Lucene search

K
osvGoogleOSV:DLA-439-1
HistoryFeb 29, 2016 - 12:00 a.m.

linux-2.6 - security update

2016-02-2900:00:00
Google
osv.dev
20

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

This update fixes the CVEs described below.

  • CVE-2015-8812
    A flaw was found in the iw_cxgb3 Infiniband driver. Whenever it
    could not send a packet because the network was congested, it
    would free the packet buffer but later attempt to send the packet
    again. This use-after-free could result in a denial of service
    (crash or hang), data loss or privilege escalation.
  • CVE-2016-0774
    It was found that the fix for CVE-2015-1805 in kernel versions
    older than Linux 3.16 did not correctly handle the case of a
    partially failed atomic read. A local, unprivileged user could
    use this flaw to crash the system or leak kernel memory to user
    space.
  • CVE-2016-2384
    Andrey Konovalov found that a USB MIDI device with an invalid USB
    descriptor could trigger a double-free. This may be used by a
    physically present user for privilege escalation.

Additionally, it fixes some old security issues with no CVE ID:

Several kernel APIs permitted reading or writing 2 GiB of data or
more in a single chunk, which could lead to an integer overflow
when applied to certain filesystems, socket or device types. The
full security impact has not been evaluated.

Finally, it fixes a regression in 2.6.32-48squeeze17 that would cause
Samba to hang in some situations.

For the oldoldstable distribution (squeeze), these problems have been
fixed in version 2.6.32-48squeeze20. This is *really* the final
update to the linux-2.6 package for squeeze.

For the oldstable distribution (wheezy), the kernel was not affected
by the integer overflow issues and the remaining problems will be
fixed in version 3.2.73-2+deb7u3.

For the stable distribution (jessie), the kernel was not affected by
the integer overflow issues or CVE-2016-0774, and the remaining
problems will be fixed in version 3.16.7-ckt20-1+deb8u4.

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C