{"id":"MGASA-2015-0070","summary":"Updated kernel packages fix security vulnerabilities","details":"This kernel update is based on upstream -longterm 3.14.32 and fixes the \nfollowing security issues:\n\nThe Linux kernel through 3.17.4 does not properly restrict dropping of\nsupplemental group memberships in certain namespace scenarios, which allows\nlocal users to bypass intended file permissions by leveraging a POSIX ACL\ncontaining an entry for the group category that is more restrictive than\nthe entry for the other category, aka a \"negative groups\" issue, related to\nkernel/groups.c, kernel/uid16.c, and kernel/user_namespace.c (CVE-2014-8989).\n\nThe batadv_frag_merge_packets function in net/batman-adv/fragmentation.c in\nthe B.A.T.M.A.N. implementation in the Linux kernel through 3.18.1 uses an\nincorrect length field during a calculation of an amount of memory, which\nallows remote attackers to cause a denial of service (mesh-node system crash)\nvia fragmented packets (CVE-2014-9428).\n\nRace condition in the key_gc_unused_keys function in security/keys/gc.c\nin the Linux kernel through 3.18.2 allows local users to cause a denial\nof service (memory corruption or panic) or possibly have unspecified other\nimpact via keyctl commands that trigger access to a key structure member\nduring garbage collection of a key (CVE-2014-9529).\n\nThe parse_rock_ridge_inode_internal function in fs/isofs/rock.c in the Linux\nkernel before 3.18.2 does not validate a length value in the Extensions\nReference (ER) System Use Field, which allows local users to obtain sensitive\ninformation from kernel memory via a crafted iso9660 image (CVE-2014-9584).\n\nThe vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through\n3.18.2 does not properly choose memory locations for the vDSO area, which\nmakes it easier for local users to bypass the ASLR protection mechanism by\nguessing a location at the end of a PMD (CVE-2014-9585).\n\nLinux Kernel 2.6.38 through 3.18 are affected by a flaw in the Crypto API\nthat allows any local user to load any installed kernel module on systems\nwhere CONFIG_CRYPTO_USER_API=y by abusing the request_module() call\n(CVE-2013-7421, CVE-2014-9644).\n\nWhen hitting an sctp INIT collision case during the 4WHS with AUTH enabled,\nit can create a local denial of service by triggerinf a panic on server side\n(CVE-2015-1421).\n\nIt was found that routing packets to too many different dsts/too fast can\nlead to a excessive resource consumption. A remote attacker can use this\nflaw to crash the system (CVE-2015-1465).\n\nFor other fixes in this update, see the referenced changelogs.\n","modified":"2026-02-04T02:25:01.068307Z","published":"2015-02-17T18:38:13Z","related":["CVE-2013-7421","CVE-2014-8989","CVE-2014-9428","CVE-2014-9529","CVE-2014-9584","CVE-2014-9585","CVE-2014-9644","CVE-2015-1421","CVE-2015-1465"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0070.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=15221"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.28"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.29"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.30"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.31"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.32"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.14.32-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0070.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.14.32-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0070.json"}},{"package":{"name":"kmod-vboxadditions","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-vboxadditions?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.20-5.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0070.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.20-5.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0070.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.5-11.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0070.json"}},{"package":{"name":"kmod-broadcom-wl","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-broadcom-wl?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.30.223.141-47.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0070.json"}},{"package":{"name":"kmod-fglrx","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-fglrx?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"14.010.1006-17.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0070.json"}},{"package":{"name":"kmod-nvidia173","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-nvidia173?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"173.14.39-31.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0070.json"}},{"package":{"name":"kmod-nvidia304","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-nvidia304?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"304.125-3.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0070.json"}},{"package":{"name":"kmod-nvidia-current","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-nvidia-current?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"331.113-3.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0070.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}