Debian Bug report logs -
#824605
kfreebsd-10: CVE-2016-1887: Incorrect argument handling in sendmsg(2)
Reported by: Steven Chamberlain <steven@pyro.eu.org>
Date: Tue, 17 May 2016 22:57:05 UTC
Severity: grave
Tags: security
Found in version kfreebsd-10/10.1~svn274115-4+kbsd8u3
Fixed in version kfreebsd-10/10.1~svn274115-4+kbsd8u4
Done: Steven Chamberlain <steven@pyro.eu.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, steven@pyro.eu.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>:
Bug#824605; Package src:kfreebsd-10.
(Tue, 17 May 2016 22:57:09 GMT) (full text, mbox, link).
Acknowledgement sent
to Steven Chamberlain <steven@pyro.eu.org>:
New Bug report received and forwarded. Copy sent to steven@pyro.eu.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>.
(Tue, 17 May 2016 22:57:09 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: src:kfreebsd-10
Version: 10.1~svn274115-4+kbsd8u3
Severity: grave
Tags: security
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:19.sendmsg.asc
Incorrect argument handling in the socket code allows malicious local
user to overwrite large portion of the kernel memory.
This affects 10.1 in sid and jessie; 10.3 and 11.1 in experimental.
It was not reported to affect 9.0.
-- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: kfreebsd-amd64 (x86_64)
Kernel: kFreeBSD 10.1-0-amd64
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Reply sent
to Steven Chamberlain <steven@pyro.eu.org>:
You have taken responsibility.
(Wed, 18 May 2016 00:24:14 GMT) (full text, mbox, link).
Notification sent
to Steven Chamberlain <steven@pyro.eu.org>:
Bug acknowledged by developer.
(Wed, 18 May 2016 00:24:14 GMT) (full text, mbox, link).
Message #10 received at 824605-close@bugs.debian.org (full text, mbox, reply):
Source: kfreebsd-10
Source-Version: 10.1~svn274115-4+kbsd8u4
We believe that the bug you reported is fixed in the latest version of
kfreebsd-10, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 824605@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Steven Chamberlain <steven@pyro.eu.org> (supplier of updated kfreebsd-10 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 17 May 2016 22:44:13 +0000
Source: kfreebsd-10
Binary: kfreebsd-source-10.1 kfreebsd-headers-10.1-0 kfreebsd-image-10.1-0-amd64 kfreebsd-image-10-amd64 kfreebsd-headers-10.1-0-amd64 kfreebsd-headers-10-amd64 kernel-image-10.1-0-amd64-di nic-modules-10.1-0-amd64-di nic-wireless-modules-10.1-0-amd64-di nic-shared-modules-10.1-0-amd64-di serial-modules-10.1-0-amd64-di usb-serial-modules-10.1-0-amd64-di ppp-modules-10.1-0-amd64-di cdrom-modules-10.1-0-amd64-di scsi-core-modules-10.1-0-amd64-di scsi-modules-10.1-0-amd64-di scsi-extra-modules-10.1-0-amd64-di plip-modules-10.1-0-amd64-di floppy-modules-10.1-0-amd64-di loop-modules-10.1-0-amd64-di ipv6-modules-10.1-0-amd64-di nls-core-modules-10.1-0-amd64-di ext2-modules-10.1-0-amd64-di isofs-modules-10.1-0-amd64-di reiserfs-modules-10.1-0-amd64-di fat-modules-10.1-0-amd64-di zfs-modules-10.1-0-amd64-di nfs-modules-10.1-0-amd64-di nullfs-modules-10.1-0-amd64-di md-modules-10.1-0-amd64-di parport-modules-10.1-0-amd64-di nic-usb-modules-10.1-0-amd64-di
