Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2010-2008

Опубликовано: 04 окт. 2010
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2010-2008: Unbreakable enterprise kernel security update (IMPORTANT)

[2.6.32-100.20.1.el5]

  • [fs] xfs: return inode fork offset in bulkstat for fsr (Dave Chinner)
  • [fs] xfs: always use iget in bulkstat (Dave Chinner) {CVE-2010-2943}
  • [fs] xfs: validate untrusted inode numbers during lookup (Dave Chinner) {CVE-2 010-2943}
  • [fs] xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED (Dave Chinner) {CVE-2 010-2943}
  • [net] net sched: fix some kernel memory leaks (Eric Dumazet) {CVE-2010-2942}
  • [fs] ocfs2: Don't walk off the end of fast symlinks (Joel Becker)

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

kernel

2.6.32-100.20.1.el5

kernel-debug

2.6.32-100.20.1.el5

kernel-debug-devel

2.6.32-100.20.1.el5

kernel-devel

2.6.32-100.20.1.el5

kernel-doc

2.6.32-100.20.1.el5

kernel-firmware

2.6.32-100.20.1.el5

kernel-headers

2.6.32-100.20.1.el5

ofa-2.6.32-100.20.1.el5

1.5.1-4.0.20

Связанные CVE

CVE-2010-2942
CVE-2010-2943

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2010-0723

oracle-oval
больше 14 лет назад

ELSA-2010-0723: kernel security and bug fix update (IMPORTANT)

ubuntu логотип

CVE-2010-2943

CVSS3: 8.1
ubuntu
больше 14 лет назад

The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.

redhat логотип

CVE-2010-2943

redhat
около 15 лет назад

The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.

nvd логотип

CVE-2010-2943

CVSS3: 8.1
nvd
больше 14 лет назад

The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.

debian логотип

CVE-2010-2943

CVSS3: 8.1
debian
больше 14 лет назад

The xfs implementation in the Linux kernel before 2.6.35 does not look ...