Описание
ELSA-2011-2016: Unbreakable Enterprise kernel security fix update (IMPORTANT)
A [2.6.32-100.28.17.el6]
- [net] Extend prot->slab size when add sock extend fields.
[2.6.32-100.28.16.el6]
- kernel: Fix unlimited socket backlog DoS {CVE-2010-4251}
- RDS: Fix congestion issues for loopback
- rds: prevent BUG_ON triggering on congestion map updates {CVE-2011-1023}
- epoll: prevent creating circular epoll structures {CVE-2011-1082}
- fs: fix corrupted OSF partition table parsing {CVE-2011-1163}
- fs: Increase OSF partition limit from 8 to 18 {CVE-2011-1163}
- netfilter: arp_tables: fix infoleak to userspace {CVE-2011-1170}
- netfilter: ip_tables: fix infoleak to userspace {CVE-2011-1171}
- ipv6: netfilter: ip6_tables: fix infoleak to userspace {CVE-2011-1172}
- [SCSI] mpt2sas: prevent heap overflows and unchecked reads {CVE-2011-1494, CVE-2011-1495}
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.32-100.28.17.el5
kernel-uek-debug
2.6.32-100.28.17.el5
kernel-uek-debug-devel
2.6.32-100.28.17.el5
kernel-uek-devel
2.6.32-100.28.17.el5
kernel-uek-doc
2.6.32-100.28.17.el5
kernel-uek-firmware
2.6.32-100.28.17.el5
kernel-uek-headers
2.6.32-100.28.17.el5
ofa-2.6.32-100.28.17.el5
1.5.1-4.0.28
ofa-2.6.32-100.28.17.el5debug
1.5.1-4.0.28
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.32-100.28.17.el6
kernel-uek-debug
2.6.32-100.28.17.el6
kernel-uek-debug-devel
2.6.32-100.28.17.el6
kernel-uek-devel
2.6.32-100.28.17.el6
kernel-uek-doc
2.6.32-100.28.17.el6
kernel-uek-firmware
2.6.32-100.28.17.el6
kernel-uek-headers
2.6.32-100.28.17.el6
Ссылки на источники
Связанные уязвимости
ELSA-2011-0542: Oracle Linux 6.1 kernel security, bug fix and enhancement update (IMPORTANT)
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests.
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests.
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests.
The socket implementation in net/core/sock.c in the Linux kernel befor ...