Описание
ELSA-2014-3010: Unbreakable Enterprise kernel security update (IMPORTANT)
[2.6.32-400.34.3]
- inet: fix addr_len/msg->msg_namelen assignment in recv_error and rxpmtu functions (Hannes Frederic Sowa) [18247290] {CVE-2013-7263} {CVE-2013-7265}
[2.6.32-400.34.2]
- exec/ptrace: fix get_dumpable() incorrect tests (Kees Cook) [18239033] {CVE-2013-2929} {CVE-2013-2929}
- inet: prevent leakage of uninitialized memory to user in recv syscalls (Hannes Frederic Sowa) [18239036] {CVE-2013-7263} {CVE-2013-7265}
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.32-400.34.3.el5uek
kernel-uek-debug
2.6.32-400.34.3.el5uek
kernel-uek-debug-devel
2.6.32-400.34.3.el5uek
kernel-uek-devel
2.6.32-400.34.3.el5uek
kernel-uek-doc
2.6.32-400.34.3.el5uek
kernel-uek-firmware
2.6.32-400.34.3.el5uek
kernel-uek-headers
2.6.32-400.34.3.el5uek
mlnx_en-2.6.32-400.34.3.el5uek
1.5.7-2
mlnx_en-2.6.32-400.34.3.el5uekdebug
1.5.7-2
ofa-2.6.32-400.34.3.el5uek
1.5.1-4.0.58
ofa-2.6.32-400.34.3.el5uekdebug
1.5.1-4.0.58
Oracle Linux i386
kernel-uek
2.6.32-400.34.3.el5uek
kernel-uek-debug
2.6.32-400.34.3.el5uek
kernel-uek-debug-devel
2.6.32-400.34.3.el5uek
kernel-uek-devel
2.6.32-400.34.3.el5uek
kernel-uek-doc
2.6.32-400.34.3.el5uek
kernel-uek-firmware
2.6.32-400.34.3.el5uek
kernel-uek-headers
2.6.32-400.34.3.el5uek
mlnx_en-2.6.32-400.34.3.el5uek
1.5.7-2
mlnx_en-2.6.32-400.34.3.el5uekdebug
1.5.7-2
ofa-2.6.32-400.34.3.el5uek
1.5.1-4.0.58
ofa-2.6.32-400.34.3.el5uekdebug
1.5.1-4.0.58
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.32-400.34.3.el6uek
kernel-uek-debug
2.6.32-400.34.3.el6uek
kernel-uek-debug-devel
2.6.32-400.34.3.el6uek
kernel-uek-devel
2.6.32-400.34.3.el6uek
kernel-uek-doc
2.6.32-400.34.3.el6uek
kernel-uek-firmware
2.6.32-400.34.3.el6uek
kernel-uek-headers
2.6.32-400.34.3.el6uek
mlnx_en-2.6.32-400.34.3.el6uek
1.5.7-0.1
mlnx_en-2.6.32-400.34.3.el6uekdebug
1.5.7-0.1
ofa-2.6.32-400.34.3.el6uek
1.5.1-4.0.58
ofa-2.6.32-400.34.3.el6uekdebug
1.5.1-4.0.58
Oracle Linux i686
kernel-uek
2.6.32-400.34.3.el6uek
kernel-uek-debug
2.6.32-400.34.3.el6uek
kernel-uek-debug-devel
2.6.32-400.34.3.el6uek
kernel-uek-devel
2.6.32-400.34.3.el6uek
kernel-uek-doc
2.6.32-400.34.3.el6uek
kernel-uek-firmware
2.6.32-400.34.3.el6uek
kernel-uek-headers
2.6.32-400.34.3.el6uek
mlnx_en-2.6.32-400.34.3.el6uek
1.5.7-0.1
mlnx_en-2.6.32-400.34.3.el6uekdebug
1.5.7-0.1
ofa-2.6.32-400.34.3.el6uek
1.5.1-4.0.58
ofa-2.6.32-400.34.3.el6uekdebug
1.5.1-4.0.58
Связанные CVE
Связанные уязвимости
ELSA-2014-3011: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2014-3009: unbreakable enterprise kernel security update (IMPORTANT)
ELSA-2014-0159: kernel security and bug fix update (IMPORTANT)
The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.
The pn_recvmsg function in net/phonet/datagram.c in the Linux kernel before 3.12.4 updates a certain length value before ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.