Monthly Archives: August 2015

NVD

CVE-2015-5536 (n300_dual-band_wi-fi_range_extender_firmware)

Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.10 allows remote authenticated users to execute arbitrary commands via the (1) sub_dir parameter in a formUSBStorage request; pinCode parameter in a (2) formWpsStart or (3) formiNICWpsStart request; (4) wps_enrolee_pin parameter in a formWlanSetupWPS request; or unspecified parameters in a (5) formWlanMP, (6) formBSSetSitesurvey, (7) formHwSet, or (8) formConnectionSetting request.

Fedora

Fedora 22 Security Update: qemu-2.3.1-1.fc22

Resolved Bugs
1229394 – [abrt] qemu-img: get_block_status(): qemu-img killed by SIGABRT
1230536 – CVE-2015-3209 qemu: pcnet: multi-tmd buffer overflow in the tx path [fedora-all]
1225882 – CVE-2015-3209 qemu: pcnet: multi-tmd buffer overflow in the tx path
1243728 – CVE-2015-3214 qemu: qemu/kvm: i8254: out-of-bounds memory access in pit_ioport_read function [fedora-all]
1229640 – CVE-2015-3214 qemu/kvm: i8254: out-of-bounds memory access in pit_ioport_read function
1246025 – CVE-2015-5158 Qemu: scsi stack buffer overflow [fedora-all]
1244332 – CVE-2015-5158 Qemu: scsi stack buffer overflow
1247141 – CVE-2015-5154 qemu: ide: atapi: heap overflow during I/O buffer memory access [fedora-all]
1243563 – CVE-2015-5154 qemu: ide: atapi: heap overflow during I/O buffer memory access
1249758 – CVE-2015-5166 Qemu: BlockBackend object use after free issue [fedora-all]
1248997 – CVE-2015-5166 Qemu: BlockBackend object use after free issue (XSA-139)
1251160 – CVE-2015-5745 qemu: kernel: qemu buffer overflow in virtio-serial [fedora-all]
1251157 – CVE-2015-5745 kernel: qemu buffer overflow in virtio-serial
1249755 – CVE-2015-5165 Qemu: rtl8139 uninitialized heap memory information leakage to guest [fedora-all]
1248760 – CVE-2015-5165 Qemu: rtl8139 uninitialized heap memory information leakage to guest (XSA-140)<br
* Rebased to version 2.3.1
* Fix crash in qemu_spice_create_display (bz #1163047)
* Fix qemu-img map crash for unaligned image (bz #1229394)
* CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path (bz #1230536)
* CVE-2015-3214: i8254: out-of-bounds memory access (bz #1243728)
* CVE-2015-5158: scsi stack buffer overflow (bz #1246025)
* CVE-2015-5154: ide: atapi: heap overflow during I/O buffer memory access (bz #1247141)
* CVE-2015-5166: BlockBackend object use after free issue (bz #1249758)
* CVE-2015-5745: buffer overflow in virtio-serial (bz #1251160)
* CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to guest (bz #1249755)

Fedora

Fedora 21 Security Update: qemu-2.1.3-9.fc21

Resolved Bugs
1163047 – [abrt] qemu-system-x86: __memcmp_sse4_1(): qemu-system-x86_64 killed by SIGSEGV
1230536 – CVE-2015-3209 qemu: pcnet: multi-tmd buffer overflow in the tx path [fedora-all]
1225882 – CVE-2015-3209 qemu: pcnet: multi-tmd buffer overflow in the tx path
1243728 – CVE-2015-3214 qemu: qemu/kvm: i8254: out-of-bounds memory access in pit_ioport_read function [fedora-all]
1229640 – CVE-2015-3214 qemu/kvm: i8254: out-of-bounds memory access in pit_ioport_read function
1247141 – CVE-2015-5154 qemu: ide: atapi: heap overflow during I/O buffer memory access [fedora-all]
1243563 – CVE-2015-5154 qemu: ide: atapi: heap overflow during I/O buffer memory access
1251160 – CVE-2015-5745 qemu: kernel: qemu buffer overflow in virtio-serial [fedora-all]
1251157 – CVE-2015-5745 kernel: qemu buffer overflow in virtio-serial
1249755 – CVE-2015-5165 Qemu: rtl8139 uninitialized heap memory information leakage to guest [fedora-all]
1248760 – CVE-2015-5165 Qemu: rtl8139 uninitialized heap memory information leakage to guest (XSA-140)<br
* Fix crash in qemu_spice_create_display (bz #1163047)
* CVE-2015-3209: pcnet: multi-tmd buffer overflow in the tx path (bz #1230536)
* CVE-2015-3214: i8254: out-of-bounds memory access (bz #1243728)
* CVE-2015-5154: ide: atapi: heap overflow during I/O buffer memory access (bz #1247141)
* CVE-2015-5745: buffer overflow in virtio-serial (bz #1251160)
* CVE-2015-5165: rtl8139 uninitialized heap memory information leakage to guest (bz #1249755)

