Описание
ELSA-2009-0264: kernel security update (IMPORTANT)
[2.6.18-128.1.1.0.1.el5]
- [NET] Add entropy support to e1000 and bnx2 (John Sobecki,Guru Anbalagane) [orabug 6045759]
- [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258]
- [nfs] convert ENETUNREACH to ENOTCONN (Guru Anbalagane) [orabug 7689332]
[2.6.18-128.1.1.el5]
- [security] introduce missing kfree (Jiri Pirko ) [480597 480598] {CVE-2009-0031}
- [sched] fix clock_gettime monotonicity (Peter Zijlstra ) [481122 477763]
- [nfs] create rpc clients with proper auth flavor (Jeff Layton ) [481119 465456]
- [net] sctp: overflow with bad stream ID in FWD-TSN chunk (Eugene Teo ) [478804 478805] {CVE-2009-0065}
- [md] fix oops with device-mapper mirror target (Heinz Mauelshagen ) [481120 472558]
- [openib] restore traffic in connected mode on HCA (AMEET M. PARANJAPE ) [479812 477000]
- [net] add preemption point in qdisc_run (Jiri Pirko ) [477746 471398] {CVE-2008-5713}
- [x86_64] copy_user_c assembler can leave garbage in rsi (Larry Woodman ) [481117 456682]
- [misc] setpgid returns ESRCH in some situations (Oleg Nesterov ) [480576 472433]
- [s390] zfcp: fix hexdump data in s390dbf traces (Hans-Joachim Picht ) [480996 470618]
- [fs] hfsplus: fix buffer overflow with a corrupted image (Anton Arapov ) [469637 469638] {CVE-2008-4933}
- [fs] hfsplus: check read_mapping_page return value (Anton Arapov ) [469644 469645] {CVE-2008-4934}
- [fs] hfs: fix namelength memory corruption (Anton Arapov ) [470772 470773] {CVE-2008-5025}
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel
2.6.18-128.1.1.0.1.el5
kernel-debug
2.6.18-128.1.1.0.1.el5
kernel-debug-devel
2.6.18-128.1.1.0.1.el5
kernel-devel
2.6.18-128.1.1.0.1.el5
kernel-doc
2.6.18-128.1.1.0.1.el5
kernel-headers
2.6.18-128.1.1.0.1.el5
kernel-xen
2.6.18-128.1.1.0.1.el5
kernel-xen-devel
2.6.18-128.1.1.0.1.el5
ocfs2-2.6.18-128.1.1.0.1.el5
1.2.9-1.el5
ocfs2-2.6.18-128.1.1.0.1.el5
1.4.1-1.el5
ocfs2-2.6.18-128.1.1.0.1.el5debug
1.2.9-1.el5
ocfs2-2.6.18-128.1.1.0.1.el5debug
1.4.1-1.el5
ocfs2-2.6.18-128.1.1.0.1.el5xen
1.2.9-1.el5
ocfs2-2.6.18-128.1.1.0.1.el5xen
1.4.1-1.el5
oracleasm-2.6.18-128.1.1.0.1.el5
2.0.5-1.el5
oracleasm-2.6.18-128.1.1.0.1.el5debug
2.0.5-1.el5
oracleasm-2.6.18-128.1.1.0.1.el5xen
2.0.5-1.el5
Oracle Linux i386
kernel
2.6.18-128.1.1.0.1.el5
kernel-PAE
2.6.18-128.1.1.0.1.el5
kernel-PAE-devel
2.6.18-128.1.1.0.1.el5
kernel-debug
2.6.18-128.1.1.0.1.el5
kernel-debug-devel
2.6.18-128.1.1.0.1.el5
kernel-devel
2.6.18-128.1.1.0.1.el5
kernel-doc
2.6.18-128.1.1.0.1.el5
kernel-headers
2.6.18-128.1.1.0.1.el5
kernel-xen
2.6.18-128.1.1.0.1.el5
kernel-xen-devel
2.6.18-128.1.1.0.1.el5
ocfs2-2.6.18-128.1.1.0.1.el5
1.2.9-1.el5
ocfs2-2.6.18-128.1.1.0.1.el5
1.4.1-1.el5
ocfs2-2.6.18-128.1.1.0.1.el5PAE
1.2.9-1.el5
ocfs2-2.6.18-128.1.1.0.1.el5PAE
1.4.1-1.el5
ocfs2-2.6.18-128.1.1.0.1.el5debug
1.2.9-1.el5
ocfs2-2.6.18-128.1.1.0.1.el5debug
1.4.1-1.el5
ocfs2-2.6.18-128.1.1.0.1.el5xen
1.2.9-1.el5
ocfs2-2.6.18-128.1.1.0.1.el5xen
1.4.1-1.el5
oracleasm-2.6.18-128.1.1.0.1.el5
2.0.5-1.el5
oracleasm-2.6.18-128.1.1.0.1.el5PAE
2.0.5-1.el5
oracleasm-2.6.18-128.1.1.0.1.el5debug
2.0.5-1.el5
oracleasm-2.6.18-128.1.1.0.1.el5xen
2.0.5-1.el5
Ссылки на источники
Связанные уязвимости
Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree."
Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree."
Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree."
Memory leak in the keyctl_join_session_keyring function (security/keys ...
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить доступность защищаемой информации