Описание
ELSA-2011-0836: kernel security and bug fix update (IMPORTANT)
[2.6.32-131.2.1.el6]
- [kernel] lib/vsprintf.c: add %pU to print UUID/GUIDs (Frantisek Hrbata) [704280 700299]
- [scsi] megaraid_sas: Driver only report tape drive, JBOD and logic drives (Tomas Henzl) [704601 619422]
[2.6.32-131.1.1.el6]
- [net] dccp: handle invalid feature options length (Jiri Pirko) [703012 703013] {CVE-2011-1770}
- [fs] cifs: check for private_data before trying to put it (Jeff Layton) [703017 702642] {CVE-2011-1771}
- [net] can: add missing socket check in can/raw and can/bcm release (Jiri Pirko) [698482 698483] {CVE-2011-1748 CVE-2011-1598}
- [netdrv] ixgbe: do not clear FCoE DDP error status for received ABTS (Andy Gospodarek) [704011 695966]
- [netdrv] ixgbe: DCB remove ixgbe_fcoe_getapp routine (Andy Gospodarek) [704002 694358]
- [fs] setup_arg_pages: diagnose excessive argument size (Oleg Nesterov) [645228 645229] {CVE-2010-3858}
- [scsi] bfa: change tech-preview to cover all cases (Rob Evers) [704014 703251]
- [scsi] bfa: driver version update (Rob Evers) [704282 703265]
- [scsi] bfa: kdump fix (Rob Evers) [704282 703265]
- [scsi] bfa: firmware download fix (Rob Evers) [704282 703265]
- [netdrv] bna: fix memory leak during RX path cleanup (Ivan Vecera) [704000 698625]
- [netdrv] bna: fix for clean fw re-initialization (Ivan Vecera) [704000 698625]
- [scsi] ipr: improve interrupt service routine performance (Steve Best) [704009 696754]
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
kernel
2.6.32-131.2.1.el6
kernel-debug
2.6.32-131.2.1.el6
kernel-debug-devel
2.6.32-131.2.1.el6
kernel-devel
2.6.32-131.2.1.el6
kernel-doc
2.6.32-131.2.1.el6
kernel-firmware
2.6.32-131.2.1.el6
kernel-headers
2.6.32-131.2.1.el6
perf
2.6.32-131.2.1.el6
Oracle Linux i686
kernel
2.6.32-131.2.1.el6
kernel-debug
2.6.32-131.2.1.el6
kernel-debug-devel
2.6.32-131.2.1.el6
kernel-devel
2.6.32-131.2.1.el6
kernel-doc
2.6.32-131.2.1.el6
kernel-firmware
2.6.32-131.2.1.el6
kernel-headers
2.6.32-131.2.1.el6
perf
2.6.32-131.2.1.el6
Ссылки на источники
Связанные уязвимости
ELSA-2011-2019: Oracle Linux 6 Unbreakable Enterprise kernel security fix update (IMPORTANT)
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2 ...