Fedora

Fedora 21 Security Update: kernel-4.1.5-100.fc21

Resolved Bugs
1249011 – CVE-2015-5697 linux kernel: information leak in md driver
1249013 – CVE-2015-5697 linux kernel: information leak in md driver [fedora-all]
1244511 – Acer Switch 12: need support for keyboard’s Fn+ control keys (patch)
1251877 – [abrt] BUG: unable to handle kernel NULL pointer dereference at (null)
1251880 – [abrt] general protection fault in __kmalloc_node_track_caller
1250279 – BUG: unable to handle kernel NULL pointer dereference at….hidinput_disconnect
1248741 – kernel crash when bluetooth mouse is used, usually on reboot<br
The 4.1.5 update contains a number of important fixes across the tree.

Fedora

Fedora 22 Security Update: kernel-4.1.5-200.fc22

Resolved Bugs
1249011 – CVE-2015-5697 linux kernel: information leak in md driver
1249013 – CVE-2015-5697 linux kernel: information leak in md driver [fedora-all]
1244511 – Acer Switch 12: need support for keyboard’s Fn+ control keys (patch)
1251877 – [abrt] BUG: unable to handle kernel NULL pointer dereference at (null)
1251880 – [abrt] general protection fault in __kmalloc_node_track_caller
1250279 – BUG: unable to handle kernel NULL pointer dereference at….hidinput_disconnect
1248741 – kernel crash when bluetooth mouse is used, usually on reboot<br
The 4.1.5 update contains a number of important fixes across the tree

CentOS

CEBA-2015:1610 CentOS 6 openssh BugFix Update

CentOS Errata and Bugfix Advisory 2015:1610 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1610.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
6cac5802cfaa2b7f8dd576f787e00d1c02a1d9a3410317f09555c1c84b27089d  openssh-5.3p1-112.el6_7.i686.rpm
09fd38ae9be4b17a4fd579bd0d87cf1ab8c9df20552bb88c3c4cf13f6a7dce6d  openssh-askpass-5.3p1-112.el6_7.i686.rpm
221b4c4108d691f54562835553270f87c62936a46f2ba287ecb2c867fc6a3723  openssh-clients-5.3p1-112.el6_7.i686.rpm
c755a49c87145c533b7bf2b10bc72cb8ab452bf1c93445ed6790de1cbb4928cb  openssh-ldap-5.3p1-112.el6_7.i686.rpm
148ab21eb93fb5c5cb218f43ba4309309d549e0d4e6d221c1540d7e44a9f5a06  openssh-server-5.3p1-112.el6_7.i686.rpm
2a2f6e1cd2b3b1be261f99f29abe76fbb4f6b2708a921d8c1908a189a6cc0ae6  pam_ssh_agent_auth-0.9.3-112.el6_7.i686.rpm

x86_64:
5bf5992c0a05285dae77c5dfb9c5ff0f246cc52944e690c4b534551186ca61bd  openssh-5.3p1-112.el6_7.x86_64.rpm
f7763517d06ceaa79eacebbed085d690ec631f7d758216bbacc87698d74dad09  openssh-askpass-5.3p1-112.el6_7.x86_64.rpm
be870d5273786204cc28e03de232513cf7ba7f6fc7512ab1b081c2298758237e  openssh-clients-5.3p1-112.el6_7.x86_64.rpm
83eeea1b0692cabd45932c58823036bd8f2bb4ded05cf13ae46c953b22f7dda6  openssh-ldap-5.3p1-112.el6_7.x86_64.rpm
108e22351c6c963b003c6a558ed1a84fb2f1191949a5fd7f51c0de488dcfaa8f  openssh-server-5.3p1-112.el6_7.x86_64.rpm
2a2f6e1cd2b3b1be261f99f29abe76fbb4f6b2708a921d8c1908a189a6cc0ae6  pam_ssh_agent_auth-0.9.3-112.el6_7.i686.rpm
1bfb6c7ebcb55c8f6f70aad89bd03227676154f2fe375ac597cef29a57f34ff4  pam_ssh_agent_auth-0.9.3-112.el6_7.x86_64.rpm

Source:
163be0a28c4f0c043e262bfb44c8e0dc5e0092f6deaa342a5c6d2beb51fd156a  openssh-5.3p1-112.el6_7.src.rpm