Debian 10225 Published by

The following updates has been released for Debian GNU/Linux:

[DLA 103-1] linux-2.6 security update
[DSA 3093-1] linux security update
[DSA 3094-1] bind9 security update



[DLA 103-1] linux-2.6 security update

Package : linux-2.6
Version : CVE-2014-90902.6.32-48squeeze9
CVE ID : CVE-2012-6657 CVE-2013-0228 CVE-2013-7266 CVE-2014-4157
CVE-2014-4508 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655
CVE-2014-4943 CVE-2014-5077 CVE-2014-5471 CVE-2014-5472

This security upload has been prepared in cooperation of the Debian Kernel,
Security and LTS Teams and features the upstream stable release 2.6.32.64 (see
https://lkml.org/lkml/2014/11/23/181 for more information for that). It fixes
the CVEs described below.

Note: if you are using the openvz flavors, please consider three things: a.)
we haven't got any feedback on them (while we have for all other flavors) b.)
so do your test before deploying them and c.) once you have done so, please
give feedback to debian-lts@lists.debian.org.

If you are not using openvz flavors, please still consider b+c :):


CVE-2012-6657

Fix the sock_setsockopt function to prevent local users from being able to
cause a denial of service (system crash) attack.

CVE-2013-0228

Fix a XEN priviledge escalation, which allowed guest OS users to gain guest OS
priviledges.

CVE-2013-7266

Fix the mISDN_sock_recvmsg function to prevent local users from obtaining
sensitive information from kernel memory.

CVE-2014-4157

MIPS platform: prevent local users from bypassing intended PR_SET_SECCOMP
restrictions.

CVE-2014-4508

Prevent local users from causing a denial of service (OOPS and system crash)
when syscall auditing is enabled .

CVE-2014-4653
CVE-2014-4654
CVE-2014-4655

Fix the ALSA control implementation to prevent local users from causing a
denial of service attack and from obtaining sensitive information from kernel
memory.

CVE-2014-4943

Fix PPPoL2TP feature to prevent local users to from gaining privileges.

CVE-2014-5077

Prevent remote attackers from causing a denial of service attack involving
SCTP.

CVE-2014-5471
CVE-2014-5472

Fix the parse_rock_ridge_inode_internal function to prevent local users from
causing a denial of service attack via a crafted iso9660 images.

CVE-2014-9090

Fix the do_double_fault function to prevent local users from causing a denial
of service (panic) attack.


[DSA 3093-1] linux security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3093-1 security@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
December 08, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2014-7841 CVE-2014-8369 CVE-2014-8884 CVE-2014-9090

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a denial of service or privilege escalation:

CVE-2014-7841

Liu Wei of Red Hat discovered that a SCTP server doing ASCONF will
panic on malformed INIT chunks by triggering a NULL pointer
dereference.

CVE-2014-8369

A flaw was discovered in the way iommu mapping failures were handled
in the kvm_iommu_map_pages() function in the Linux kernel. A guest
OS user could exploit this flaw to cause a denial of service (host
OS memory corruption) or possibly have other unspecified impact on
the host OS.

CVE-2014-8884

A stack-based buffer overflow flaw was discovered in the
TechnoTrend/Hauppauge DEC USB driver. A local user with write access
to the corresponding device could use this flaw to crash the kernel
or, potentially, elevate their privileges.

CVE-2014-9090

Andy Lutomirski discovered that the do_double_fault function in
arch/x86/kernel/traps.c in the Linux kernel did not properly handle
faults associated with the Stack Segment (SS) segment register,
which allows local users to cause a denial of service (panic).

For the stable distribution (wheezy), these problems have been fixed in
version 3.2.63-2+deb7u2. This update also includes fixes for regressions
introduced by previous updates.

For the unstable distribution (sid), these problems will be fixed soon
in version 3.16.7-ckt2-1.

We recommend that you upgrade your linux packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

[DSA 3094-1] bind9 security update

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3094-1 security@debian.org
http://www.debian.org/security/ Giuseppe Iuculano
December 08, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : bind9
CVE ID : CVE-2014-8500

It was discovered that BIND, a DNS server, is prone to a denial of
service vulnerability.
By making use of maliciously-constructed zones or a rogue server, an
attacker can exploit an oversight in the code BIND 9 uses to follow
delegations in the Domain Name Service, causing BIND to issue unlimited
queries in an attempt to follow the delegation.
This can lead to resource exhaustion and denial of service
(up to and including termination of the named server process.)

For the stable distribution (wheezy), this problem has been fixed in
version 1:9.8.4.dfsg.P1-6+nmu2+deb7u3.

For the upcoming stable distribution (jessie), this problem will be
fixed soon.

For the unstable distribution (sid), this problem will be fixed soon.

We recommend that you upgrade your bind9 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/