copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2016.0137 - ALERT [Linux][Debian][Android] kernel: Multiple vulnerabilities

Date: 20 January 2016
References: ESB-2016.0178  ESB-2016.0572  ESB-2016.0579  ASB-2016.0023.2  ESB-2016.0821  ESB-2016.1078  ESB-2016.1088  ESB-2016.1195  ESB-2016.1587  ESB-2016.1606  
ESB-2016.1680  ESB-2016.1697  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2016.0137
                           linux security update
                              20 January 2016

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           kernel
Publisher:         Debian
Operating System:  Debian GNU/Linux 8
                   Linux variants
                   Android
Impact/Access:     Root Compromise   -- Existing Account      
                   Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2016-0728 CVE-2016-0723 CVE-2015-8767
                   CVE-2015-7566 CVE-2013-4312 

Original Bulletin: 
   http://www.debian.org/security/2016/dsa-3448

Comment: This advisory references vulnerabilities in the Linux kernel that 
         also affect distributions other than Debian. It is recommended that
         administrators running Linux check for an updated version of the 
         kernel for their system.
         
         AusCERT has received reports of publicly available proof of concept
         code.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-3448-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
January 19, 2016                      https://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : linux
CVE ID         : CVE-2013-4312 CVE-2015-7566 CVE-2015-8767 CVE-2016-0723
                 CVE-2016-0728

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation or denial-of-service.

CVE-2013-4312

    Tetsuo Handa discovered that it is possible for a process to open
    far more files than the process' limit leading to denial-of-service
    conditions.

CVE-2015-7566

    Ralf Spenneberg of OpenSource Security reported that the visor
    driver crashes when a specially crafted USB device without bulk-out
    endpoint is detected.

CVE-2015-8767

    An SCTP denial-of-service was discovered which can be triggered by a
    local attacker during a heartbeat timeout event after the 4-way
    handshake.

CVE-2016-0723

    A use-after-free vulnerability was discovered in the TIOCGETD ioctl.
    A local attacker could use this flaw for denial-of-service.

CVE-2016-0728

    The Perception Point research team discovered a use-after-free
    vulnerability in the keyring facility, possibly leading to local
    privilege escalation.

For the stable distribution (jessie), these problems have been fixed in
version 3.16.7-ckt20-1+deb8u3.

We recommend that you upgrade your linux packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWni1mAAoJEAVMuPMTQ89EYvkP/Rmqrwxv1M+z4qj3OmfF81Q+
zj5Kd9nrvolH/asFac3URBHurSQby3JRgwxtqJuTrc68xBn147CQWaDM5nU9/HBi
Dt3eceDxsGBo9W8FJEpE6Yk4a3NyNiEOnT7gLFfSjFkmyGr3a6+7b1VPAEcsDeBV
FbA40UhrDnZYoeqqBFOGqedzFBioSafd+AQOYNqCjNByNq5i3SxMgS3XCECrruUr
yGfR+0RD5EibvcUddzduuGOvjmaW+mPK6OTVir2f6AwJFdSOJEegkSZRkLeBJgYL
Lfk131dlJ6gwelAaGOJA9wAqSPVIFe9h+jFh2DTQ6q5Lrg5dchkibbb2eSuoqRO1
Fa1cXW33k8YSilTzvy7pO1Snrp2YhGKK3RPo5PNAsdmOiuzSkI9PUw+khz/TtJ9N
XSKmOGd3ZT3R81UuEiXTdJVzVsRS+jLpgQ2jjOlvDb5ldQgn9tirL36/isSRcM64
IGnJlLHxhzBv+GQyziVDy37ois2dYT3in6ls2tI7rHoYhaEyOwPyCn98/IJqPxea
SIeLGxStaaCGqgDaFqCJbRuAZGFqpwZLKSd9/HycA7jTJbfrdzD74eDFc8LvGYly
Il1vpT8Ekfxh9L4o+HkzVkme7dkYt5SmLGvN1euTUdjsuo87r3OwN0OKVhXrFoAV
qaetOmH+fJB1/jo9jPLH
=fylF
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVp7v5n6ZAP0PgtI9AQLZABAAsphid4Wo4kO2AB/zNL1SARmmZC/OvgCA
Lvp0HCO1gILpmai6QiVaBEx+pVogpF+eFC3ljkYP+B3B1jKOm250AfcRVjnhebEf
wDhMJJhRHKi7OEo4PTEHUp9PBz3suW4QkvkOaB98t8Myzw4qDewtZ2uQniuSk6T8
9WW+TZ9/lqcSXOk9BAyyEVCcqxOQHRyuqMVe+ni5rqtWBpfVQ7cBXfNx5YZ0yGjM
J/m+4UYFG2gFF1xsKsmMX7NVQYbw1hfY25YTsDPfYuc0EzcKYwV3XmdIYKwcP7GY
yQ0+XjNIBNT0z4wOiCPofGBfX3fdLJ34AwxDdYTOewmR4bdq9lRSmnfSPRonAB4E
cmYnZInycZA8IakdkNZVvE0g3nL0n3yb7e96HHLSPU7HZE+zYRT7MaPdOuQ1y8B3
bBOh6dX3G9oBd9f3CZCFTyh4H1ZX6L9zTYacLipAkH9l/TwK6GrVv3musctwRizZ
ZNLha/VeRUDrjSGHOwxp7+vmGTmhUY1zq3V46aHtQK1rmWJk+x6XZQynaUhssvbp
KeEY4ZowTrX5VvaPyvAvML9HlSTomEQAZXvRcE2bbpO8uXrR4ZCfDAam0cUTWQ7d
ugvac+9Cy3dT2F58zW6yQoqoAa8zsl5TqWXilGOVfF2zL6cFVIULkNOTA6YW+P8+
74Zj6+PppYU=
=rVKj
-----END PGP SIGNATURE-----