Описание
ELSA-2012-1540: kernel security, bug fix, and enhancement update (IMPORTANT)
kernel [2.6.18-308.24.1.el5]
- Revert: [scsi] sg: fix races during device removal (Ewan Milne) [868950 861004]
[2.6.18-308.23.1.el5]
- [net] bnx2x: Add remote-fault link detection (Alexander Gordeev) [870120 796905]
- [net] bnx2x: Cosmetic changes (Alexander Gordeev) [870120 796905]
- [net] rds-ping cause kernel panic (Alexander Gordeev) [822755 822756] {CVE-2012-2372}
- [xen] add guest address range checks to XENMEM_exchange handlers (Igor Mammedov) [878033 878034] {CVE-2012-5513}
- [xen] x86/physmap: Prevent incorrect updates of m2p mappings (Igor Mammedov) [870148 870149] {CVE-2012-4537}
- [xen] VCPU/timer: Dos vulnerability prev overflow in calculations (Igor Mammedov) [870150 870151] {CVE-2012-4535}
- [scsi] sg: fix races during device removal (Ewan Milne) [868950 861004]
[2.6.18-308.22.1.el5]
- [net] bonding: fix link down handling in 802.3ad mode (Andy Gospodarek) [877943 782866]
[2.6.18-308.21.1.el5]
- [fs] ext4: race-cond protect for convert_unwritten_extents_endio (Lukas Czerner) [869910 869911] {CVE-2012-4508}
- [fs] ext4: serialize fallocate w/ ext4_convert_unwritten_extents (Lukas Czerner) [869910 869911] {CVE-2012-4508}
- [fs] ext4: flush the i_completed_io_list during ext4_truncate (Lukas Czerner) [869910 869911] {CVE-2012-4508}
- [net] WARN if struct ip_options was allocated directly by kmalloc (Jiri Pirko) [874973 872612]
- [net] ipv4: add RCU protection to inet->opt (Jiri Pirko) [872113 855302] {CVE-2012-3552}
- [scsi] qla2xx: Dont toggle inter bits after IRQ lines attached (Chad Dupuis) [870118 800708]
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
kernel
2.6.18-308.24.1.el5
kernel-debug
2.6.18-308.24.1.el5
kernel-debug-devel
2.6.18-308.24.1.el5
kernel-devel
2.6.18-308.24.1.el5
kernel-doc
2.6.18-308.24.1.el5
kernel-headers
2.6.18-308.24.1.el5
kernel-xen
2.6.18-308.24.1.el5
kernel-xen-devel
2.6.18-308.24.1.el5
ocfs2-2.6.18-308.24.1.el5
1.4.10-1.el5
ocfs2-2.6.18-308.24.1.el5debug
1.4.10-1.el5
ocfs2-2.6.18-308.24.1.el5xen
1.4.10-1.el5
oracleasm-2.6.18-308.24.1.el5
2.0.5-1.el5
oracleasm-2.6.18-308.24.1.el5debug
2.0.5-1.el5
oracleasm-2.6.18-308.24.1.el5xen
2.0.5-1.el5
Oracle Linux x86_64
kernel
2.6.18-308.24.1.el5
kernel-debug
2.6.18-308.24.1.el5
kernel-debug-devel
2.6.18-308.24.1.el5
kernel-devel
2.6.18-308.24.1.el5
kernel-doc
2.6.18-308.24.1.el5
kernel-headers
2.6.18-308.24.1.el5
kernel-xen
2.6.18-308.24.1.el5
kernel-xen-devel
2.6.18-308.24.1.el5
ocfs2-2.6.18-308.24.1.el5
1.4.10-1.el5
ocfs2-2.6.18-308.24.1.el5debug
1.4.10-1.el5
ocfs2-2.6.18-308.24.1.el5xen
1.4.10-1.el5
oracleasm-2.6.18-308.24.1.el5
2.0.5-1.el5
oracleasm-2.6.18-308.24.1.el5debug
2.0.5-1.el5
oracleasm-2.6.18-308.24.1.el5xen
2.0.5-1.el5
Oracle Linux i386
kernel
2.6.18-308.24.1.el5
kernel-PAE
2.6.18-308.24.1.el5
kernel-PAE-devel
2.6.18-308.24.1.el5
kernel-debug
2.6.18-308.24.1.el5
kernel-debug-devel
2.6.18-308.24.1.el5
kernel-devel
2.6.18-308.24.1.el5
kernel-doc
2.6.18-308.24.1.el5
kernel-headers
2.6.18-308.24.1.el5
kernel-xen
2.6.18-308.24.1.el5
kernel-xen-devel
2.6.18-308.24.1.el5
ocfs2-2.6.18-308.24.1.el5
1.4.10-1.el5
ocfs2-2.6.18-308.24.1.el5PAE
1.4.10-1.el5
ocfs2-2.6.18-308.24.1.el5debug
1.4.10-1.el5
ocfs2-2.6.18-308.24.1.el5xen
1.4.10-1.el5
oracleasm-2.6.18-308.24.1.el5
2.0.5-1.el5
oracleasm-2.6.18-308.24.1.el5PAE
2.0.5-1.el5
oracleasm-2.6.18-308.24.1.el5debug
2.0.5-1.el5
oracleasm-2.6.18-308.24.1.el5xen
2.0.5-1.el5
Ссылки на источники
Связанные уязвимости
ELSA-2012-1540-1: kernel security, bug fix, and enhancement update (IMPORTANT)
Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline."
Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline."
Xen 3.4 through 4.2, and possibly earlier versions, allows local guest OS administrators to cause a denial of service (Xen infinite loop and physical CPU consumption) by setting a VCPU with an "inappropriate deadline."
Xen 3.4 through 4.2, and possibly earlier versions, allows local guest ...