Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2010-0147

Опубликовано: 17 мар. 2010
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2010-0147: kernel security and bug fix update (IMPORTANT)

[2.6.18-164.15.1.0.1.el5]

  • [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514]
  • Add entropy support to igb ( John Sobecki) [orabug 7607479]
  • [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332]
  • [NET] Add xen pv/bonding netconsole support (Tina yang) [orabug 6993043] [bz 7258]
  • [MM] shrink zone patch (John Sobecki,Chris Mason) [orabug 6086839]
  • fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]
  • [nfsd] fix failure of file creation from hpux client (Wen gang Wang) [orabug 7579314]
  • FP register state is corrupted during the handling a SIGSEGV (Chuck Anderson) [orabug 7708133]
  • [x86_64] PCI space below 4GB forces mem remap above 1TB (Larry Woodman) [523522]
  • [cpufreq] P-state limit: limit can never be increased (Stanislaw Gruszka) [489566]
  • [rds] patch rds to 4.0-ora-1.4.2-10 (Andy Grover, Tina Yang) [orabug 9168046] [RHBZ 546374]

[2.6.18-164.15.1.el5]

  • [net] sctp: backport cleanups for ootb handling V2 (Neil Horman) [555666 555667] {CVE-2010-0008}
  • Reverting: [net] sctp: backport cleanups for ootb handling (Neil Horman) [555666 555667] {CVE-2010-0008}

[2.6.18-164.14.1.el5]

  • [fs] ext4: Avoid null pointer dereference when decoding EROFS w/o a journal (Jiri Pirko) [547256 547257] {CVE-2009-4308}
  • [net] sctp: backport cleanups for ootb handling (Neil Horman) [555666 555667] {CVE-2010-0008}
  • [mm] fix sys_move_pages infoleak (Eugene Teo) [562589 562590] {CVE-2010-0415}
  • [x86_64] wire up compat sched_rr_get_interval (Danny Feng) [557684 557092]
  • [net] netfilter: enforce CAP_NET_ADMIN in ebtables (Danny Feng) [555242 555243] {CVE-2010-0007}
  • [misc] fix kernel info leak with print-fatal-signals=1 (Danny Feng) [554583 554584] {CVE-2010-0003}
  • [net] ipv6: fix OOPS in ip6_dst_lookup_tail (Thomas Graf) [559238 552354]
  • [kvm] pvclock on i386 suffers from double registering (Glauber Costa) [561454 557095]
  • [pci] VF can't be enabled in dom0 (Don Dutile) [560665 547980]
  • [kvm] kvmclock won't restore properly after resume (Glauber Costa) [560640 539521]
  • [mm] prevent performance hit for 32-bit apps on x86_64 (Larry Woodman) [562746 544448]
  • [fs] fix possible inode corruption on unlock (Eric Sandeen) [564281 545612]
  • [gfs2] careful unlinking inodes (Steven Whitehouse ) [564288 519049]
  • [gfs2] gfs2_delete_inode failing on RO filesystem (Abhijith Das ) [564290 501359]

[2.6.18-164.13.1.el5]

  • [net] e1000e: fix broken wol (Andy Gospodarek) [559335 557974]
  • [net] gro: fix illegal merging of trailer trash (Herbert Xu) [561417 537876]
  • [xen] hook sched rebalance logic to opt_hardvirt (Christopher Lalancette ) [562777 529271]
  • [xen] crank the correct stat in the scheduler (Christopher Lalancette ) [562777 529271]
  • [xen] whitespace fixups in xen scheduler (Christopher Lalancette ) [562777 529271]
  • [scsi] cciss: ignore stale commands after reboot (Tomas Henzl ) [562772 525440]
  • [scsi] cciss: version change (Tomas Henzl ) [562772 525440]
  • [scsi] cciss: switch to using hlist (Tomas Henzl ) [562772 525440]
  • [net] bonding: allow bond in mode balance-alb to work (Jiri Pirko ) [560588 487763]
  • [net] e1000e: fix WoL on 82577/82578 (Jiri Pirko ) [543449 517593]

[2.6.18-164.12.1.el5]

  • [net] e1000: fix rx length check errors (Neil Horman) [552137 552138] {CVE-2009-4536}
  • Revert: [net] e1000, r9169: fix rx length check errors (Cong Wang ) [550914 550915]
  • [fs] jbd: fix race in slab creation/deletion (Josef Bacik) [553132 496847]

