logo
DATABASE RESOURCES PRICING ABOUT US

Important: kernel

Description

**Issue Overview:** CVE-2016-8645 kernel: a BUG() statement can be hit in net/ipv4/tcp_input.c It was discovered that the Linux kernel since 3.6-rc1 with net.ipv4.tcp_fastopen; set to 1 can hit BUG() statement in tcp_collapse() function after making a number of certain syscalls leading to a possible system crash. CVE-2016-8655 kernel: Race condition in packet_set_ring leads to use after free A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets implementation in the Linux kernel networking subsystem handled synchronization while creating the TPACKET_V3 ring buffer. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) could use this flaw to elevate their privileges on the system. CVE-2016-9083 kernel: State machine confusion bug in vfio driver leading to memory corruption A flaw was discovered in the Linux kernel's implementation of VFIO. An attacker issuing an ioctl can create a situation where memory is corrupted and modify memory outside of the expected area. This may overwrite kernel memory and subvert kernel execution. CVE-2016-9084 kernel: Integer overflow when using kzalloc in vfio driver The use of a kzalloc with an integer multiplication allowed an integer overflow condition to be reached in vfio_pci_intrs.c. This combined with CVE-2016-9083 may allow an attacker to craft an attack and use unallocated memory, potentially crashing the machine. **Affected Packages:** kernel **Issue Correction:** Run _yum update kernel_ to update your system. **New Packages:** i686:     kernel-debuginfo-common-i686-4.4.35-33.55.amzn1.i686     perf-debuginfo-4.4.35-33.55.amzn1.i686     kernel-tools-4.4.35-33.55.amzn1.i686     perf-4.4.35-33.55.amzn1.i686     kernel-4.4.35-33.55.amzn1.i686     kernel-tools-debuginfo-4.4.35-33.55.amzn1.i686     kernel-headers-4.4.35-33.55.amzn1.i686     kernel-debuginfo-4.4.35-33.55.amzn1.i686     kernel-tools-devel-4.4.35-33.55.amzn1.i686     kernel-devel-4.4.35-33.55.amzn1.i686 noarch:     kernel-doc-4.4.35-33.55.amzn1.noarch src:     kernel-4.4.35-33.55.amzn1.src x86_64:     kernel-tools-4.4.35-33.55.amzn1.x86_64     perf-debuginfo-4.4.35-33.55.amzn1.x86_64     kernel-headers-4.4.35-33.55.amzn1.x86_64     kernel-tools-devel-4.4.35-33.55.amzn1.x86_64     perf-4.4.35-33.55.amzn1.x86_64     kernel-debuginfo-common-x86_64-4.4.35-33.55.amzn1.x86_64     kernel-4.4.35-33.55.amzn1.x86_64     kernel-devel-4.4.35-33.55.amzn1.x86_64     kernel-debuginfo-4.4.35-33.55.amzn1.x86_64     kernel-tools-debuginfo-4.4.35-33.55.amzn1.x86_64 ### Additional References Red Hat: [CVE-2016-8645](<https://access.redhat.com/security/cve/CVE-2016-8645>), [CVE-2016-8655](<https://access.redhat.com/security/cve/CVE-2016-8655>), [CVE-2016-9083](<https://access.redhat.com/security/cve/CVE-2016-9083>), [CVE-2016-9084](<https://access.redhat.com/security/cve/CVE-2016-9084>) Mitre: [CVE-2016-8645](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8645>), [CVE-2016-8655](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8655>), [CVE-2016-9083](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9083>), [CVE-2016-9084](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9084>)


Affected Package


OS OS Version Package Name Package Version
Amazon Linux 1 kernel-debuginfo-common-i686 4.4.35-33.55.amzn1
Amazon Linux 1 perf-debuginfo 4.4.35-33.55.amzn1
Amazon Linux 1 kernel-tools 4.4.35-33.55.amzn1
Amazon Linux 1 perf 4.4.35-33.55.amzn1
Amazon Linux 1 kernel 4.4.35-33.55.amzn1
Amazon Linux 1 kernel-tools-debuginfo 4.4.35-33.55.amzn1
Amazon Linux 1 kernel-headers 4.4.35-33.55.amzn1
Amazon Linux 1 kernel-debuginfo 4.4.35-33.55.amzn1
Amazon Linux 1 kernel-tools-devel 4.4.35-33.55.amzn1
Amazon Linux 1 kernel-devel 4.4.35-33.55.amzn1
Amazon Linux 1 kernel-doc 4.4.35-33.55.amzn1
Amazon Linux 1 kernel 4.4.35-33.55.amzn1
Amazon Linux 1 kernel-tools 4.4.35-33.55.amzn1
Amazon Linux 1 perf-debuginfo 4.4.35-33.55.amzn1
Amazon Linux 1 kernel-headers 4.4.35-33.55.amzn1
Amazon Linux 1 kernel-tools-devel 4.4.35-33.55.amzn1
Amazon Linux 1 perf 4.4.35-33.55.amzn1
Amazon Linux 1 kernel-debuginfo-common-x86_64 4.4.35-33.55.amzn1
Amazon Linux 1 kernel 4.4.35-33.55.amzn1
Amazon Linux 1 kernel-devel 4.4.35-33.55.amzn1
Amazon Linux 1 kernel-debuginfo 4.4.35-33.55.amzn1
Amazon Linux 1 kernel-tools-debuginfo 4.4.35-33.55.amzn1

Related