Описание
ELSA-2014-3086: Unbreakable Enterprise kernel security update (IMPORTANT)
kernel-uek [2.6.32-400.36.10uek]
- USB: whiteheat: Added bounds checking for bulk command response (James Forshaw) [Orabug: 19849336] {CVE-2014-3185}
- HID: fix a couple of off-by-ones (Jiri Kosina) [Orabug: 19849320] {CVE-2014-3181} logging macros to functions (Joe Perches) [Orabug: 19847630] {CVE-2014-3535} logging macros to functions (Joe Perches) [Orabug: 19847630]
- vsprintf: Recursive vsnprintf: Add '%pV', struct va_format (Joe Perches) [Orabug: 19847630]
- KVM: x86: Improve thread safety in pit (Andy Honig) [Orabug: 19905688] {CVE-2014-3611}
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.32-400.36.10.el5uek
kernel-uek-debug
2.6.32-400.36.10.el5uek
kernel-uek-debug-devel
2.6.32-400.36.10.el5uek
kernel-uek-devel
2.6.32-400.36.10.el5uek
kernel-uek-doc
2.6.32-400.36.10.el5uek
kernel-uek-firmware
2.6.32-400.36.10.el5uek
kernel-uek-headers
2.6.32-400.36.10.el5uek
mlnx_en-2.6.32-400.36.10.el5uek
1.5.7-2
mlnx_en-2.6.32-400.36.10.el5uekdebug
1.5.7-2
ofa-2.6.32-400.36.10.el5uek
1.5.1-4.0.58
ofa-2.6.32-400.36.10.el5uekdebug
1.5.1-4.0.58
Oracle Linux i386
kernel-uek
2.6.32-400.36.10.el5uek
kernel-uek-debug
2.6.32-400.36.10.el5uek
kernel-uek-debug-devel
2.6.32-400.36.10.el5uek
kernel-uek-devel
2.6.32-400.36.10.el5uek
kernel-uek-doc
2.6.32-400.36.10.el5uek
kernel-uek-firmware
2.6.32-400.36.10.el5uek
kernel-uek-headers
2.6.32-400.36.10.el5uek
mlnx_en-2.6.32-400.36.10.el5uek
1.5.7-2
mlnx_en-2.6.32-400.36.10.el5uekdebug
1.5.7-2
ofa-2.6.32-400.36.10.el5uek
1.5.1-4.0.58
ofa-2.6.32-400.36.10.el5uekdebug
1.5.1-4.0.58
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.32-400.36.10.el6uek
kernel-uek-debug
2.6.32-400.36.10.el6uek
kernel-uek-debug-devel
2.6.32-400.36.10.el6uek
kernel-uek-devel
2.6.32-400.36.10.el6uek
kernel-uek-doc
2.6.32-400.36.10.el6uek
kernel-uek-firmware
2.6.32-400.36.10.el6uek
kernel-uek-headers
2.6.32-400.36.10.el6uek
mlnx_en-2.6.32-400.36.10.el6uek
1.5.7-0.1
mlnx_en-2.6.32-400.36.10.el6uekdebug
1.5.7-0.1
ofa-2.6.32-400.36.10.el6uek
1.5.1-4.0.58
ofa-2.6.32-400.36.10.el6uekdebug
1.5.1-4.0.58
Oracle Linux i686
kernel-uek
2.6.32-400.36.10.el6uek
kernel-uek-debug
2.6.32-400.36.10.el6uek
kernel-uek-debug-devel
2.6.32-400.36.10.el6uek
kernel-uek-devel
2.6.32-400.36.10.el6uek
kernel-uek-doc
2.6.32-400.36.10.el6uek
kernel-uek-firmware
2.6.32-400.36.10.el6uek
kernel-uek-headers
2.6.32-400.36.10.el6uek
mlnx_en-2.6.32-400.36.10.el6uek
1.5.7-0.1
mlnx_en-2.6.32-400.36.10.el6uekdebug
1.5.7-0.1
ofa-2.6.32-400.36.10.el6uek
1.5.1-4.0.58
ofa-2.6.32-400.36.10.el6uekdebug
1.5.1-4.0.58
Связанные CVE
Связанные уязвимости
ELSA-2014-3085: Unbreakable Enterprise kernel Security update (IMPORTANT)
ELSA-2014-3084: Unbreakable Enterprise kernel Security update (IMPORTANT)
ELSA-2014-1843: kernel security and bug fix update (IMPORTANT)
Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response.
Multiple buffer overflows in the command_port_read_callback function in drivers/usb/serial/whiteheat.c in the Whiteheat USB Serial Driver in the Linux kernel before 3.16.2 allow physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via a crafted device that provides a large amount of (1) EHCI or (2) XHCI data associated with a bulk response.