Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2011-2010

Опубликовано: 16 мар. 2011
Источник: oracle-oval
Платформа: Oracle Linux 5
Платформа: Oracle Linux 6

Описание

ELSA-2011-2010: Oracle Linux 6 Unbreakable Enterprise kernel security fix update (IMPORTANT)

[2.6.32-100.28.9.el6]

  • sync up the version

[2.6.32-100.28.8.el6]

  • [block] check for proper length of iov entries earlier in blk_rq_map_user_iov (Xiaotian Feng) {CVE-2010-4668}
  • scm: lower SCM_MAX_FD (Eric Dumazet) {CVE-2010-4249}
  • perf_events: Fix perf_counter_mmap() hook in mprotect() (Pekka Enberg) {CVE-2010-4169}
  • tcp: Increase TCP_MAXSEG socket option minimum (David S. Miller) {CVE-2010-4165}
  • Enable module force load option [orabug 11782146]
  • Enable vmw balloon and pvscsi (Guru Anbalagane) [orabug 11697522]

[2.6.32-100.28.7.el6]

  • build from git

[2.6.32-100.28.6.el6]

  • Remove crashkernel option if it is present [bug 11714928]

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

kernel-uek

2.6.32-100.28.9.el5

kernel-uek-debug

2.6.32-100.28.9.el5

kernel-uek-debug-devel

2.6.32-100.28.9.el5

kernel-uek-devel

2.6.32-100.28.9.el5

kernel-uek-doc

2.6.32-100.28.9.el5

kernel-uek-firmware

2.6.32-100.28.9.el5

kernel-uek-headers

2.6.32-100.28.9.el5

ofa-2.6.32-100.28.9.el5

1.5.1-4.0.28

ofa-2.6.32-100.28.9.el5debug

1.5.1-4.0.28

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

2.6.32-100.28.9.el6

kernel-uek-debug

2.6.32-100.28.9.el6

kernel-uek-debug-devel

2.6.32-100.28.9.el6

kernel-uek-devel

2.6.32-100.28.9.el6

kernel-uek-doc

2.6.32-100.28.9.el6

kernel-uek-firmware

2.6.32-100.28.9.el6

kernel-uek-headers

2.6.32-100.28.9.el6

Связанные CVE

CVE-2010-4165
CVE-2010-4668
CVE-2010-4249
CVE-2010-4169

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2011-0283

oracle-oval
больше 14 лет назад

ELSA-2011-0283: kernel security, bug fix, and enhancement update (MODERATE)

ubuntu логотип

CVE-2010-4165

ubuntu
больше 14 лет назад

The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer.

redhat логотип

CVE-2010-4165

redhat
больше 14 лет назад

The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer.

nvd логотип

CVE-2010-4165

nvd
больше 14 лет назад

The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer.

debian логотип

CVE-2010-4165

debian
больше 14 лет назад

The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel b ...