Debian DSA-3329-1 : linux - security update

High Nessus Plugin ID 85281

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.

- CVE-2015-1333 Colin Ian King discovered a flaw in the add_key function of the Linux kernel's keyring subsystem. A local user can exploit this flaw to cause a denial of service due to memory exhaustion.

- CVE-2015-3212 Ji Jianwen of Red Hat Engineering discovered a flaw in the handling of the SCTPs automatic handling of dynamic multi-homed connections. A local attacker could use this flaw to cause a crash or potentially for privilege escalation.

- CVE-2015-4692 A NULL pointer dereference flaw was found in the kvm_apic_has_events function in the KVM subsystem. A unprivileged local user could exploit this flaw to crash the system kernel resulting in denial of service.

- CVE-2015-4700 Daniel Borkmann discovered a flaw in the Linux kernel implementation of the Berkeley Packet Filter which can be used by a local user to crash the system.

- CVE-2015-5364 It was discovered that the Linux kernel does not properly handle invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums.

- CVE-2015-5366 It was discovered that the Linux kernel does not properly handle invalid UDP checksums. A remote attacker can cause a denial of service against applications that use epoll by injecting a single packet with an invalid checksum.

- CVE-2015-5697 A flaw was discovered in the md driver in the Linux kernel leading to an information leak.

- CVE-2015-5706 An user triggerable use-after-free vulnerability in path lookup in the Linux kernel could potentially lead to privilege escalation.

- CVE-2015-5707 An integer overflow in the SCSI generic driver in the Linux kernel was discovered. A local user with write permission on a SCSI generic device could potentially exploit this flaw for privilege escalation.

Solution

Upgrade the linux packages.

For the oldstable distribution (wheezy), these problems have been fixed in version 3.2.68-1+deb7u3. CVE-2015-1333, CVE-2015-4692 and CVE-2015-5706 do not affect the wheezy distribution.

For the stable distribution (jessie), these problems have been fixed in version 3.16.7-ckt11-1+deb8u3, except CVE-2015-5364 and CVE-2015-5366 which were fixed already in DSA-3313-1.

See Also

https://security-tracker.debian.org/tracker/CVE-2015-1333

https://security-tracker.debian.org/tracker/CVE-2015-3212

https://security-tracker.debian.org/tracker/CVE-2015-4692

https://security-tracker.debian.org/tracker/CVE-2015-4700

https://security-tracker.debian.org/tracker/CVE-2015-5364

https://security-tracker.debian.org/tracker/CVE-2015-5366

https://security-tracker.debian.org/tracker/CVE-2015-5697

https://security-tracker.debian.org/tracker/CVE-2015-5706

https://security-tracker.debian.org/tracker/CVE-2015-5707

https://security-tracker.debian.org/tracker/CVE-2015-1333

https://security-tracker.debian.org/tracker/CVE-2015-4692

https://security-tracker.debian.org/tracker/CVE-2015-5706

https://security-tracker.debian.org/tracker/CVE-2015-5364

https://security-tracker.debian.org/tracker/CVE-2015-5366

https://packages.debian.org/source/wheezy/linux

https://packages.debian.org/source/jessie/linux

https://www.debian.org/security/2015/dsa-3329

Plugin Details

Severity: High

ID: 85281

File Name: debian_DSA-3329.nasl

Version: 2.5

Type: local

Agent: unix

Published: 2015/08/10

Updated: 2018/11/10

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:linux, cpe:/o:debian:debian_linux:7.0, cpe:/o:debian:debian_linux:8.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2015/08/07

Reference Information

CVE: CVE-2015-1333, CVE-2015-3212, CVE-2015-4692, CVE-2015-4700, CVE-2015-5364, CVE-2015-5366, CVE-2015-5697, CVE-2015-5706, CVE-2015-5707

DSA: 3329