[SECURITY] Fedora 24 Update: kernel-4.5.0-302.fc24
updates at fedoraproject.org
updates at fedoraproject.org
Sat Apr 2 15:56:50 UTC 2016
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2016-81fd1b03aa
2016-04-02 15:48:47.754977
--------------------------------------------------------------------------------
Name : kernel
Product : Fedora 24
Version : 4.5.0
Release : 302.fc24
URL : http://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package
--------------------------------------------------------------------------------
Update Information:
The 4.5.0-302 update contains a number of arm fixes, turns off DEBUG_WX, and
actually seems to boot on i686.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1317386 - CVE-2016-3135 kernel: netfilter: size overflow in x_tables
https://bugzilla.redhat.com/show_bug.cgi?id=1317386
[ 2 ] Bug #1317383 - CVE-2016-3134 kernel: netfilter: missing bounds check in ipt_entry structure
https://bugzilla.redhat.com/show_bug.cgi?id=1317383
[ 3 ] Bug #1318172 - CVE-2016-3156 kernel: ipv4: denial of service when destroying a network interface
https://bugzilla.redhat.com/show_bug.cgi?id=1318172
[ 4 ] Bug #1317012 - CVE-2016-2184 kernel: Kernel panic on invalid USB device descriptor (snd_usb_audio driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1317012
[ 5 ] Bug #1316996 - CVE-2016-3137 kernel: Crash on invalid USB device descriptors (cypress_m8 driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1316996
[ 6 ] Bug #1317015 - CVE-2016-2186 kernel: Kernel panic on invalid USB device descriptor (powermate driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1317015
[ 7 ] Bug #1317014 - CVE-2016-2185 kernel: Kernel panic on invalid USB device descriptor (ati_remote2 driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1317014
[ 8 ] Bug #1316204 - CVE-2016-3138 kernel: Crash on invalid USB device descriptors (cdc_acm driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1316204
[ 9 ] Bug #1316995 - CVE-2016-3140 kernel: Crash on invalid USB device descriptors (digi_acceleport driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1316995
[ 10 ] Bug #1317017 - CVE-2016-2187 kernel: Kernel panic on invalid USB device descriptor (gtco driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1317017
[ 11 ] Bug #1317007 - CVE-2016-3136 kernel: Crash on invalid USB device descriptors (mct_u232 driver)
https://bugzilla.redhat.com/show_bug.cgi?id=1317007
[ 12 ] Bug #1315711 - CVE-2016-3157 kernel: xen: Privilege escalation on 64-bit Xen PV domains with IO port access privileges (XSA-171)
https://bugzilla.redhat.com/show_bug.cgi?id=1315711
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update kernel' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list