Обновленные пакеты

Oracle Linux 5

Oracle Linux ia64

kernel

2.6.18-164.15.1.0.1.el5

kernel-debug

2.6.18-164.15.1.0.1.el5

kernel-debug-devel

2.6.18-164.15.1.0.1.el5

kernel-devel

2.6.18-164.15.1.0.1.el5

kernel-doc

2.6.18-164.15.1.0.1.el5

kernel-headers

2.6.18-164.15.1.0.1.el5

kernel-xen

2.6.18-164.15.1.0.1.el5

kernel-xen-devel

2.6.18-164.15.1.0.1.el5

ocfs2-2.6.18-164.15.1.0.1.el5

1.4.4-1.el5

ocfs2-2.6.18-164.15.1.0.1.el5debug

1.4.4-1.el5

ocfs2-2.6.18-164.15.1.0.1.el5xen

1.4.4-1.el5

oracleasm-2.6.18-164.15.1.0.1.el5

2.0.5-1.el5

oracleasm-2.6.18-164.15.1.0.1.el5debug

2.0.5-1.el5

oracleasm-2.6.18-164.15.1.0.1.el5xen

2.0.5-1.el5

Oracle Linux x86_64

kernel

2.6.18-164.15.1.0.1.el5

kernel-debug

2.6.18-164.15.1.0.1.el5

kernel-debug-devel

2.6.18-164.15.1.0.1.el5

kernel-devel

2.6.18-164.15.1.0.1.el5

kernel-doc

2.6.18-164.15.1.0.1.el5

kernel-headers

2.6.18-164.15.1.0.1.el5

kernel-xen

2.6.18-164.15.1.0.1.el5

kernel-xen-devel

2.6.18-164.15.1.0.1.el5

ocfs2-2.6.18-164.15.1.0.1.el5

1.4.4-1.el5

ocfs2-2.6.18-164.15.1.0.1.el5debug

1.4.4-1.el5

ocfs2-2.6.18-164.15.1.0.1.el5xen

1.4.4-1.el5

oracleasm-2.6.18-164.15.1.0.1.el5

2.0.5-1.el5

oracleasm-2.6.18-164.15.1.0.1.el5debug

2.0.5-1.el5

oracleasm-2.6.18-164.15.1.0.1.el5xen

2.0.5-1.el5

Oracle Linux i386

kernel

2.6.18-164.15.1.0.1.el5

kernel-PAE

2.6.18-164.15.1.0.1.el5

kernel-PAE-devel

2.6.18-164.15.1.0.1.el5

kernel-debug

2.6.18-164.15.1.0.1.el5

kernel-debug-devel

2.6.18-164.15.1.0.1.el5

kernel-devel

2.6.18-164.15.1.0.1.el5

kernel-doc

2.6.18-164.15.1.0.1.el5

kernel-headers

2.6.18-164.15.1.0.1.el5

kernel-xen

2.6.18-164.15.1.0.1.el5

kernel-xen-devel

2.6.18-164.15.1.0.1.el5

ocfs2-2.6.18-164.15.1.0.1.el5

1.4.4-1.el5

ocfs2-2.6.18-164.15.1.0.1.el5PAE

1.4.4-1.el5

ocfs2-2.6.18-164.15.1.0.1.el5debug

1.4.4-1.el5

ocfs2-2.6.18-164.15.1.0.1.el5xen

1.4.4-1.el5

oracleasm-2.6.18-164.15.1.0.1.el5

2.0.5-1.el5

oracleasm-2.6.18-164.15.1.0.1.el5PAE

2.0.5-1.el5

oracleasm-2.6.18-164.15.1.0.1.el5debug

2.0.5-1.el5

oracleasm-2.6.18-164.15.1.0.1.el5xen

2.0.5-1.el5

Связанные CVE

CVE-2009-4308
CVE-2010-0007
CVE-2010-0008
CVE-2010-0415
CVE-2010-0437
CVE-2010-0003

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2009-4308

ubuntu
больше 15 лет назад

The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal.

redhat логотип

CVE-2009-4308

redhat
около 16 лет назад

The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal.

nvd логотип

CVE-2009-4308

nvd
больше 15 лет назад

The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal.

debian логотип

CVE-2009-4308

debian
больше 15 лет назад

The ext4_decode_error function in fs/ext4/super.c in the ext4 filesyst ...

github логотип

GHSA-vrr8-qf64-vrjr

github
больше 3 лет назад

The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal.