Debian DSA-3372-1 : linux - security update

medium Nessus Plugin ID 86375
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, unauthorised information disclosure or unauthorised information modification.

- CVE-2015-2925 Jann Horn discovered that when a subdirectory of a filesystem was bind-mounted into a chroot or mount namespace, a user that should be confined to that chroot or namespace could access the whole of that filesystem if they had write permission on an ancestor of the subdirectory. This is not a common configuration for wheezy, and the issue has previously been fixed for jessie.

- CVE-2015-5257 Moein Ghasemzadeh of Istuary Innovation Labs reported that a USB device could cause a denial of service (crash) by imitating a Whiteheat USB serial device but presenting a smaller number of endpoints.

- CVE-2015-5283 Marcelo Ricardo Leitner discovered that creating multiple SCTP sockets at the same time could cause a denial of service (crash) if the sctp module had not previously been loaded. This issue only affects jessie.

- CVE-2015-7613 Dmitry Vyukov discovered that System V IPC objects (message queues and shared memory segments) were made accessible before their ownership and other attributes were fully initialised. If a local user can race against another user or service creating a new IPC object, this may result in unauthorised information disclosure, unauthorised information modification, denial of service and/or privilege escalation.

A similar issue existed with System V semaphore arrays, but was less severe because they were always cleared before being fully initialised.

Solution

Upgrade the linux packages.

For the oldstable distribution (wheezy), these problems have been fixed in version 3.2.68-1+deb7u5.

For the stable distribution (jessie), these problems have been fixed in version 3.16.7-ckt11-1+deb8u5.

See Also

https://security-tracker.debian.org/tracker/CVE-2015-2925

https://security-tracker.debian.org/tracker/CVE-2015-5257

https://security-tracker.debian.org/tracker/CVE-2015-5283

https://security-tracker.debian.org/tracker/CVE-2015-7613

https://packages.debian.org/source/jessie/linux

https://www.debian.org/security/2015/dsa-3372

Plugin Details

Severity: Medium

ID: 86375

File Name: debian_DSA-3372.nasl

Version: 2.9

Type: local

Agent: unix

Published: 10/14/2015

Updated: 1/11/2021

Dependencies: ssh_get_info.nasl

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.9

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:linux, cpe:/o:debian:debian_linux:7.0, cpe:/o:debian:debian_linux:8.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 10/13/2015

Vulnerability Publication Date: 10/19/2015

Reference Information

CVE: CVE-2015-2925, CVE-2015-5257, CVE-2015-5283, CVE-2015-7613

DSA: 3372