| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a buffer overflow flaw in the Linux kernel's virtio-net subsystem.
Reference to the upstream patch:
http://marc.info/?l=linux-netdev&m=143868216724068&w=2
Other external references:
http://www.openwall.com/lists/oss-security/2015/08/06/1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5156
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a flaw which was found in the way the Linux kernel's file system
implementation handled rename operations in which the source was inside
and the destination was outside of a bind mount.
A privileged user inside a container could use this flaw to escape the bind
mount and, potentially, escalate their privileges on the system.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2925
http://www.openwall.com/lists/oss-security/2015/04/03/7
Reference to the upstream fixes:
vfs: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
commit/?id=397d425dc26da728396e66d392d5dcb8dac30c37
dcache: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
commit/?id=cde93be45a8a90d8c264c776fab63487b5038a65
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Paul Vaduva <Paul.Vaduva@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a use-after-free bug which can lead to kernel arbitrary
execution in Linux kernel.
References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-3636
http://www.openwall.com/lists/oss-security/2015/05/02/5
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=e13f6f2b39c4d91371c0ede88b136f364a6ffd6d
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes denial of service (DoS) attack against IPv6 network
stacks due to improper handling of Router Advertisements.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2922
http://www.openwall.com/lists/oss-security/2015/04/04/2
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=c85b2d7e9fa44286feaac33031db1dd0e4c9ed3b
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes information leak in md driver of the Linux kernel.
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5697
Upstream fix 4.1 kernel:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=33afeac21b9cb79ad8fc5caf239af89c79e25e1e
Upstream fix for 3.19 kernel (from stable kernel.3.18):
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=e46e18eb387767fa26356417210ef41d0855ef1e
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes double fput().
References:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5706
CVE assignment: http://seclists.org/oss-sec/2015/q3/270
Upstream/original fix:
======================
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=f15133df088ecadd141ea1907f2c96df67c729f0
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes list corruption of m_list or s_list if unused
References:
http://seclists.org/oss-sec/2015/q2/640
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-4178
Upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=11bf6b1ea65f1580477827831d05711e5b87ac7b
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Huimin She <huimin.she@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes race conditions in collect_mounts
References:
http://seclists.org/oss-sec/2015/q2/640
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-4177
Upstream patch:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=0de0e610f6b359c52d4f8b02bac2963f4968c9d6
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Huimin She <huimin.she@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes race condition between chown() and execve() system calls in the
linux-hierofalcon 3.19 (backported from stable v3.18.24 kernel.org).
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3339
http://seclists.org/oss-sec/2015/q2/216
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/
patch/?id=7f1a6ae73b5c2d24b21d9a27928ceacef3a9a939
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Nora Björklund <nora.bjorklund@enea.com>
|
|
|
|
|
|
|
| |
This fixes incorrect processing of checksums in UDP implementation
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
|
|
Fixes denial of service due to memory leak in add_key()
References:
http://www.openwall.com/lists/oss-security/2015/07/27/7
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1333
Upstream fix:
https://git.kernel.org/cgit/linux/kernel/git/stable/
linux-stable.git/commit/?id=4fd5dc9eece297f49f16f82422ead3a28b11ea70
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
|