sata-modules-10.1-0-amd64-di acpi-modules-10.1-0-amd64-di i2c-modules-10.1-0-amd64-di crypto-modules-10.1-0-amd64-di crypto-dm-modules-10.1-0-amd64-di mmc-core-modules-10.1-0-amd64-di mmc-modules-10.1-0-amd64-di sound-modules-10.1-0-amd64-di zlib-modules-10.1-0-amd64-di kfreebsd-image-10.1-0-486 kfreebsd-image-10-486 kfreebsd-headers-10.1-0-486 kfreebsd-headers-10-486 kfreebsd-image-10.1-0-686 kfreebsd-image-10-686 kfreebsd-headers-10.1-0-686 kfreebsd-headers-10-686 kfreebsd-image-10.1-0-xen kfreebsd-image-10-xen kfreebsd-headers-10.1-0-xen kfreebsd-headers-10-xen kernel-image-10.1-0-486-di nic-modules-10.1-0-486-di nic-wireless-modules-10.1-0-486-di nic-shared-modules-10.1-0-486-di serial-modules-10.1-0-486-di usb-serial-modules-10.1-0-486-di ppp-modules-10.1-0-486-di cdrom-modules-10.1-0-486-di scsi-core-modules-10.1-0-486-di scsi-modules-10.1-0-486-di scsi-extra-modules-10.1-0-486-di plip-modules-10.1-0-486-di floppy-modules-10.1-0-486-di
loop-modules-10.1-0-486-di ipv6-modules-10.1-0-486-di nls-core-modules-10.1-0-486-di ext2-modules-10.1-0-486-di isofs-modules-10.1-0-486-di reiserfs-modules-10.1-0-486-di fat-modules-10.1-0-486-di zfs-modules-10.1-0-486-di nfs-modules-10.1-0-486-di nullfs-modules-10.1-0-486-di md-modules-10.1-0-486-di parport-modules-10.1-0-486-di nic-usb-modules-10.1-0-486-di sata-modules-10.1-0-486-di acpi-modules-10.1-0-486-di i2c-modules-10.1-0-486-di crypto-modules-10.1-0-486-di crypto-dm-modules-10.1-0-486-di mmc-core-modules-10.1-0-486-di mmc-modules-10.1-0-486-di sound-modules-10.1-0-486-di
zlib-modules-10.1-0-486-di
Architecture: source all
Version: 10.1~svn274115-4+kbsd8u4
Distribution: jessie-kfreebsd
Urgency: medium
Maintainer: GNU/kFreeBSD Maintainers <debian-bsd@lists.debian.org>
Changed-By: Steven Chamberlain <steven@pyro.eu.org>
Description:
acpi-modules-10.1-0-486-di - ACPI support modules (udeb)
acpi-modules-10.1-0-amd64-di - ACPI support modules (udeb)
cdrom-modules-10.1-0-486-di - Esoteric CDROM drivers (udeb)
cdrom-modules-10.1-0-amd64-di - Esoteric CDROM drivers (udeb)
crypto-dm-modules-10.1-0-486-di - devicemapper crypto module (udeb)
crypto-dm-modules-10.1-0-amd64-di - devicemapper crypto module (udeb)
crypto-modules-10.1-0-486-di - crypto modules (udeb)
crypto-modules-10.1-0-amd64-di - crypto modules (udeb)
ext2-modules-10.1-0-486-di - EXT2 filesystem support (udeb)
ext2-modules-10.1-0-amd64-di - EXT2 filesystem support (udeb)
fat-modules-10.1-0-486-di - FAT filesystem support (udeb)
fat-modules-10.1-0-amd64-di - FAT filesystem support (udeb)
floppy-modules-10.1-0-486-di - Floppy driver (udeb)
floppy-modules-10.1-0-amd64-di - Floppy driver (udeb)
i2c-modules-10.1-0-486-di - i2c support modules (udeb)
i2c-modules-10.1-0-amd64-di - i2c support modules (udeb)
ipv6-modules-10.1-0-486-di - IPv6 driver (udeb)
ipv6-modules-10.1-0-amd64-di - IPv6 driver (udeb)
isofs-modules-10.1-0-486-di - ISOFS filesystem support (udeb)
isofs-modules-10.1-0-amd64-di - ISOFS filesystem support (udeb)
kernel-image-10.1-0-486-di - kFreeBSD binary image for the Debian installer (udeb)
kernel-image-10.1-0-amd64-di - kFreeBSD binary image for the Debian installer (udeb)
kfreebsd-headers-10-486 - header files for kernel of FreeBSD 10 (meta-package)
kfreebsd-headers-10-686 - header files for kernel of FreeBSD 10 (meta-package)
kfreebsd-headers-10-amd64 - header files for kernel of FreeBSD 10 (meta-package)
kfreebsd-headers-10-xen - header files for kernel of FreeBSD 10 (meta-package)
kfreebsd-headers-10.1-0 - Common architecture-specific header files for kernel of FreeBSD 1
kfreebsd-headers-10.1-0-486 - header files for kernel of FreeBSD 10.1
kfreebsd-headers-10.1-0-686 - header files for kernel of FreeBSD 10.1
kfreebsd-headers-10.1-0-amd64 - header files for kernel of FreeBSD 10.1
kfreebsd-headers-10.1-0-xen - header files for kernel of FreeBSD 10.1
