Slackware Security Advisories
Slackware Logo

News

Security Advisories

FAQ

Book

General Info

Get Slack

Install Help

Configuration

Packages

ChangeLogs

Propaganda

Ports

Other Sites

Support

Contact

Mailing Lists

About

 
From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] kernel (SSA:2016-305-01)
Date: Mon, 31 Oct 2016 20:40:05 -0700 (PDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  kernel (SSA:2016-305-01)

New kernel packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix a security issue.


Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/linux-4.4.29/*:  Upgraded.
  This kernel fixes a security issue known as "Dirty COW".  A race condition
  was found in the way the Linux kernel's memory subsystem handled the
  copy-on-write (COW) breakage of private read-only memory mappings.  An
  unprivileged local user could use this flaw to gain write access to
  otherwise read-only memory mappings and thus increase their privileges on
  the system.
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
  For more information, see:
    https://dirtycow.ninja/
    https://www.kb.cert.org/vuls/id/243144
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated packages for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-generic-3.2.83-i486-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-generic-smp-3.2.83_smp-i686-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-headers-3.2.83_smp-x86-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-huge-3.2.83-i486-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-huge-smp-3.2.83_smp-i686-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-modules-3.2.83-i486-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-modules-smp-3.2.83_smp-i686-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/linux-3.2.83/kernel-source-3.2.83_smp-noarch-1_slack14.0.txz

Updated packages for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.83/kernel-generic-3.2.83-x86_64-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.83/kernel-headers-3.2.83-x86-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.83/kernel-huge-3.2.83-x86_64-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.83/kernel-modules-3.2.83-x86_64-1_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/linux-3.2.83/kernel-source-3.2.83-noarch-1_slack14.0.txz

Updated packages for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-generic-3.10.104-i486-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-generic-smp-3.10.104_smp-i686-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-headers-3.10.104_smp-x86-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-huge-3.10.104-i486-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-huge-smp-3.10.104_smp-i686-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-modules-3.10.104-i486-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-modules-smp-3.10.104_smp-i686-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/linux-3.10.104/kernel-source-3.10.104_smp-noarch-1_slack14.1.txz

Updated packages for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/linux-3.10.104/kernel-generic-3.10.104-x86_64-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/linux-3.10.104/kernel-headers-3.10.104-x86-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/linux-3.10.104/kernel-huge-3.10.104-x86_64-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/linux-3.10.104/kernel-modules-3.10.104-x86_64-1_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/linux-3.10.104/kernel-source-3.10.104-noarch-1_slack14.1.txz

Updated packages for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-generic-4.4.29-i586-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-generic-smp-4.4.29_smp-i686-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-headers-4.4.29_smp-x86-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-huge-4.4.29-i586-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-huge-smp-4.4.29_smp-i686-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-modules-4.4.29-i586-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-modules-smp-4.4.29_smp-i686-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.29/kernel-source-4.4.29_smp-noarch-1_slack14.2.txz

Updated packages for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.29/kernel-generic-4.4.29-x86_64-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.29/kernel-headers-4.4.29-x86-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.29/kernel-huge-4.4.29-x86_64-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.29/kernel-modules-4.4.29-x86_64-1_slack14.2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.29/kernel-source-4.4.29-noarch-1_slack14.2.txz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-generic-4.4.29-i586-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-generic-smp-4.4.29_smp-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-huge-4.4.29-i586-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-huge-smp-4.4.29_smp-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-modules-4.4.29-i586-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-modules-smp-4.4.29_smp-i686-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/kernel-headers-4.4.29_smp-x86-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/k/kernel-source-4.4.29_smp-noarch-1.txz

Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-generic-4.4.29-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-huge-4.4.29-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-modules-4.4.29-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/d/kernel-headers-4.4.29-x86-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/k/kernel-source-4.4.29-noarch-1.txz


