Описание
ELSA-2012-0690: kernel security and bug fix update (IMPORTANT)
[2.6.18-308.8.1.el5]
- [net] sock: validate data_len before allocating skb in sock_alloc_send_pskb() (Jason Wang) [816290 816106] {CVE-2012-2136}
- [net] tg3: Fix VLAN tagging assignments (John Feeney) [817691 797011]
- [net] ixgbe: do not stop stripping VLAN tags in promiscuous mode (Andy Gospodarek) [809791 804800]
- [s390] zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (Hendrik Brueckner) [810123 808489]
- [x86] unwind information fix for the vsyscall DSO (Prarit Bhargava) [807930 805799]
[2.6.18-308.7.1.el5]
- [fs] epoll: Don't limit non-nested epoll paths (Jason Baron) [809380 804778]
[2.6.18-308.6.1.el5]
- [scsi] fc class: fix scanning when devs are offline (Mike Christie) [816684 799530]
- [md] dm-multipath: delay retry of bypassed pg (Mike Christie) [816684 799530]
- [net] bonding: properly unset current_arp_slave on slave link up (Veaceslav Falico) [811927 800575]
- [net] bonding: remove {master,vlan}_ip and query devices instead (Andy Gospodarek) [810321 772216]
[2.6.18-308.5.1.el5]
- [scsi] skip sense logging for some ATA PASS-THROUGH cdbs (David Milburn) [807265 788777]
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
kernel
2.6.18-308.8.1.el5
kernel-debug
2.6.18-308.8.1.el5
kernel-debug-devel
2.6.18-308.8.1.el5
kernel-devel
2.6.18-308.8.1.el5
kernel-doc
2.6.18-308.8.1.el5
kernel-headers
2.6.18-308.8.1.el5
kernel-xen
2.6.18-308.8.1.el5
kernel-xen-devel
2.6.18-308.8.1.el5
ocfs2-2.6.18-308.8.1.el5
1.4.9-1.el5
ocfs2-2.6.18-308.8.1.el5debug
1.4.9-1.el5
ocfs2-2.6.18-308.8.1.el5xen
1.4.9-1.el5
oracleasm-2.6.18-308.8.1.el5
2.0.5-1.el5
oracleasm-2.6.18-308.8.1.el5debug
2.0.5-1.el5
oracleasm-2.6.18-308.8.1.el5xen
2.0.5-1.el5
Oracle Linux x86_64
kernel
2.6.18-308.8.1.el5
kernel-debug
2.6.18-308.8.1.el5
kernel-debug-devel
2.6.18-308.8.1.el5
kernel-devel
2.6.18-308.8.1.el5
kernel-doc
2.6.18-308.8.1.el5
kernel-headers
2.6.18-308.8.1.el5
kernel-xen
2.6.18-308.8.1.el5
kernel-xen-devel
2.6.18-308.8.1.el5
ocfs2-2.6.18-308.8.1.el5
1.4.9-1.el5
ocfs2-2.6.18-308.8.1.el5debug
1.4.9-1.el5
ocfs2-2.6.18-308.8.1.el5xen
1.4.9-1.el5
oracleasm-2.6.18-308.8.1.el5
2.0.5-1.el5
oracleasm-2.6.18-308.8.1.el5debug
2.0.5-1.el5
oracleasm-2.6.18-308.8.1.el5xen
2.0.5-1.el5
Oracle Linux i386
kernel
2.6.18-308.8.1.el5
kernel-PAE
2.6.18-308.8.1.el5
kernel-PAE-devel
2.6.18-308.8.1.el5
kernel-debug
2.6.18-308.8.1.el5
kernel-debug-devel
2.6.18-308.8.1.el5
kernel-devel
2.6.18-308.8.1.el5
kernel-doc
2.6.18-308.8.1.el5
kernel-headers
2.6.18-308.8.1.el5
kernel-xen
2.6.18-308.8.1.el5
kernel-xen-devel
2.6.18-308.8.1.el5
ocfs2-2.6.18-308.8.1.el5
1.4.9-1.el5
ocfs2-2.6.18-308.8.1.el5PAE
1.4.9-1.el5
ocfs2-2.6.18-308.8.1.el5debug
1.4.9-1.el5
ocfs2-2.6.18-308.8.1.el5xen
1.4.9-1.el5
oracleasm-2.6.18-308.8.1.el5
2.0.5-1.el5
oracleasm-2.6.18-308.8.1.el5PAE
2.0.5-1.el5
oracleasm-2.6.18-308.8.1.el5debug
2.0.5-1.el5
oracleasm-2.6.18-308.8.1.el5xen
2.0.5-1.el5
Связанные CVE
Связанные уязвимости
The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device.
The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device.
The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device.
The sock_alloc_send_pskb function in net/core/sock.c in the Linux kern ...
The sock_alloc_send_pskb function in net/core/sock.c in the Linux kernel before 3.4.5 does not properly validate a certain length value, which allows local users to cause a denial of service (heap-based buffer overflow and system crash) or possibly gain privileges by leveraging access to a TUN/TAP device.