Описание
ELSA-2012-1445: kernel security and bug fix update (LOW)
[2.6.18-308.20.1.el5]
- Revert: [x86] mm: randomize SHLIB_BASE (Dave Anderson) [804953 804954] {CVE-2012-1568}
[2.6.18-308.19.1.el5]
- [net] be2net: Remove code that stops further access to BE NIC based on UE bits (Alexander Gordeev) [867896 862811]
- [net] netpoll: fix an incorrect check for NULL pointer (Alexander Gordeev) [856079 848098]
- [net] mlx4: Add support for EEH error recovery (Alexander Gordeev) [847404 798048]
- [fs] ext4: fix undefined bit shift result in ext4_fill_flex_info (Eric Sandeen) [809688 809689] {CVE-2012-2100}
- [fs] ext4: fix undefined behavior in ext4_fill_flex_info (Eric Sandeen) [809688 809689] {CVE-2012-2100}
- [fs] fix crash if block {device|size} read & changed at sametime (Mikulas Patocka) [864823 756506]
- [x86] mm: randomize SHLIB_BASE (Dave Anderson) [804953 804954] {CVE-2012-1568}
- [net] ipv6: Fix fib6_dump_table walker leak (Jiri Benc) [861387 819830]
- [fs] cifs: update cifs_dfs_d_automount caller path (Sachin Prabhu) [858774 857448]
- [xen] x86: change the default behaviour of CVE-2012-2934 fix (Petr Matousek) [859946 858724]
- [net] ipvs: allow transmit of GRO aggregated skbs (Jesper Brouer) [857966 854067]
- [scsi] isci: fixup linkspeed definitions (David Milburn) [854986 833000]
- [fs] nfs: nfs_d_automount update caller path after do_add_mount (Carlos Maiolino) [857552 834379]
- [fs] vfs: Fix vfsmount overput on simultaneous automount (Carlos Maiolino) [857552 834379]
[2.6.18-308.18.1.el5]
- [fs] autofs4: Merge the remaining dentry ops tables (Ian Kent) [857558 850977]
[2.6.18-308.17.1.el5]
- [fs] cifs: Invalidate file cache in case of posix open (Sachin Prabhu) [857964 852526]
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
kernel
2.6.18-308.20.1.el5
kernel-debug
2.6.18-308.20.1.el5
kernel-debug-devel
2.6.18-308.20.1.el5
kernel-devel
2.6.18-308.20.1.el5
kernel-doc
2.6.18-308.20.1.el5
kernel-headers
2.6.18-308.20.1.el5
kernel-xen
2.6.18-308.20.1.el5
kernel-xen-devel
2.6.18-308.20.1.el5
ocfs2-2.6.18-308.20.1.el5
1.4.10-1.el5
ocfs2-2.6.18-308.20.1.el5debug
1.4.10-1.el5
ocfs2-2.6.18-308.20.1.el5xen
1.4.10-1.el5
oracleasm-2.6.18-308.20.1.el5
2.0.5-1.el5
oracleasm-2.6.18-308.20.1.el5debug
2.0.5-1.el5
oracleasm-2.6.18-308.20.1.el5xen
2.0.5-1.el5
Oracle Linux x86_64
kernel
2.6.18-308.20.1.el5
kernel-debug
2.6.18-308.20.1.el5
kernel-debug-devel
2.6.18-308.20.1.el5
kernel-devel
2.6.18-308.20.1.el5
kernel-doc
2.6.18-308.20.1.el5
kernel-headers
2.6.18-308.20.1.el5
kernel-xen
2.6.18-308.20.1.el5
kernel-xen-devel
2.6.18-308.20.1.el5
ocfs2-2.6.18-308.20.1.el5
1.4.10-1.el5
ocfs2-2.6.18-308.20.1.el5debug
1.4.10-1.el5
ocfs2-2.6.18-308.20.1.el5xen
1.4.10-1.el5
oracleasm-2.6.18-308.20.1.el5
2.0.5-1.el5
oracleasm-2.6.18-308.20.1.el5debug
2.0.5-1.el5
oracleasm-2.6.18-308.20.1.el5xen
2.0.5-1.el5
Oracle Linux i386
kernel
2.6.18-308.20.1.el5
kernel-PAE
2.6.18-308.20.1.el5
kernel-PAE-devel
2.6.18-308.20.1.el5
kernel-debug
2.6.18-308.20.1.el5
kernel-debug-devel
2.6.18-308.20.1.el5
kernel-devel
2.6.18-308.20.1.el5
kernel-doc
2.6.18-308.20.1.el5
kernel-headers
2.6.18-308.20.1.el5
kernel-xen
2.6.18-308.20.1.el5
kernel-xen-devel
2.6.18-308.20.1.el5
ocfs2-2.6.18-308.20.1.el5
1.4.10-1.el5
ocfs2-2.6.18-308.20.1.el5PAE
1.4.10-1.el5
ocfs2-2.6.18-308.20.1.el5debug
1.4.10-1.el5
ocfs2-2.6.18-308.20.1.el5xen
1.4.10-1.el5
oracleasm-2.6.18-308.20.1.el5
2.0.5-1.el5
oracleasm-2.6.18-308.20.1.el5PAE
2.0.5-1.el5
oracleasm-2.6.18-308.20.1.el5debug
2.0.5-1.el5
oracleasm-2.6.18-308.20.1.el5xen
2.0.5-1.el5
Связанные CVE
Связанные уязвимости
The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted remote attackers to trigger inconsistent filesystem-groups data and possibly cause a denial of service via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value). NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4307.
The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted remote attackers to trigger inconsistent filesystem-groups data and possibly cause a denial of service via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value). NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4307.
The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted remote attackers to trigger inconsistent filesystem-groups data and possibly cause a denial of service via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value). NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4307.
The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kerne ...
The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted remote attackers to trigger inconsistent filesystem-groups data and possibly cause a denial of service via a malformed ext4 filesystem containing a super block with a large FLEX_BG group size (aka s_log_groups_per_flex value). NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-4307.