MD5 signatures:
+-------------+

Slackware 14.0 packages:
9d31423cbc2d691075051611e47fccc3  kernel-generic-3.2.83-i486-1_slack14.0.txz
1de6a61bb7bc0ba6fcb2d0312b2007fa  kernel-generic-smp-3.2.83_smp-i686-1_slack14.0.txz
f37732224a455b481a51458b0f6f4cf0  kernel-headers-3.2.83_smp-x86-1_slack14.0.txz
7ddf907def979359b7cb2bb5df5d79ae  kernel-huge-3.2.83-i486-1_slack14.0.txz
7abe4b1b16ae0658cfe81876922ed1a6  kernel-huge-smp-3.2.83_smp-i686-1_slack14.0.txz
804321f7746c6a1da3b48e7ccd7f039b  kernel-modules-3.2.83-i486-1_slack14.0.txz
514182d51ec9536f3798a9edddbdced3  kernel-modules-smp-3.2.83_smp-i686-1_slack14.0.txz
408771f2aca86e8e12b496908fe320b5  kernel-source-3.2.83_smp-noarch-1_slack14.0.txz

Slackware x86_64 14.0 packages:
f6a1a838ef49e6c3f11fd792abffdfe3  kernel-generic-3.2.83-x86_64-1_slack14.0.txz
61a41ce9892921069a0897ca541c38ed  kernel-headers-3.2.83-x86-1_slack14.0.txz
82f97a98ad47d9fcd8dd6c138b090987  kernel-huge-3.2.83-x86_64-1_slack14.0.txz
b858d0d99b37e7d4dab9544db7c8ead5  kernel-modules-3.2.83-x86_64-1_slack14.0.txz
74d286781fa31a0b7fe7b7ea511563ba  kernel-source-3.2.83-noarch-1_slack14.0.txz

Slackware 14.1 packages:
4158db7170350ae80636c2884cb0b276  kernel-generic-3.10.104-i486-1_slack14.1.txz
d2e09aa65882d4fbfd4cc8971f72b8d6  kernel-generic-smp-3.10.104_smp-i686-1_slack14.1.txz
82dd1b7902b7d9f74b0764ddae787e6b  kernel-headers-3.10.104_smp-x86-1_slack14.1.txz
4c8a8115f2754e1e208808089ed2c78f  kernel-huge-3.10.104-i486-1_slack14.1.txz
611a97c6b2afe90c92b1285d052728f6  kernel-huge-smp-3.10.104_smp-i686-1_slack14.1.txz
62e5ea99a84d4ff6fc6a60cac9bc2bbf  kernel-modules-3.10.104-i486-1_slack14.1.txz
fe18186221e19f59f4698a889e45da70  kernel-modules-smp-3.10.104_smp-i686-1_slack14.1.txz
f51b72e3054f83c9674962e1d6cbcdfb  kernel-source-3.10.104_smp-noarch-1_slack14.1.txz

Slackware x86_64 14.1 packages:
043c64488e53a591a5cb6bb5a90682d4  kernel-generic-3.10.104-x86_64-1_slack14.1.txz
ac84470b3834fc9d6928af2e8d949724  kernel-headers-3.10.104-x86-1_slack14.1.txz
176099b83a08cb193c857c7ea1ad8336  kernel-huge-3.10.104-x86_64-1_slack14.1.txz
240d7402c57b547dec0a448d326d4fc1  kernel-modules-3.10.104-x86_64-1_slack14.1.txz
27a7e86830a98f12e17fbe13f30263f7  kernel-source-3.10.104-noarch-1_slack14.1.txz

Slackware 14.2 packages:
3c7c7144d53483c93e9fb148ce9df108  kernel-generic-4.4.29-i586-1_slack14.2.txz
0948e7329b7cd8ad051551177e1b9495  kernel-generic-smp-4.4.29_smp-i686-1_slack14.2.txz
b853af24a50f12a1e35cbf58f3da9195  kernel-headers-4.4.29_smp-x86-1_slack14.2.txz
b93c5316864b04df29d1e3dffc02179c  kernel-huge-4.4.29-i586-1_slack14.2.txz
ebbe654ebfb20c2b17b535a4eee568db  kernel-huge-smp-4.4.29_smp-i686-1_slack14.2.txz
77705e2112a9aad7e5b1eda5ae40a544  kernel-modules-4.4.29-i586-1_slack14.2.txz
f131c03dc4971b14f33267b6bc469018  kernel-modules-smp-4.4.29_smp-i686-1_slack14.2.txz
4020837286ff3678eafdfe8ca1b286dc  kernel-source-4.4.29_smp-noarch-1_slack14.2.txz

