[lfs-book] [LFS Trac] #4012: linux-4.8.13 (CVE-2016-7596 CVE-2016-9919 CVE-2016-9793 CVE-2016-9794 CVE-2016-9806)

LFS Trac Fri, 09 Dec 2016 05:50:22 -0800

#4012: linux-4.8.13 (CVE-2016-7596 CVE-2016-9919 CVE-2016-9793 CVE-2016-9794
CVE-2016-9806)
---------------------+------------------------
 Reporter:  renodr   |      Owner:  lfs-book@…
     Type:  task     |     Status:  new
 Priority:  highest  |  Milestone:  7.11
Component:  Book     |    Version:  SVN
 Severity:  normal   |   Keywords:
---------------------+------------------------
 New minor version.


 Security update with some critical fixes.


 ----

 [http://seclists.org/oss-sec/2016/q4/644]

 CVE-2016-7596: Linux Kernel use-after-free in SCSI generic device
 interface


 ----

 The linux kernel contains a bug where a fragmented IPv6 packet causes a
 panic after a timeout (seems to be roughly 60 seconds). This can be
 triggered remotely via the internet and results in a DoS (kernel panic).

 [http://seclists.org/oss-sec/2016/q4/640]

 [http://seclists.org/oss-sec/2016/q4/641]

 CVE-2016-9919


 ----

  CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE

 Memory corruption.

 [http://seclists.org/oss-sec/2016/q4/573]

 [http://seclists.org/oss-sec/2016/q4/574]

 Affects all kernels back to 3.5 series, with a different CVE being
 assigned all the way back to 2.6.x.


 {{{
 Use CVE-2016-9793. This affects, for example, 4.8.12.


 We might not completely understand the CVE implications of the "Note
 that before
 
https://github.com/torvalds/linux/commit/82981930125abfd39d7c8378a9cfdf5e1be2002b
 the bug was even more serious, since SO_SNDBUF and SO_RCVBUF were
 vulnerable" comment within the
 b98b0bc8c431e3ceb4b26b0dfc8db509518fb290 commit message.
 82981930125abfd39d7c8378a9cfdf5e1be2002b is a commit from 2012. The
 3.5 release has this, whereas the 3.4 release does not.

 For now, we are assigning CVE-2012-6704 to mean the analogous
 vulnerability involving SO_SNDBUF and SO_RCVBUF that affects "before
 3.5" kernels.
 }}}


 ----
 CVE request: -- Linux kernel: ALSA: use-after-free in,kill_fasync

 [http://seclists.org/oss-sec/2016/q4/575]

 [http://seclists.org/oss-sec/2016/q4/576]

 CVE-2016-9794


 ----
  CVE Request: -- Linux kernel: double free in netlink_dump

 [http://seclists.org/oss-sec/2016/q4/577]

 [http://seclists.org/oss-sec/2016/q4/580]

 CVE-2016-9806


 ----
 My personal advice is to put out an advisory to the list as soon as we are
 done updating this package, and make a change to the errata for both
 books. This is serious and is worse than Dirty CoW.

--
Ticket URL: <http://wiki.linuxfromscratch.org/lfs/ticket/4012>
LFS Trac <http://wiki.linuxfromscratch.org/lfs/>
Linux From Scratch: Your Distro, Your Rules.
-- 
http://lists.linuxfromscratch.org/listinfo/lfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

[lfs-book] [LFS Trac] #4012: linux-4.8.13 (CVE-2016-7596 CVE-2016-9919 CVE-2016-9793 CVE-2016-9794 CVE-2016-9806)

Reply via email to