SB2018010415 - Arch Linux update for Linux
Published: January 4, 2018
Security Bulletin ID
SB2018010415
CSH Severity
Low
Patch available
YES
Number of vulnerabilities
3
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 vulnerabilities.
1) Information disclosure (CVE-ID: CVE-2017-17449)
The vulnerability allows a local attacker to obtain potentially sensitive information on the target system.The weakness exists due to the __netlink_deliver_tap_skb function in net/netlink/af_netlink.c in the Linux kernel, when CONFIG_NLMON is enabled, does not restrict observations of Netlink messages to a single net namespace. A local attacker can leverage the CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink activity on the system and read arbitrary files.
2) Race condition (CVE-ID: CVE-2017-17712)
The vulnerability allows a local attacker to gain elevated privileges on the target system.The weakness exists due to a race condition in inet->hdrincl in the raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel. A local attacker can trigger uninitialized stack pointer usage and execute arbitrary code with root privileges.
Successful exploitation of the vulnerability may result in system compromise.
3) Information disclosure (CVE-ID: CVE-2017-5754)
The vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists in Intel CPU hardware due to side-channel attacks, which are also referred to as Meltdown attacks. A local attacker can execute arbitrary code, perform a side-channel analysis of the data cache and gain access to sensitive information including memory from the CPU cache.
Remediation
Install update from vendor's website.