[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 20 May 2020 17:35:27 +0200
From: Solar Designer <solar@...nwall.com>
To: owl-users@...ts.openwall.com
Subject: Re: Owl kernel update
On Tue, May 19, 2020 at 10:17:42PM +0200, Solar Designer wrote:
> 2020/05/19 Package: kernel
> SECURITY FIX Severity: high, local, active
> Merged the most relevant fixes from RHEL5's -436, including for the
> following local vulnerabilities: use-after-free in sys_mq_notify()
> allowing for a local root compromise and container escape by any user
> (CVE-2017-11176), divide-by-zero in __tcp_select_window() allowing for a
> local DoS (CVE-2017-14106), use-after-free in ALSA allowing for a local
> root compromise by a host user in group "audio" if the vulnerable kernel
> module is loaded (CVE-2017-15265). Also fixed is an inconsistency in
> modify_ldt(2)'s memory (de)allocation, which got introduced along with
> KPTI in our update to -431 and is known as Red Hat's "bug 1584622" and
> might have had local security impact.
> References:
> https://access.redhat.com/errata/RHSA-2018:3822
> https://access.redhat.com/errata/RHSA-2018:2172
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11176
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14106
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15265
> https://blog.lexfo.fr/cve-2017-11176-linux-kernel-exploitation-part1.html
>
> I'll likely get this into 3.1-stable soon as well.
This is now also in 3.1-stable.
Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
