what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 3791-1

Debian Security Advisory 3791-1
Posted Feb 23, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3791-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or have other impacts.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2016-6786, CVE-2016-6787, CVE-2016-8405, CVE-2016-9191, CVE-2017-2583, CVE-2017-2584, CVE-2017-2596, CVE-2017-2618, CVE-2017-5549, CVE-2017-5551, CVE-2017-5897, CVE-2017-5970, CVE-2017-6001, CVE-2017-6074
SHA-256 | d4c6af8f0e3dd4d9e278a3515440e0936dca73862bdc065cf6bd5e2d14200203

Debian Security Advisory 3791-1

Change Mirror Download

Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3791-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 22, 2017 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2016-6786 CVE-2016-6787 CVE-2016-8405 CVE-2016-9191
CVE-2017-2583 CVE-2017-2584 CVE-2017-2596 CVE-2017-2618
CVE-2017-5549 CVE-2017-5551 CVE-2017-5897 CVE-2017-5970
CVE-2017-6001 CVE-2017-6074

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or have other

CVE-2016-6786 / CVE-2016-6787

It was discovered that the performance events subsystem does not
properly manage locks during certain migrations, allowing a local
attacker to escalate privileges. This can be mitigated by
disabling unprivileged use of performance events:
sysctl kernel.perf_event_paranoid=3


Peter Pi of Trend Micro discovered that the frame buffer video
subsystem does not properly check bounds while copying color maps to
userspace, causing a heap buffer out-of-bounds read, leading to
information disclosure.


CAI Qian discovered that reference counting is not properly handled
within proc_sys_readdir in the sysctl implementation, allowing a
local denial of service (system hang) or possibly privilege


Xiaohan Zhang reported that KVM for amd64 does not correctly
emulate loading of a null stack selector. This can be used by a
user in a guest VM for denial of service (on an Intel CPU) or to
escalate privileges within the VM (on an AMD CPU).


Dmitry Vyukov reported that KVM for x86 does not correctly emulate
memory access by the SGDT and SIDT instructions, which can result
in a use-after-free and information leak.


Dmitry Vyukov reported that KVM leaks page references when
emulating a VMON for a nested hypervisor. This can be used by a
privileged user in a guest VM for denial of service or possibly
to gain privileges in the host.


It was discovered that an off-by-one in the handling of SELinux
attributes in /proc/pid/attr could result in local denial of


It was discovered that the KLSI KL5KUSB105 serial USB device
driver could log the contents of uninitialised kernel memory,
resulting in an information leak.


Jan Kara found that changing the POSIX ACL of a file on tmpfs never
cleared its set-group-ID flag, which should be done if the user
changing it is not a member of the group-owner. In some cases, this
would allow the user-owner of an executable to gain the privileges
of the group-owner.


Andrey Konovalov discovered an out-of-bounds read flaw in the
ip6gre_err function in the IPv6 networking code.


Andrey Konovalov discovered a denial-of-service flaw in the IPv4
networking code. This can be triggered by a local or remote
attacker if a local UDP or raw socket has the IP_RETOPTS option


Di Shen discovered a race condition between concurrent calls to
the performance events subsystem, allowing a local attacker to
escalate privileges. This flaw exists because of an incomplete fix
of CVE-2016-6786. This can be mitigated by disabling unprivileged
use of performance events: sysctl kernel.perf_event_paranoid=3


Andrey Konovalov discovered a use-after-free vulnerability in the
DCCP networking code, which could result in denial of service or
local privilege escalation. On systems that do not already have
the dccp module loaded, this can be mitigated by disabling it:
echo >> /etc/modprobe.d/disable-dccp.conf install dccp false

For the stable distribution (jessie), these problems have been fixed in
version 3.16.39-1+deb8u1.

We recommend that you upgrade your linux packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

Login or Register to add favorites

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    18 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    12 Files
  • 29
    May 29th
    31 Files
  • 30
    May 30th
    22 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By