copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2015.2583 - [Debian] kernel: Multiple vulnerabilities

Date: 14 October 2015
References: ESB-2015.2460  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2015.2583
                           linux security update
                              14 October 2015

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel
Publisher:         Debian
Operating System:  Debian GNU/Linux 7
                   Debian GNU/Linux 8
Impact/Access:     Root Compromise        -- Existing Account
                   Access Privileged Data -- Existing Account
                   Modify Arbitrary Files -- Existing Account
                   Denial of Service      -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2015-7613 CVE-2015-5283 CVE-2015-5257
                   CVE-2015-2925  

Reference:         ESB-2015.2460

Original Bulletin: 
   http://www.debian.org/security/2015/dsa-3372

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-3372-1                   security@debian.org
https://www.debian.org/security/                            Ben Hutchings
October 13, 2015                      https://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : linux
CVE ID         : CVE-2015-2925 CVE-2015-5257 CVE-2015-5283 CVE-2015-7613

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service, unauthorised
information disclosure or unauthorised information modification.

CVE-2015-2925

    Jann Horn discovered that when a subdirectory of a filesystem was
    bind-mounted into a chroot or mount namespace, a user that should
    be confined to that chroot or namespace could access the whole of
    that filesystem if they had write permission on an ancestor of
    the subdirectory.  This is not a common configuration for wheezy,
    and the issue has previously been fixed for jessie.

CVE-2015-5257

    Moein Ghasemzadeh of Istuary Innovation Labs reported that a USB
    device could cause a denial of service (crash) by imitating a
    Whiteheat USB serial device but presenting a smaller number of
    endpoints.

CVE-2015-5283

    Marcelo Ricardo Leitner discovered that creating multiple SCTP
    sockets at the same time could cause a denial of service (crash)
    if the sctp module had not previously been loaded.  This issue
    only affects jessie.

CVE-2015-7613

    Dmitry Vyukov discovered that System V IPC objects (message queues
    and shared memory segments) were made accessible before their
    ownership and other attributes were fully initialised.  If a local
    user can race against another user or service creating a new IPC
    object, this may result in unauthorised information disclosure,
    unauthorised information modification, denial of service and/or
    privilege escalation.

    A similar issue existed with System V semaphore arrays, but was
    less severe because they were always cleared before being fully
    initialised.

For the oldstable distribution (wheezy), these problems have been fixed
in version 3.2.68-1+deb7u5.

For the stable distribution (jessie), these problems have been fixed in
version 3.16.7-ckt11-1+deb8u5.

For the unstable distribution (sid), these problems have been fixed in
version 4.2.3-1 or earlier versions.

We recommend that you upgrade your linux packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWHNTSAAoJEAVMuPMTQ89E7EsP/Rm9NNOIoIh+TY4TnKwPJmKa
tuGLWWOZ/yI90MR7wl9JLWSDBT0DD4fV5LKNp2p3ClV+1nMIbEEkcSOMgWyVtsHT
CKjb8XvYmEm8174E1XcaEQ+ZWiQdpFwe7VABsIhVfD2G2QqXHoIiLFjjnuyiN6qw
ZU/69j1nTfimoyoMyXThsAb93rWQii7/8baQ5LRVHXhipJeudq0mbAKY0GSFAXQa
b6ZmFzXx9/XTLkXGl5m/XFddbEaBo5UGTx1L5GDvjgb4iaQPih8df58aV4GLNGq9
cyjZpZKSuhj2CNPK84fqUo+LlX867NdyC2e3M8uf7S9KYCWsqbl8qByiGLIebYOl
yS0rXVret4Fa+9UqvuNSbp2iIx4g3vu/awUKOs9/nlz/OCBlFpQMbypeRUJi+eu5
99gDNAwZgym/77qnQKBVy2mWuDoYWn3eqg3JluwSZyDV8G+5QhEEesOcsF5U21rA
2RcTRpP6byh6m8IZQ6hDssoG0z8fuVIhwVo8yJ6P4dLf2rMbi/RNmxY6AYEFWYwW
3mTF6hwXG7J7qIMFIXy4Fuh/ea7AqYQtGfpvcnclSPd8BGESS/ySp+jMcOVQnOM/
dis38moi1fYpPAtgz2X9w3FexSy2+fMb/15xgBW0aay0isoqK5GwE1Am3Ed5LO54
Q7gz4VJxXxGKu6+N6nbg
=Hht/
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVh2z3n6ZAP0PgtI9AQJXrQ//ePRKXXSz/BaiV5GeXpdi5yYYLviNVnwc
4M7JWTPE/KbAMVkf/LhIilAUH7dbEDpTaBVAAhC+V98NQQRsGG2HKJNJPM+ds5BE
hAd0Vq5QCm7wDtU/cEssldl8wD7ckgfe2HFFvdeLECvdn62rwLxji0ABnDw3KRuT
YWTqDW7Rl1NBKR7FdLyUagJpYCFRFOtosxLVLRqVkdRPRFQjhkSB4GdbRrjP/nJf
A7GbNRcHHyuUGb7rby5ItbEIm1z/A5C1INjo9lfFCj7EU23uA2OYDr9rBVfx+731
oaL4iEaonwUsH9VTuzfN7XSrz+d7F2RjRK0oUYsHF9ACSxlUVXdflB4+oVhJ5h4X
lqOnoj45Fke3IpeLNbxr+xKR1xubnTPuT8K6+eCAmKQDJR7Pkx2jkwaZ1qCkil1a
hVOr2lavjZjb0O3sUI3YueVYRLDmKDcJkCnfTaa5ihoPeCZZbZHCNyyPkQKxubAC
1btw43okLvNUn/WMUg28Pw8p0J/jKPDX+l6PNDD+J7lZUHAR8TzbsGpAWTqF07yM
0NSgwVe/V1rSNteED3x6Uo5GjK1MFhocsmdMEt2v3E+ioxhO270oEFFZcna2JBlU
y8rR4kXODbv1tFQmMGI1XkMtXiOFwwUZ0nQCOUCH7j4PutK3+dnLDy3SfQuBrwKW
dTha9R9sq1w=
=u8xg
-----END PGP SIGNATURE-----