Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2008-0233

Опубликовано: 08 мая 2008
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2008-0233: kernel security and bug fix update (IMPORTANT)

[2.6.18-53.1.19.0.1.el5]

  • [NET] Add entropy support to e1000 and bnx2 (John Sobecki) [ORA 6045759]
  • [NET] Fix msi issue with kexec/kdump (Michael Chan) [ORA 6219364]
  • [MM] Fix alloc_pages_node() static nid' race made kernel crash (Joe Jin) [ORA 6187457]
  • [splice] Fix bad unlock_page() in error case (Jens Axboe) [ORA 6263574]
  • [dio] fix error-path crashes (Linux Torvalds) [ORA 6242289]

[2.6.18-53.1.19.el5]

  • [xen] check num of segments in block backend driver (Bill Burns ) [378281]
  • [x86_64] update IO-APIC dest field to 8-bit for xAPIC (Dave Anderson ) [442922]
  • Update: [fs] fix race condition in dnotify (Alexander Viro ) [439758] {CVE-2008-1375}
  • Update: [xen] ia64: ftp stress test fixes between HVM/Dom0 (Tetsu Yamamoto ) [427400] {CVE-2008-1619}

[2.6.18-53.1.18.el5]

  • Update: [fs] fix race condition in dnotify (Alexander Viro ) [439758] {CVE-2008-1375}

[2.6.18-53.1.17.el5]

  • [fs] fix race condition in dnotify (Alexander Viro ) [439758] {CVE-2008-1375}
  • [pci] hotplug: PCI Express problems with bad DLLPs (Kei Tokunaga ) [440438]
  • [nfs] stop sillyrenames and unmounts from racing (Steve Dickson ) [440447]
  • [x86] clear df flag for signal handlers (Jason Baron ) [437316] {CVE-2008-1367}
  • [xen] ia64: ftp stress test fixes between HVM/Dom0 (Tetsu Yamamoto ) [427400] {CVE-2008-1619}
  • [xen] ia64: fix ssm_i emulation barrier and vdso pv (Tetsu Yamamoto ) [427400] {CVE-2008-1619}

[2.6.18-53.1.16.el5]

  • [misc] fix range check in fault handlers with mremap (Vitaly Mayatskikh ) [428970]
  • [video] neofb: avoid overwriting fb_info fields (Anton Arapov ) [430253]

[2.6.18-53.1.15.el5]

  • [libata] sata_nv: un-blacklist hitachi drives (David Milburn ) [433617]
  • [libata] sata_nv: may send cmds with duplicate tags (David Milburn ) [433617]
  • [s390] qdio: output queue stall on FCP and net devs (Hans-Joachim Picht ) [412071]
  • [xen] ia64: guest has bad network performance (Tetsu Yamamoto ) [433616]

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

kernel

2.6.18-53.1.19.0.1.el5

kernel-debug

2.6.18-53.1.19.0.1.el5

kernel-debug-devel

2.6.18-53.1.19.0.1.el5

kernel-devel

2.6.18-53.1.19.0.1.el5

kernel-doc

2.6.18-53.1.19.0.1.el5

kernel-headers

2.6.18-53.1.19.0.1.el5

kernel-xen

2.6.18-53.1.19.0.1.el5

kernel-xen-devel

2.6.18-53.1.19.0.1.el5

ocfs2-2.6.18-53.1.19.0.1.el5

1.2.8-2.el5

ocfs2-2.6.18-53.1.19.0.1.el5debug

1.2.8-2.el5

ocfs2-2.6.18-53.1.19.0.1.el5xen

1.2.8-2.el5

oracleasm-2.6.18-53.1.19.0.1.el5

2.0.4-1.el5

oracleasm-2.6.18-53.1.19.0.1.el5debug

2.0.4-1.el5

oracleasm-2.6.18-53.1.19.0.1.el5xen

2.0.4-1.el5

Oracle Linux i386

kernel

2.6.18-53.1.19.0.1.el5

kernel-PAE

2.6.18-53.1.19.0.1.el5

kernel-PAE-devel

2.6.18-53.1.19.0.1.el5

kernel-debug

2.6.18-53.1.19.0.1.el5

kernel-debug-devel

2.6.18-53.1.19.0.1.el5

kernel-devel

2.6.18-53.1.19.0.1.el5

kernel-doc

2.6.18-53.1.19.0.1.el5

kernel-headers

2.6.18-53.1.19.0.1.el5

kernel-xen

2.6.18-53.1.19.0.1.el5

kernel-xen-devel

2.6.18-53.1.19.0.1.el5

ocfs2-2.6.18-53.1.19.0.1.el5

1.2.8-2.el5

ocfs2-2.6.18-53.1.19.0.1.el5PAE

1.2.8-2.el5

ocfs2-2.6.18-53.1.19.0.1.el5debug

1.2.8-2.el5

ocfs2-2.6.18-53.1.19.0.1.el5xen

1.2.8-2.el5

oracleasm-2.6.18-53.1.19.0.1.el5

2.0.4-1.el5

oracleasm-2.6.18-53.1.19.0.1.el5PAE

2.0.4-1.el5

oracleasm-2.6.18-53.1.19.0.1.el5debug

2.0.4-1.el5

oracleasm-2.6.18-53.1.19.0.1.el5xen

2.0.4-1.el5

Связанные CVE

CVE-2008-1367
CVE-2008-1375
CVE-2008-1619
CVE-2007-5498
CVE-2008-0007
CVE-2008-1669

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2008-1367

ubuntu
больше 17 лет назад

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signal handling in the Linux kernel, which might allow context-dependent attackers to trigger memory corruption. NOTE: this issue was originally reported for CPU consumption in SBCL.

redhat логотип

CVE-2008-1367

redhat
больше 17 лет назад

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signal handling in the Linux kernel, which might allow context-dependent attackers to trigger memory corruption. NOTE: this issue was originally reported for CPU consumption in SBCL.

nvd логотип

CVE-2008-1367

nvd
больше 17 лет назад

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signal handling in the Linux kernel, which might allow context-dependent attackers to trigger memory corruption. NOTE: this issue was originally reported for CPU consumption in SBCL.

debian логотип

CVE-2008-1367

debian
больше 17 лет назад

gcc 4.3.x does not generate a cld instruction while compiling function ...

github логотип

GHSA-mh8h-6q9x-8j58

github
около 3 лет назад

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signal handling in the Linux kernel, which might allow context-dependent attackers to trigger memory corruption. NOTE: this issue was originally reported for CPU consumption in SBCL.