Описание
ELSA-2014-3108: Unbreakable Enterprise kernel security update (IMPORTANT)
kernel-uek [2.6.32-400.36.13uek]
- net: guard tcp_set_keepalive() to tcp sockets (Eric Dumazet) [Orabug: 20224099] {CVE-2012-6657}
- isofs: Fix unbounded recursion when processing relocated directories (Jan Kara) [Orabug: 20224061] {CVE-2014-5471} {CVE-2014-5472}
- x86_64, traps: Stop using IST for #SS (Andy Lutomirski) [Orabug: 20224029] {CVE-2014-9090} {CVE-2014-9322}
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.32-400.36.13.el5uek
kernel-uek-debug
2.6.32-400.36.13.el5uek
kernel-uek-debug-devel
2.6.32-400.36.13.el5uek
kernel-uek-devel
2.6.32-400.36.13.el5uek
kernel-uek-doc
2.6.32-400.36.13.el5uek
kernel-uek-firmware
2.6.32-400.36.13.el5uek
kernel-uek-headers
2.6.32-400.36.13.el5uek
mlnx_en-2.6.32-400.36.13.el5uek
1.5.7-2
mlnx_en-2.6.32-400.36.13.el5uekdebug
1.5.7-2
ofa-2.6.32-400.36.13.el5uek
1.5.1-4.0.58
ofa-2.6.32-400.36.13.el5uekdebug
1.5.1-4.0.58
Oracle Linux i386
kernel-uek
2.6.32-400.36.13.el5uek
kernel-uek-debug
2.6.32-400.36.13.el5uek
kernel-uek-debug-devel
2.6.32-400.36.13.el5uek
kernel-uek-devel
2.6.32-400.36.13.el5uek
kernel-uek-doc
2.6.32-400.36.13.el5uek
kernel-uek-firmware
2.6.32-400.36.13.el5uek
kernel-uek-headers
2.6.32-400.36.13.el5uek
mlnx_en-2.6.32-400.36.13.el5uek
1.5.7-2
mlnx_en-2.6.32-400.36.13.el5uekdebug
1.5.7-2
ofa-2.6.32-400.36.13.el5uek
1.5.1-4.0.58
ofa-2.6.32-400.36.13.el5uekdebug
1.5.1-4.0.58
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.32-400.36.13.el6uek
kernel-uek-debug
2.6.32-400.36.13.el6uek
kernel-uek-debug-devel
2.6.32-400.36.13.el6uek
kernel-uek-devel
2.6.32-400.36.13.el6uek
kernel-uek-doc
2.6.32-400.36.13.el6uek
kernel-uek-firmware
2.6.32-400.36.13.el6uek
kernel-uek-headers
2.6.32-400.36.13.el6uek
mlnx_en-2.6.32-400.36.13.el6uek
1.5.7-0.1
mlnx_en-2.6.32-400.36.13.el6uekdebug
1.5.7-0.1
ofa-2.6.32-400.36.13.el6uek
1.5.1-4.0.58
ofa-2.6.32-400.36.13.el6uekdebug
1.5.1-4.0.58
Oracle Linux i686
kernel-uek
2.6.32-400.36.13.el6uek
kernel-uek-debug
2.6.32-400.36.13.el6uek
kernel-uek-debug-devel
2.6.32-400.36.13.el6uek
kernel-uek-devel
2.6.32-400.36.13.el6uek
kernel-uek-doc
2.6.32-400.36.13.el6uek
kernel-uek-firmware
2.6.32-400.36.13.el6uek
kernel-uek-headers
2.6.32-400.36.13.el6uek
mlnx_en-2.6.32-400.36.13.el6uek
1.5.7-0.1
mlnx_en-2.6.32-400.36.13.el6uekdebug
1.5.7-0.1
ofa-2.6.32-400.36.13.el6uek
1.5.1-4.0.58
ofa-2.6.32-400.36.13.el6uekdebug
1.5.1-4.0.58
Ссылки на источники
Связанные уязвимости
ELSA-2014-3107: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2014-3106: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2014-1997: kernel security and bug fix update (IMPORTANT)
The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the linux-clock-tests test suite.
The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a modify_ldt system call, as demonstrated by sigreturn_32 in the linux-clock-tests test suite.