Описание
ELSA-2014-3054: unbreakable enterprise kernel security update (IMPORTANT)
kernel-uek [2.6.32-400.36.6uek]
- filter: prevent nla extensions to peek beyond the end of the message (Mathias Krause) [Orabug: 19315783] {CVE-2014-3144} {CVE-2014-3145}
- futex: Forbid uaddr == uaddr2 in futex_wait_requeue_pi() (Darren Hart) [Orabug: 19315318] {CVE-2012-6647}
[2.6.32-400.36.5uek]
- n_tty: Fix n_tty_write crash when echoing in raw mode (Peter Hurley) [Orabug: 18756450] {CVE-2014-0196} {CVE-2014-0196}
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.32-400.36.6.el5uek
kernel-uek-debug
2.6.32-400.36.6.el5uek
kernel-uek-debug-devel
2.6.32-400.36.6.el5uek
kernel-uek-devel
2.6.32-400.36.6.el5uek
kernel-uek-doc
2.6.32-400.36.6.el5uek
kernel-uek-firmware
2.6.32-400.36.6.el5uek
kernel-uek-headers
2.6.32-400.36.6.el5uek
mlnx_en-2.6.32-400.36.6.el5uek
1.5.7-2
mlnx_en-2.6.32-400.36.6.el5uekdebug
1.5.7-2
ofa-2.6.32-400.36.6.el5uek
1.5.1-4.0.58
ofa-2.6.32-400.36.6.el5uekdebug
1.5.1-4.0.58
Oracle Linux i386
kernel-uek
2.6.32-400.36.6.el5uek
kernel-uek-debug
2.6.32-400.36.6.el5uek
kernel-uek-debug-devel
2.6.32-400.36.6.el5uek
kernel-uek-devel
2.6.32-400.36.6.el5uek
kernel-uek-doc
2.6.32-400.36.6.el5uek
kernel-uek-firmware
2.6.32-400.36.6.el5uek
kernel-uek-headers
2.6.32-400.36.6.el5uek
mlnx_en-2.6.32-400.36.6.el5uek
1.5.7-2
mlnx_en-2.6.32-400.36.6.el5uekdebug
1.5.7-2
ofa-2.6.32-400.36.6.el5uek
1.5.1-4.0.58
ofa-2.6.32-400.36.6.el5uekdebug
1.5.1-4.0.58
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.32-400.36.6.el6uek
kernel-uek-debug
2.6.32-400.36.6.el6uek
kernel-uek-debug-devel
2.6.32-400.36.6.el6uek
kernel-uek-devel
2.6.32-400.36.6.el6uek
kernel-uek-doc
2.6.32-400.36.6.el6uek
kernel-uek-firmware
2.6.32-400.36.6.el6uek
kernel-uek-headers
2.6.32-400.36.6.el6uek
mlnx_en-2.6.32-400.36.6.el6uek
1.5.7-0.1
mlnx_en-2.6.32-400.36.6.el6uekdebug
1.5.7-0.1
ofa-2.6.32-400.36.6.el6uek
1.5.1-4.0.58
ofa-2.6.32-400.36.6.el6uekdebug
1.5.1-4.0.58
Oracle Linux i686
kernel-uek
2.6.32-400.36.6.el6uek
kernel-uek-debug
2.6.32-400.36.6.el6uek
kernel-uek-debug-devel
2.6.32-400.36.6.el6uek
kernel-uek-devel
2.6.32-400.36.6.el6uek
kernel-uek-doc
2.6.32-400.36.6.el6uek
kernel-uek-firmware
2.6.32-400.36.6.el6uek
kernel-uek-headers
2.6.32-400.36.6.el6uek
mlnx_en-2.6.32-400.36.6.el6uek
1.5.7-0.1
mlnx_en-2.6.32-400.36.6.el6uekdebug
1.5.7-0.1
ofa-2.6.32-400.36.6.el6uek
1.5.1-4.0.58
ofa-2.6.32-400.36.6.el6uekdebug
1.5.1-4.0.58
Связанные CVE
Связанные уязвимости
ELSA-2014-3053: unbreakable enterprise kernel security update (IMPORTANT)
ELSA-2014-0981: kernel security, bug fix, and enhancement update (IMPORTANT)
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.
The n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings.