270 lines
12 KiB
JSON
270 lines
12 KiB
JSON
{
|
|
"Definition": [
|
|
{
|
|
"ID": "oval:org.altlinux.errata:def:20171601",
|
|
"Version": "oval:org.altlinux.errata:def:20171601",
|
|
"Class": "patch",
|
|
"Metadata": {
|
|
"Title": "ALT-PU-2017-1601: package `kernel-image-un-def` update to version 4.10.15-alt1",
|
|
"AffectedList": [
|
|
{
|
|
"Family": "unix",
|
|
"Platforms": [
|
|
"ALT Linux branch c9f2"
|
|
],
|
|
"Products": [
|
|
"ALT SPWorkstation",
|
|
"ALT SPServer"
|
|
]
|
|
}
|
|
],
|
|
"References": [
|
|
{
|
|
"RefID": "ALT-PU-2017-1601",
|
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2017-1601",
|
|
"Source": "ALTPU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2017-01087",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2017-01087",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2017-01162",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2017-01162",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2017-01465",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2017-01465",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2017-01568",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2017-01568",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2017-02044",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2017-02044",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "CVE-2017-10661",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-10661",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2017-7308",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-7308",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2017-7472",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-7472",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2017-7645",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-7645",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2017-7895",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-7895",
|
|
"Source": "CVE"
|
|
},
|
|
{
|
|
"RefID": "CVE-2017-8065",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2017-8065",
|
|
"Source": "CVE"
|
|
}
|
|
],
|
|
"Description": "This update upgrades kernel-image-un-def to version 4.10.15-alt1. \nSecurity Fix(es):\n\n * BDU:2017-01087: Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие\n\n * BDU:2017-01162: Уязвимость реализации серверов NFSv2 и NFSv3 в ядре операционной системы Linux, позволяющая нарушителю вызвать ошибки арифметических указателей или оказать другое воздействие\n\n * BDU:2017-01465: Уязвимость функции packet_set_ring операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие\n\n * BDU:2017-01568: Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2017-02044: Уязвимость компонента timerfd.c ядра (fs/timerfd.c) операционной системы Linux, позволяющая нарушителю повысить свои привилегии и вызвать отказ в обслуживании\n\n * CVE-2017-10661: Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.\n\n * CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.\n\n * CVE-2017-7472: The KEYS subsystem in the Linux kernel before 4.10.13 allows local users to cause a denial of service (memory consumption) via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls.\n\n * CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.\n\n * CVE-2017-7895: The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.\n\n * CVE-2017-8065: crypto/ccm.c in the Linux kernel 4.9.x and 4.10.x through 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.",
|
|
"Advisory": {
|
|
"From": "errata.altlinux.org",
|
|
"Severity": "Critical",
|
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
|
"Issued": {
|
|
"Date": "2017-05-12"
|
|
},
|
|
"Updated": {
|
|
"Date": "2017-05-12"
|
|
},
|
|
"BDUs": [
|
|
{
|
|
"ID": "BDU:2017-01087",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
|
"CWE": "CWE-119",
|
|
"Href": "https://bdu.fstec.ru/vul/2017-01087",
|
|
"Impact": "High",
|
|
"Public": "20170423"
|
|
},
|
|
{
|
|
"ID": "BDU:2017-01162",
|
|
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
|
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"CWE": "CWE-119, CWE-189",
|
|
"Href": "https://bdu.fstec.ru/vul/2017-01162",
|
|
"Impact": "Critical",
|
|
"Public": "20170425"
|
|
},
|
|
{
|
|
"ID": "BDU:2017-01465",
|
|
"CVSS": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
|
|
"CVSS3": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"CWE": "CWE-119, CWE-681, CWE-787",
|
|
"Href": "https://bdu.fstec.ru/vul/2017-01465",
|
|
"Impact": "High",
|
|
"Public": "20170328"
|
|
},
|
|
{
|
|
"ID": "BDU:2017-01568",
|
|
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-20",
|
|
"Href": "https://bdu.fstec.ru/vul/2017-01568",
|
|
"Impact": "High",
|
|
"Public": "20170417"
|
|
},
|
|
{
|
|
"ID": "BDU:2017-02044",
|
|
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
|
|
"CVSS3": "AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
|
"CWE": "CWE-362, CWE-416",
|
|
"Href": "https://bdu.fstec.ru/vul/2017-02044",
|
|
"Impact": "High",
|
|
"Public": "20170210"
|
|
}
|
|
],
|
|
"CVEs": [
|
|
{
|
|
"ID": "CVE-2017-10661",
|
|
"CVSS": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
|
"CWE": "CWE-416",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-10661",
|
|
"Impact": "High",
|
|
"Public": "20170819"
|
|
},
|
|
{
|
|
"ID": "CVE-2017-7308",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"CWE": "CWE-787",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-7308",
|
|
"Impact": "High",
|
|
"Public": "20170329"
|
|
},
|
|
{
|
|
"ID": "CVE-2017-7472",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-404",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-7472",
|
|
"Impact": "Low",
|
|
"Public": "20170511"
|
|
},
|
|
{
|
|
"ID": "CVE-2017-7645",
|
|
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
|
"CWE": "CWE-20",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-7645",
|
|
"Impact": "High",
|
|
"Public": "20170418"
|
|
},
|
|
{
|
|
"ID": "CVE-2017-7895",
|
|
"CVSS": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"CWE": "CWE-119",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-7895",
|
|
"Impact": "Critical",
|
|
"Public": "20170428"
|
|
},
|
|
{
|
|
"ID": "CVE-2017-8065",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
|
"CVSS3": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"CWE": "CWE-119",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2017-8065",
|
|
"Impact": "High",
|
|
"Public": "20170423"
|
|
}
|
|
],
|
|
"AffectedCPEs": {
|
|
"CPEs": [
|
|
"cpe:/o:alt:spworkstation:8.4",
|
|
"cpe:/o:alt:spserver:8.4"
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"Criteria": {
|
|
"Operator": "AND",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:3001",
|
|
"Comment": "ALT Linux must be installed"
|
|
}
|
|
],
|
|
"Criterias": [
|
|
{
|
|
"Operator": "OR",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171601001",
|
|
"Comment": "kernel-doc-un is earlier than 1:4.10.15-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171601002",
|
|
"Comment": "kernel-headers-modules-un-def is earlier than 1:4.10.15-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171601003",
|
|
"Comment": "kernel-headers-un-def is earlier than 1:4.10.15-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171601004",
|
|
"Comment": "kernel-image-domU-un-def is earlier than 1:4.10.15-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171601005",
|
|
"Comment": "kernel-image-un-def is earlier than 1:4.10.15-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171601006",
|
|
"Comment": "kernel-modules-drm-nouveau-un-def is earlier than 1:4.10.15-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171601007",
|
|
"Comment": "kernel-modules-drm-radeon-un-def is earlier than 1:4.10.15-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171601008",
|
|
"Comment": "kernel-modules-drm-un-def is earlier than 1:4.10.15-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171601009",
|
|
"Comment": "kernel-modules-ide-un-def is earlier than 1:4.10.15-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171601010",
|
|
"Comment": "kernel-modules-kvm-un-def is earlier than 1:4.10.15-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171601011",
|
|
"Comment": "kernel-modules-staging-un-def is earlier than 1:4.10.15-alt1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20171601012",
|
|
"Comment": "kernel-modules-v4l-un-def is earlier than 1:4.10.15-alt1"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
} |