kfreebsd-image-10-486 - kernel of FreeBSD 10 image (meta-package)
kfreebsd-image-10-686 - kernel of FreeBSD 10 image (meta-package)
kfreebsd-image-10-amd64 - kernel of FreeBSD 10 image (meta-package)
kfreebsd-image-10-xen - kernel of FreeBSD 10 image (meta-package)
kfreebsd-image-10.1-0-486 - kernel of FreeBSD 10.1 image
kfreebsd-image-10.1-0-686 - kernel of FreeBSD 10.1 image
kfreebsd-image-10.1-0-amd64 - kernel of FreeBSD 10.1 image
kfreebsd-image-10.1-0-xen - kernel of FreeBSD 10.1 image
kfreebsd-source-10.1 - source code for kernel of FreeBSD 10.1 with Debian patches
loop-modules-10.1-0-486-di - Loopback filesystem support (udeb)
loop-modules-10.1-0-amd64-di - Loopback filesystem support (udeb)
md-modules-10.1-0-486-di - RAID and LVM support (udeb)
md-modules-10.1-0-amd64-di - RAID and LVM support (udeb)
mmc-core-modules-10.1-0-486-di - MMC/SD/SDIO core modules (udeb)
mmc-core-modules-10.1-0-amd64-di - MMC/SD/SDIO core modules (udeb)
mmc-modules-10.1-0-486-di - MMC/SD card modules (udeb)
mmc-modules-10.1-0-amd64-di - MMC/SD card modules (udeb)
nfs-modules-10.1-0-486-di - NFS filesystem support (udeb)
nfs-modules-10.1-0-amd64-di - NFS filesystem support (udeb)
nic-modules-10.1-0-486-di - Common NIC drivers (udeb)
nic-modules-10.1-0-amd64-di - Common NIC drivers (udeb)
nic-shared-modules-10.1-0-486-di - Shared NIC drivers (udeb)
nic-shared-modules-10.1-0-amd64-di - Shared NIC drivers (udeb)
nic-usb-modules-10.1-0-486-di - USB NIC drivers (udeb)
nic-usb-modules-10.1-0-amd64-di - USB NIC drivers (udeb)
nic-wireless-modules-10.1-0-486-di - Wireless NIC drivers (udeb)
nic-wireless-modules-10.1-0-amd64-di - Wireless NIC drivers (udeb)
nls-core-modules-10.1-0-486-di - Core NLS support (udeb)
nls-core-modules-10.1-0-amd64-di - Core NLS support (udeb)
nullfs-modules-10.1-0-486-di - nullfs filesystem support (udeb)
nullfs-modules-10.1-0-amd64-di - nullfs filesystem support (udeb)
parport-modules-10.1-0-486-di - Parallel port support (udeb)
parport-modules-10.1-0-amd64-di - Parallel port support (udeb)
plip-modules-10.1-0-486-di - PLIP drivers (udeb)
plip-modules-10.1-0-amd64-di - PLIP drivers (udeb)
ppp-modules-10.1-0-486-di - PPP drivers (udeb)
ppp-modules-10.1-0-amd64-di - PPP drivers (udeb)
reiserfs-modules-10.1-0-486-di - Reiser filesystem support (udeb)
reiserfs-modules-10.1-0-amd64-di - Reiser filesystem support (udeb)
sata-modules-10.1-0-486-di - SATA drivers (udeb)
sata-modules-10.1-0-amd64-di - SATA drivers (udeb)
scsi-core-modules-10.1-0-486-di - Core SCSI subsystem (udeb)
scsi-core-modules-10.1-0-amd64-di - Core SCSI subsystem (udeb)
scsi-extra-modules-10.1-0-486-di - Uncommon SCSI drivers (udeb)
scsi-extra-modules-10.1-0-amd64-di - Uncommon SCSI drivers (udeb)
scsi-modules-10.1-0-486-di - SCSI drivers (udeb)
scsi-modules-10.1-0-amd64-di - SCSI drivers (udeb)
serial-modules-10.1-0-486-di - Serial drivers (udeb)
serial-modules-10.1-0-amd64-di - Serial drivers (udeb)
sound-modules-10.1-0-486-di - sound support (udeb)
sound-modules-10.1-0-amd64-di - sound support (udeb)
usb-serial-modules-10.1-0-486-di - USB serial drivers (udeb)
usb-serial-modules-10.1-0-amd64-di - USB serial drivers (udeb)
zfs-modules-10.1-0-486-di - ZFS filesystem support (udeb)
zfs-modules-10.1-0-amd64-di - ZFS filesystem support (udeb)
zlib-modules-10.1-0-486-di - zlib modules (udeb)
zlib-modules-10.1-0-amd64-di - zlib modules (udeb)
Closes: 824604 824605
Changes:
kfreebsd-10 (10.1~svn274115-4+kbsd8u4) jessie-kfreebsd; urgency=medium
.
