Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2014-3053

Опубликовано: 29 июл. 2014
Источник: oracle-oval
Платформа: Oracle Linux 5
Платформа: Oracle Linux 6

Описание

ELSA-2014-3053: unbreakable enterprise kernel security update (IMPORTANT)

[2.6.39-400.215.6]

  • filter: prevent nla extensions to peek beyond the end of the message (Mathias Krause) [Orabug: 19315782] {CVE-2014-3144} {CVE-2014-3145}

[2.6.39-400.215.5]

  • n_tty: Fix n_tty_write crash when echoing in raw mode (Peter Hurley) [Orabug: 18756449] {CVE-2014-0196} {CVE-2014-0196}

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

kernel-uek

2.6.39-400.215.6.el5uek

kernel-uek-debug

2.6.39-400.215.6.el5uek

kernel-uek-debug-devel

2.6.39-400.215.6.el5uek

kernel-uek-devel

2.6.39-400.215.6.el5uek

kernel-uek-doc

2.6.39-400.215.6.el5uek

kernel-uek-firmware

2.6.39-400.215.6.el5uek

Oracle Linux i386

kernel-uek

2.6.39-400.215.6.el5uek

kernel-uek-debug

2.6.39-400.215.6.el5uek

kernel-uek-debug-devel

2.6.39-400.215.6.el5uek

kernel-uek-devel

2.6.39-400.215.6.el5uek

kernel-uek-doc

2.6.39-400.215.6.el5uek

kernel-uek-firmware

2.6.39-400.215.6.el5uek

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

2.6.39-400.215.6.el6uek

kernel-uek-debug

2.6.39-400.215.6.el6uek

kernel-uek-debug-devel

2.6.39-400.215.6.el6uek

kernel-uek-devel

2.6.39-400.215.6.el6uek

kernel-uek-doc

2.6.39-400.215.6.el6uek

kernel-uek-firmware

2.6.39-400.215.6.el6uek

Oracle Linux i686

kernel-uek

2.6.39-400.215.6.el6uek

kernel-uek-debug

2.6.39-400.215.6.el6uek

kernel-uek-debug-devel

2.6.39-400.215.6.el6uek

kernel-uek-devel

2.6.39-400.215.6.el6uek

kernel-uek-doc

2.6.39-400.215.6.el6uek

kernel-uek-firmware

2.6.39-400.215.6.el6uek

Связанные CVE

CVE-2014-3145
CVE-2014-3144
CVE-2014-0196

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2014-3054

oracle-oval
почти 11 лет назад

ELSA-2014-3054: unbreakable enterprise kernel security update (IMPORTANT)

fstec логотип

BDU:2014-00064

fstec
около 11 лет назад

Уязвимость операционной системы Linux, позволяющая злоумышленнику вызвать отказ в обслуживании

oracle-oval логотип

ELSA-2014-3052

oracle-oval
почти 11 лет назад

ELSA-2014-3052: unbreakable enterprise kernel security update (IMPORTANT)

ubuntu логотип

CVE-2014-3145

ubuntu
около 11 лет назад

The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced.

redhat логотип

CVE-2014-3145

redhat
около 11 лет назад

The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced.