Описание
ELSA-2014-3103: Unbreakable Enterprise kernel security update (IMPORTANT)
kernel-uek [3.8.13-55.1.1]
- ALSA: control: Protect user controls against concurrent access (Lars-Peter Clausen) [Orabug: 20192540] {CVE-2014-4652}
- target/rd: Refactor rd_build_device_space + rd_release_device_space (Nicholas Bellinger) [Orabug: 20192516] {CVE-2014-4027}
- HID: logitech: perform bounds checking on device_id early enough (Jiri Kosina) [Orabug: 20192477] {CVE-2014-3182}
- udf: Avoid infinite loop when processing indirect ICBs (Jan Kara) [Orabug: 20192448] {CVE-2014-6410}
- ALSA: control: Make sure that id->index does not overflow (Lars-Peter Clausen) [Orabug: 20192416] {CVE-2014-4656}
- ALSA: control: Handle numid overflow (Lars-Peter Clausen) [Orabug: 20192367] {CVE-2014-4656}
- HID: picolcd: sanity check report size in raw_event() callback (Jiri Kosina) [Orabug: 20192208] {CVE-2014-3186}
- net: sctp: fix remote memory pressure from excessive queueing (Daniel Borkmann) [Orabug: 20192058] {CVE-2014-3688}
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
dtrace-modules-3.8.13-55.1.1.el6uek
0.4.3-4.el6
kernel-uek
3.8.13-55.1.1.el6uek
kernel-uek-debug
3.8.13-55.1.1.el6uek
kernel-uek-debug-devel
3.8.13-55.1.1.el6uek
kernel-uek-devel
3.8.13-55.1.1.el6uek
kernel-uek-doc
3.8.13-55.1.1.el6uek
kernel-uek-firmware
3.8.13-55.1.1.el6uek
Oracle Linux 7
Oracle Linux x86_64
dtrace-modules-3.8.13-55.1.1.el7uek
0.4.3-4.el7
kernel-uek
3.8.13-55.1.1.el7uek
kernel-uek-debug
3.8.13-55.1.1.el7uek
kernel-uek-debug-devel
3.8.13-55.1.1.el7uek
kernel-uek-devel
3.8.13-55.1.1.el7uek
kernel-uek-doc
3.8.13-55.1.1.el7uek
kernel-uek-firmware
3.8.13-55.1.1.el7uek
Ссылки на источники
Связанные уязвимости
ELSA-2014-3104: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2014-1971: kernel security and bug fix update (IMPORTANT)
ELSA-2014-3105: Unbreakable Enterprise kernel security update (IMPORTANT)
Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that sends a large report.
Buffer overflow in the picolcd_raw_event function in devices/hid/hid-picolcd_core.c in the PicoLCD HID device driver in the Linux kernel through 3.16.3, as used in Android on Nexus 7 devices, allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted device that sends a large report.