* Pick SVN r300085 from FreeBSD 10.1-RELEASE:
- SA-16:18: Use unsigned version of min() when handling arguments of
SETFKEY ioctl.
(CVE-2016-1886) (Closes: #824604)
- SA-16:19: Validate that user supplied control message length in
sendmsg(2) is not negative.
(CVE-2016-1887) (Closes: #824605)
Checksums-Sha1:
13f5f5c22231ffefd051c0bacb8a8b0ea334a797 11391 kfreebsd-10_10.1~svn274115-4+kbsd8u4.dsc
412a66914113fef2a499c64e032b87d132067d04 153524 kfreebsd-10_10.1~svn274115-4+kbsd8u4.debian.tar.xz
d5a19f1df0f87d8f906d8f565460c414deac8f3e 26271398 kfreebsd-source-10.1_10.1~svn274115-4+kbsd8u4_all.deb
Checksums-Sha256:
3dc7176d946a231e4cb35212af6fbf3fe6c5d27511c9a39e2fc0dfb40edf96d9 11391 kfreebsd-10_10.1~svn274115-4+kbsd8u4.dsc
67261810ecd0f72b82ba8930317b1d23a475be97b94dbe870e08eae0d08e26be 153524 kfreebsd-10_10.1~svn274115-4+kbsd8u4.debian.tar.xz
2e2839ad0d7a92cdd30c95e4b96751c1fa6db39090f6adfa6baca24f16137fab 26271398 kfreebsd-source-10.1_10.1~svn274115-4+kbsd8u4_all.deb
Files:
b7b4ce5117d0c553b9918822651b19c9 11391 kernel optional kfreebsd-10_10.1~svn274115-4+kbsd8u4.dsc
5cb724f2e39336d7b40e432b45c3dc35 153524 kernel optional kfreebsd-10_10.1~svn274115-4+kbsd8u4.debian.tar.xz
b08f5ede8f27ea5d6c7d328ba15ec919 26271398 kernel optional kfreebsd-source-10.1_10.1~svn274115-4+kbsd8u4_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJXO6oLAAoJELrpzbaMAu5TcrMH/1Kkr+QqOaYUJXOKrczwhRB8
I3Hdc/iQ6rVmJN6HRy9Orumed2WNcol1J2kPD0xsC8Ul5yRw1WjaT6RWzxJqei5W
iyjdvCUnyrFkdHkHdhl8Hlmcb2Ui3FToPgS7qmZ+54MpXPO9FsI3DFqr/DIg2SIc
8YCY3g0bdLk71CpfZLCIURXU5HeeHpmYMBk/XYiV8f0j1NGuR5/8wI/XhjXM1TLb
pRnvyLb6vj8HKk6ZTs6RdkAEhqyIqIw1JXnY+pzAmx3knimWTZrGrpBftb6FWsNi
Q6PlNWn3B3Vs0FupK3MzYh/AxQoWQtEua/scUWPbJuUDegw74mPkRWuW9f7a33Q=
=oeMI
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Wed, 15 Jun 2016 07:25:33 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 13:18:17 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon