{"id":"MGASA-2016-0345","summary":"Updated kernel packages fixes security vulnerablilities","details":"This update is based on the upstream 4.4.22 kernel and fixes at least theese\nsecurity issues:\n\nsound/core/timer.c in the Linux kernel through 4.6 does not initialize \ncertain r1 data structures, which allows local users to obtain sensitive\ninformation from kernel stack memory via crafted use of the ALSA timer\ninterface, related to the (1) snd_timer_user_ccallback and (2)\nsnd_timer_user_tinterrupt functions (CVE-2016-4578).\n\nThe tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the\nLinux kernel through 4.6.3 does not properly copy a certain string, which\nallows local users to obtain sensitive information from kernel stack memory\nby reading a Netlink message (CVE-2016-5243).\n\nThe rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through\n4.6.3 does not initialize a certain structure member, which allows remote\nattackers to obtain sensitive information from kernel stack memory by reading\nan RDS message (CVE-2016-5244).\n\nMemory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c\nin the airspy USB driver in the Linux kernel before 4.7 allows local users \nto cause a denial of service (memory consumption) via a crafted USB device\nthat emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV devices and performs many\nconnect and disconnect operations (CVE-2016-5400).\n\nRace condition in the ioctl_send_fib function in drivers/scsi/aacraid/\ncommctrl.c in the Linux kernel through 4.7 allows local users to cause a\ndenial of service (out-of-bounds access or system crash) by changing a\ncertain size value, aka a \"double fetch\" vulnerability (CVE-2016-6480).\n\nThis update also changes the following:\n- enables STRICT_DEVMEM as a security hardening\n- disables FW_LOADER_USER_HELPER_FALLBACK again (un-intentionally \n  enabled in 4.4 series upgrade) that slows down boot or even makes\n  wireless connection fail with drivers with multiple possible\n  firmwares (mga#19390).\n\nFor other fixes in this update, see the referenced changelogs.\n","modified":"2026-02-04T02:41:39.587913Z","published":"2016-10-18T18:43:39Z","related":["CVE-2016-4578","CVE-2016-5243","CVE-2016-5244","CVE-2016-5400","CVE-2016-6480"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0345.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=19397"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=19390"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.17"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.18"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.19"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.20"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.21"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.22"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.22-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0345.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.22-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0345.json"}},{"package":{"name":"kmod-vboxadditions","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kmod-vboxadditions?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.1.2-6.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0345.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.1.2-6.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0345.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.10-12.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0345.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}