Описание
ELSA-2013-2543: unbreakable enterprise kernel security update (IMPORTANT)
[2.6.39-400.109.6]
- block: do not pass disk names as format strings (Kees Cook) [Orabug: 17230083] {CVE-2013-2851}
- libceph: Fix NULL pointer dereference in auth client code (Tyler Hicks) [Orabug: 17230108] {CVE-2013-1059}
- ipv6: ip6_sk_dst_check() must not assume ipv6 dst (Eric Dumazet) [Orabug: 17371078] {CVE-2013-2232}
- af_key: initialize satype in key_notify_policy_flush() (Nicolas Dichtel) [Orabug: 17370788] {CVE-2013-2237}
- Bluetooth: HCI - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17370892] {CVE-2012-6544}
- Bluetooth: L2CAP - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17371050] {CVE-2012-6544}
- Bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER) (Mathias Krause) [Orabug: 17371065] {CVE-2012-6544}
- sctp: Use correct sideffect command in duplicate cookie handling (Vlad Yasevich) [Orabug: 17371118] {CVE-2013-2206}
- sctp: deal with multiple COOKIE_ECHO chunks (Max Matveev) [Orabug: 17372121] {CVE-2013-2206}
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.39-400.109.6.el5uek
kernel-uek-debug
2.6.39-400.109.6.el5uek
kernel-uek-debug-devel
2.6.39-400.109.6.el5uek
kernel-uek-devel
2.6.39-400.109.6.el5uek
kernel-uek-doc
2.6.39-400.109.6.el5uek
kernel-uek-firmware
2.6.39-400.109.6.el5uek
Oracle Linux i386
kernel-uek
2.6.39-400.109.6.el5uek
kernel-uek-debug
2.6.39-400.109.6.el5uek
kernel-uek-debug-devel
2.6.39-400.109.6.el5uek
kernel-uek-devel
2.6.39-400.109.6.el5uek
kernel-uek-doc
2.6.39-400.109.6.el5uek
kernel-uek-firmware
2.6.39-400.109.6.el5uek
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.39-400.109.6.el6uek
kernel-uek-debug
2.6.39-400.109.6.el6uek
kernel-uek-debug-devel
2.6.39-400.109.6.el6uek
kernel-uek-devel
2.6.39-400.109.6.el6uek
kernel-uek-doc
2.6.39-400.109.6.el6uek
kernel-uek-firmware
2.6.39-400.109.6.el6uek
Oracle Linux i686
kernel-uek
2.6.39-400.109.6.el6uek
kernel-uek-debug
2.6.39-400.109.6.el6uek
kernel-uek-debug-devel
2.6.39-400.109.6.el6uek
kernel-uek-devel
2.6.39-400.109.6.el6uek
kernel-uek-doc
2.6.39-400.109.6.el6uek
kernel-uek-firmware
2.6.39-400.109.6.el6uek
Ссылки на источники
Связанные уязвимости
ELSA-2013-2542: unbreakable enterprise kernel security update (IMPORTANT)
ELSA-2013-1173: kernel security and bug fix update (IMPORTANT)
The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation.
The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation.
The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation.