id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
4012	linux-4.8.14 (CVE-2016-7596 CVE-2016-9919 CVE-2016-9793 CVE-2016-9794 CVE-2016-9806)	Douglas R. Reno	lfs-book@…	"New minor version.

Security update with some critical fixes.


----

[http://seclists.org/oss-sec/2016/q4/644]

CVE-2016-7596: Linux Kernel use-after-free in SCSI generic device interface


----

The linux kernel contains a bug where a fragmented IPv6 packet causes a
panic after a timeout (seems to be roughly 60 seconds). This can be
triggered remotely via the internet and results in a DoS (kernel panic).

[http://seclists.org/oss-sec/2016/q4/640]

[http://seclists.org/oss-sec/2016/q4/641]

CVE-2016-9919


----

 CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE 

Memory corruption.

[http://seclists.org/oss-sec/2016/q4/573]

[http://seclists.org/oss-sec/2016/q4/574]

Affects all kernels back to 3.5 series, with a different CVE being assigned all the way back to 2.6.x.


{{{
Use CVE-2016-9793. This affects, for example, 4.8.12.


We might not completely understand the CVE implications of the ""Note
that before
https://github.com/torvalds/linux/commit/82981930125abfd39d7c8378a9cfdf5e1be2002b
the bug was even more serious, since SO_SNDBUF and SO_RCVBUF were
vulnerable"" comment within the
b98b0bc8c431e3ceb4b26b0dfc8db509518fb290 commit message.
82981930125abfd39d7c8378a9cfdf5e1be2002b is a commit from 2012. The
3.5 release has this, whereas the 3.4 release does not.

For now, we are assigning CVE-2012-6704 to mean the analogous
vulnerability involving SO_SNDBUF and SO_RCVBUF that affects ""before
3.5"" kernels.
}}}


----
CVE request: -- Linux kernel: ALSA: use-after-free in,kill_fasync

[http://seclists.org/oss-sec/2016/q4/575]

[http://seclists.org/oss-sec/2016/q4/576]

CVE-2016-9794


----
 CVE Request: -- Linux kernel: double free in netlink_dump 

[http://seclists.org/oss-sec/2016/q4/577]

[http://seclists.org/oss-sec/2016/q4/580]

CVE-2016-9806


----
My personal advice is to put out an advisory to the list as soon as we are done updating this package, and make a change to the errata for both books. This is serious and is worse than Dirty CoW. "	task	closed	highest	8.0	Book	SVN	normal	fixed