Sicherheit: Mehrere Probleme in Linux - Pro-Linux

Name        : kernel
Product     : Fedora 24
Version     : 4.5.0
Release     : 302.fc24
URL         : http://www.kernel.org/
Summary     : The Linux kernel
Description :
The kernel meta package

-------------------------------------------------------------------------------
-
Update Information:

The 4.5.0-302 update contains a number of arm fixes, turns off DEBUG_WX, and
actually seems to boot on i686.
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #1317386 - CVE-2016-3135 kernel: netfilter: size overflow in
 x_tables
        https://bugzilla.redhat.com/show_bug.cgi?id=1317386
  [ 2 ] Bug #1317383 - CVE-2016-3134 kernel: netfilter: missing bounds check in
 ipt_entry structure
        https://bugzilla.redhat.com/show_bug.cgi?id=1317383
  [ 3 ] Bug #1318172 - CVE-2016-3156 kernel: ipv4: denial of service when
 destroying a network interface
        https://bugzilla.redhat.com/show_bug.cgi?id=1318172
  [ 4 ] Bug #1317012 - CVE-2016-2184 kernel: Kernel panic on invalid USB device
 descriptor (snd_usb_audio driver)
        https://bugzilla.redhat.com/show_bug.cgi?id=1317012
  [ 5 ] Bug #1316996 - CVE-2016-3137 kernel: Crash on invalid USB device
 descriptors (cypress_m8 driver)
        https://bugzilla.redhat.com/show_bug.cgi?id=1316996
  [ 6 ] Bug #1317015 - CVE-2016-2186 kernel: Kernel panic on invalid USB device
 descriptor (powermate driver)
        https://bugzilla.redhat.com/show_bug.cgi?id=1317015
  [ 7 ] Bug #1317014 - CVE-2016-2185 kernel: Kernel panic on invalid USB device
 descriptor (ati_remote2 driver)
        https://bugzilla.redhat.com/show_bug.cgi?id=1317014
  [ 8 ] Bug #1316204 - CVE-2016-3138 kernel: Crash on invalid USB device
 descriptors (cdc_acm driver)
        https://bugzilla.redhat.com/show_bug.cgi?id=1316204
  [ 9 ] Bug #1316995 - CVE-2016-3140 kernel: Crash on invalid USB device
 descriptors (digi_acceleport driver)
        https://bugzilla.redhat.com/show_bug.cgi?id=1316995
  [ 10 ] Bug #1317017 - CVE-2016-2187 kernel: Kernel panic on invalid USB
 device descriptor (gtco driver)
        https://bugzilla.redhat.com/show_bug.cgi?id=1317017
  [ 11 ] Bug #1317007 - CVE-2016-3136 kernel: Crash on invalid USB device
 descriptors (mct_u232 driver)
        https://bugzilla.redhat.com/show_bug.cgi?id=1317007
  [ 12 ] Bug #1315711 - CVE-2016-3157 kernel: xen: Privilege escalation on
 64-bit Xen PV domains with IO port access privileges (XSA-171)
        https://bugzilla.redhat.com/show_bug.cgi?id=1315711
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce