Bug #49364: linux 4.9.168-1 doc/errata/staging/linux.yaml | 4 +- .../staging/univention-kernel-image-signed.yaml | 58 ++++++++++++++++++++++ doc/errata/staging/univention-kernel-image.yaml | 58 ++++++++++++++++++++++ 3 files changed, 119 insertions(+), 1 deletion(-)
OK: apt install univention-kernel-image=11.0.1-12A~4.3.0.201904301019 OK: uname -a OK: dmesg OK: amd64 @ kvm + BIOS OK: amd64 @ kvm + OVMF + SB OK: cat /sys/kernel/security/securelevel ; echo OK: i386 @ kvm OK: amd64 @ lynx5
<http://errata.software-univention.de/ucs/4.3/493.html> <http://errata.software-univention.de/ucs/4.3/494.html> <http://errata.software-univention.de/ucs/4.3/495.html>