Univention Bugzilla – Bug 49377
linux: Multiple issues (4.4)
Last modified: 2019-05-02 13:22:39 CEST
New Debian linux 4.9.168-1 fixes: This update addresses the following issues: * Information Exposure through dmesg data from a "software IO TLB" printk call (CVE-2018-5953) * use-after-free Read in vhost_transport_send_pkt (CVE-2018-14625) * nfs: use-after-free in svc_process_common() (CVE-2018-16884) * Use-after-free in sound/usb/card.c:usb_audio_probe() (CVE-2018-19824) * oob memory read in hso_probe in drivers/net/usb/hso.c (CVE-2018-19985) * usb: missing size check in the __usb_get_extra_descriptor() leading to DoS (CVE-2018-20169) * Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet (CVE-2018-1000026) * Heap address information leak while using L2CAP_GET_CONF_OPT (CVE-2019-3459) * Heap address information leak while using L2CAP_PARSE_CONF_RSP (CVE-2019-3460) * Missing check in net/can/gw.c:can_can_gw_rcv() allows for crash by users with CAP_NET_ADMIN (CVE-2019-3701) * infinite loop in drivers/hid/hid-debug.c:hid_debug_events_read() (CVE-2019-3819) * KVM: potential use-after-free via kvm_ioctl_create_device() (CVE-2019-6974) * KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer (CVE-2019-7221) * KVM: leak of uninitialized stack contents to guest (CVE-2019-7222) * memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service (CVE-2019-8980) * lack of check for mmap minimum address in expand_downwards in mm/mmap.c leads to NULL pointer dereferences exploit on non-SMAP platforms (CVE-2019-9213) * hwpoison implementation in mm/memory-failure.c leads to denial of service (CVE-2019-10124)
--- mirror/ftp/4.4/unmaintained/4.4-0/source/univention-kernel-image_11.0.1-11A~4.3.0.201812211117.dsc +++ apt/ucs_4.4-0-errata4.4-0/source/univention-kernel-image_12.0.0-2A~4.4.0.201904301055.dsc @@ -1,14 +1,14 @@ -11.0.1-11A~4.3.0.201812211117 [Fri, 21 Dec 2018 11:17:14 +0100] Univention builddaemon <buildd@univention.de>: +12.0.0-2A~4.4.0.201904301055 [Tue, 30 Apr 2019 10:55:50 +0200] Univention builddaemon <buildd@univention.de>: * UCS auto build. No patches were applied to the original source package -11.0.1-11 [Thu, 20 Dec 2018 16:31:02 +0100] Philipp Hahn <hahn@univention.de>: +12.0.0-2 [Tue, 30 Apr 2019 10:16:32 +0200] Philipp Hahn <hahn@univention.de>: - * Bug #48349: Always update UCRV update/reboot/required + * Bug #49377: Update to linux-4.9.0-9 -11.0.1-10 [Thu, 20 Dec 2018 16:00:36 +0100] Philipp Hahn <hahn@univention.de>: +12.0.0-1 [Fri, 14 Dec 2018 15:12:34 +0100] Philipp Hahn <hahn@univention.de>: - * Bug #48349: Update UCRV update/reboot/required + * Bug #48326: UCS-4.4-0 version bump 11.0.1-9 [Tue, 21 Aug 2018 14:23:52 +0200] Philipp Hahn <hahn@univention.de>: <http://10.200.17.11/4.4-0/#2624132856450274179>
--- mirror/ftp/4.4/unmaintained/4.4-0/source/univention-kernel-image-signed_4.0.0-10A~4.3.0.201902270914.dsc +++ apt/ucs_4.4-0-errata4.4-0/source/univention-kernel-image-signed_5.0.0-2A~4.4.0.201904301047.dsc @@ -1,10 +1,14 @@ -4.0.0-10A~4.3.0.201902270914 [Wed, 27 Feb 2019 09:14:39 +0100] Univention builddaemon <buildd@univention.de>: +5.0.0-2A~4.4.0.201904301047 [Tue, 30 Apr 2019 10:47:38 +0200] Univention builddaemon <buildd@univention.de>: * UCS auto build. No patches were applied to the original source package -4.0.0-10 [Wed, 27 Feb 2019 09:07:51 +0100] Philipp Hahn <hahn@univention.de>: +5.0.0-2 [Tue, 30 Apr 2019 09:02:54 +0200] Philipp Hahn <hahn@univention.de>: - * Bug #48782: Update to linux-4.9.144-3 + * Bug #49364: Update to linux-4.9.168-1 + +5.0.0-1 [Fri, 14 Dec 2018 15:12:34 +0100] Philipp Hahn <hahn@univention.de>: + + * Bug #48326: UCS-4.4-0 version bump 4.0.0-9 [Mon, 19 Nov 2018 13:21:33 +0100] Philipp Hahn <hahn@univention.de>: <http://10.200.17.11/4.4-0/#2624132856450274179>
[4.4-0] 0e31d50686 Bug #49364: Update to linux-4.9.168-1 .../univention-kernel-image-signed/debian/changelog | 6 ++++++ kernel/univention-kernel-image-signed/debian/control | 10 +++++----- .../vmlinuz-4.9.0-8-amd64.efi.signed | Bin 4236912 -> 0 bytes .../vmlinuz-4.9.0-9-amd64.efi.signed | Bin 0 -> 4249200 bytes 4 files changed, 11 insertions(+), 5 deletions(-) Package: univention-kernel-image-signed Version: 5.0.0-2A~4.4.0.201904301047 Branch: ucs_4.4-0 Scope: errata4.4-0 [4.4-0] eab2499697 Bug #49377: Update to linux-4.9.0-9 kernel/univention-kernel-image-signed/debian/changelog | 2 +- kernel/univention-kernel-image/debian/changelog | 6 ++++++ kernel/univention-kernel-image/debian/rules | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) [4.4-0] eb18188146 Bug #49377: Update to linux-4.9.0-9 2 kernel/univention-kernel-image/debian/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Package: univention-kernel-image Version: 12.0.0-2A~4.4.0.201904301055 Branch: ucs_4.4-0 Scope: errata4.4-0 [4.4-0] 7829bcb4ce Bug #49377: linux 4.9.168-1 doc/errata/staging/linux.yaml | 4 +- .../staging/univention-kernel-image-signed.yaml | 58 ++++++++++++++++++++++ doc/errata/staging/univention-kernel-image.yaml | 58 ++++++++++++++++++++++ 3 files changed, 119 insertions(+), 1 deletion(-) [4.4-0] 13a002f20d Bug #49377: univention-kernel-image 12.0.0-2A~4.4.0.201904301055 doc/errata/staging/univention-kernel-image.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
OK: apt install univention-kernel-image=12.0.0-2A~4.4.0.201904301055 OK: uname -a OK: dmesg OK: amd64 @ kvm + BIOS OK: amd64 @ kvm + OVMF + SB OK: cat /sys/kernel/security/securelevel ; echo OK: i386 @ kvm OK: amd64 @ xen1
<http://errata.software-univention.de/ucs/4.4/75.html> <http://errata.software-univention.de/ucs/4.4/76.html> <http://errata.software-univention.de/ucs/4.4/77.html>