Slackware x86_64 14.2 packages:
7a3059455d20095c4914efc140eb93d3  kernel-generic-4.4.29-x86_64-1_slack14.2.txz
ddae426aa1cb94ef4a20706d9562b349  kernel-headers-4.4.29-x86-1_slack14.2.txz
a626808871b4543b932161e6024af471  kernel-huge-4.4.29-x86_64-1_slack14.2.txz
970ba7d37ad375a5e10ab35e4bf1c3c3  kernel-modules-4.4.29-x86_64-1_slack14.2.txz
245ff7965885ca956d2e5639c5f0f3a0  kernel-source-4.4.29-noarch-1_slack14.2.txz

Slackware -current packages:
14641c14bcaa9a4abff88b79958df0e6  a/kernel-generic-4.4.29-i586-1.txz
808060a20d6656a5696cfd5cba53ed80  a/kernel-generic-smp-4.4.29_smp-i686-1.txz
322d42e0d09fcda5d1c7c666b82aa42c  a/kernel-huge-4.4.29-i586-1.txz
c4e4a12fe578c8d271706da7991cc951  a/kernel-huge-smp-4.4.29_smp-i686-1.txz
e387e16d5d591c8e356ccf54f25d8573  a/kernel-modules-4.4.29-i586-1.txz
c59f22b80fa306c4307290650699b5c0  a/kernel-modules-smp-4.4.29_smp-i686-1.txz
07f33b489f234c273744516bc1fd8900  d/kernel-headers-4.4.29_smp-x86-1.txz
ff91eed31a58bdac17b7bef3ded737a8  k/kernel-source-4.4.29_smp-noarch-1.txz

Slackware x86_64 -current packages:
3d355774da7a4a36f41041ab38ad2635  a/kernel-generic-4.4.29-x86_64-1.txz
552b9aaf58822a31991a4a84f37a7be2  a/kernel-huge-4.4.29-x86_64-1.txz
81b5b86c5b9793515ce473083514b637  a/kernel-modules-4.4.29-x86_64-1.txz
21c55dfb2e0986548cc654e69a2b5dc8  d/kernel-headers-4.4.29-x86-1.txz
5be03e0b8a0b65aec6db2c4a4f81360a  k/kernel-source-4.4.29-noarch-1.txz


Installation instructions:
+------------------------+

Upgrade the packages as root:
# upgradepkg kernel-*.txz

If you are using an initrd, you'll need to rebuild it.

For a 32-bit SMP machine, use this command (substitute the appropriate
kernel version if you are not running Slackware 14.2):
# /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.29-smp | bash

For a 64-bit machine, or a 32-bit uniprocessor machine, use this command
(substitute the appropriate kernel version if you are not running
Slackware 14.2):
# /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.29 | bash

Please note that "uniprocessor" has to do with the kernel you are running,
not with the CPU.  Most systems should run the SMP kernel (if they can)
regardless of the number of cores the CPU has.  If you aren't sure which
kernel you are running, run "uname -a".  If you see SMP there, you are
running the SMP kernel and should use the 4.4.29-smp version when running
mkinitrd_command_generator.  Note that this is only for 32-bit -- 64-bit
systems should always use 4.4.29 as the version.

If you are using lilo or elilo to boot the machine, you'll need to ensure
that the machine is properly prepared before rebooting.

If using LILO:
By default, lilo.conf contains an image= line that references a symlink
that always points to the correct kernel.  No editing should be required
unless your machine uses a custom lilo.conf.  If that is the case, be sure
that the image= line references the correct kernel file.  Either way,
you'll need to run "lilo" as root to reinstall the boot loader.

If using elilo:
Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish
to use, and then run eliloconfig to update the EFI System Partition.

+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back containing instructions to    |
| complete the process.  Please do not reply to this email address.      |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAlgX5dUACgkQakRjwEAQIjOIVgCfUwhT14LaTkC5S+JoJlJNUvss
zGQAoIKl2DD02vg8X61QE6di8tTo1IRN
=l0xf
-----END PGP SIGNATURE-----

Slackware™ is a trademark of Patrick Volkerding.