Debian 10225 Published by

The following updates has been released for Debian GNU/Linux:

Debian GNU/Linux 7 Extended LTS:
ELA-133-1: linux security update

Debian GNU/Linux 9:
DSA 4467-2: vim regression update
DSA 4470-1: pdns security update



ELA-133-1: linux security update


Package: linux
Version: 3.16.68-2~deb7u1
Related CVE: CVE-2019-3846 CVE-2019-5489 CVE-2019-10126 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11810 CVE-2019-11833 CVE-2019-11884
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

CVE-2019-3846, CVE-2019-10126

huangwen reported multiple buffer overflows in the Marvell wifi
(mwifiex) driver, which a local user could use to cause denial of
service or the execution of arbitrary code.
CVE-2019-5489

Daniel Gruss, Erik Kraft, Trishita Tiwari, Michael Schwarz, Ari
Trachtenberg, Jason Hennessey, Alex Ionescu, and Anders Fogh
discovered that local users could use the mincore() system call to
obtain sensitive information from other processes that access the
same memory-mapped file.
CVE-2019-11477

Jonathan Looney reported that a specially crafted sequence of TCP
selective acknowledgements (SACKs) allows a remotely triggerable
kernel panic.
CVE-2019-11478

Jonathan Looney reported that a specially crafted sequence of TCP
selective acknowledgements (SACKs) will fragment the TCP
retransmission queue, allowing an attacker to cause excessive
resource usage.
CVE-2019-11479

Jonathan Looney reported that an attacker could force the Linux
kernel to segment its responses into multiple TCP segments, each of
which contains only 8 bytes of data, drastically increasing the
bandwidth required to deliver the same amount of data.

This update introduces a new sysctl value to control the minimal MSS
(net.ipv4.tcp_min_snd_mss), which by default uses the formerly hard-
coded value of 48. We recommend raising this to 512 unless you know
that your network requires a lower value. (This value applies to
Linux 3.16 only.)
CVE-2019-11810

It was discovered that the megaraid_sas driver did not correctly
handle a failed memory allocation during initialisation, which
could lead to a double-free. This might have some security
impact, but it cannot be triggered by an unprivileged user.
CVE-2019-11833

It was discovered that the ext4 filesystem implementation writes
uninitialised data from kernel memory to new extent blocks. A
local user able to write to an ext4 filesystem and then read the
filesystem image, for example using a removable drive, might be
able to use this to obtain sensitive information.
CVE-2019-11884

It was discovered that the Bluetooth HIDP implementation did not
ensure that new connection names were null-terminated. A local
user with CAP_NET_ADMIN capability might be able to use this to
obtain sensitive information from the kernel stack.
For Debian 7 Wheezy, these problems have been fixed in version 3.16.68-2~deb7u1.

We recommend that you upgrade your linux packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

DSA 4467-2: vim regression update




- -------------------------------------------------------------------------
Debian Security Advisory DSA-4467-2 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 23, 2019 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : vim
CVE ID : CVE-2019-12735

The update for vim released as DSA 4467-1 introduced a regression which
broke syntax highlighting in some circumstances. Updated vim packages
are now available to correct this issue.

For the stable distribution (stretch), this problem has been fixed in
version 8.0.0197-4+deb9u3.

We recommend that you upgrade your vim packages.

For the detailed security status of vim please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/vim

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/



DSA 4470-1: pdns security update




- -------------------------------------------------------------------------
Debian Security Advisory DSA-4470-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 23, 2019 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : pdns
CVE ID : CVE-2019-10162 CVE-2019-10163

Two vulnerabilities have been discovered in pdns, an authoritative DNS
server which may result in denial of service via malformed zone records
and excessive NOTIFY packets in a master/slave setup.

For the stable distribution (stretch), these problems have been fixed in
version 4.0.3-1+deb9u5.

We recommend that you upgrade your pdns packages.

For the detailed security status of pdns please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/pdns

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/