Описание
ELSA-2015-3004: Unbreakable Enterprise kernel security and bugfix update (IMPORTANT)
[2.6.39-400.246.2]
- net: sctp: fix NULL pointer dereference in af->from_addr_param on malformed packet (Daniel Borkmann) [Orabug: 20425333] {CVE-2014-7841}
[2.6.39-400.246.1]
- sched: Fix possible divide by zero in avg_atom() calculation (Mateusz Guzik) [Orabug: 20148169]
- include/linux/math64.h: add div64_ul() (Alex Shi)
- deadlock when two nodes are converting same lock from PR to EX and idletimeout closes conn (Tariq Saeed) [Orabug: 18639535]
- bonding: Bond master should reflect slave's features. (Ashish Samant) [Orabug: 20231825]
- x86, fpu: remove the logic of non-eager fpu mem allocation at the first usage (Annie Li) [Orabug: 20239143]
- x86, fpu: remove cpu_has_xmm check in the fx_finit() (Suresh Siddha) [Orabug: 20239143]
- x86, fpu: make eagerfpu= boot param tri-state (Suresh Siddha) [Orabug: 20239143]
- x86, fpu: enable eagerfpu by default for xsaveopt (Suresh Siddha) [Orabug: 20239143]
- x86, fpu: decouple non-lazy/eager fpu restore from xsave (Suresh Siddha) [Orabug: 20239143]
- x86, fpu: use non-lazy fpu restore for processors supporting xsave (Suresh Siddha) [Orabug: 20239143]
- lguest, x86: handle guest TS bit for lazy/non-lazy fpu host models (Suresh Siddha) [Orabug: 20239143]
- x86, fpu: always use kernel_fpu_begin/end() for in-kernel FPU usage (Suresh Siddha) [Orabug: 20239143]
- x86, kvm: use kernel_fpu_begin/end() in kvm_load/put_guest_fpu() (Suresh Siddha) [Orabug: 20239143]
- x86, fpu: remove unnecessary user_fpu_end() in save_xstate_sig() (Suresh Siddha) [Orabug: 20239143]
- raid5: add AVX optimized RAID5 checksumming (Jim Kukunas) [Orabug: 20239143]
- x86, fpu: drop the fpu state during thread exit (Suresh Siddha) [Orabug: 20239143]
- x32: Add a thread flag for x32 processes (H. Peter Anvin) [Orabug: 20239143]
- x86, fpu: Unify signal handling code paths for x86 and x86_64 kernels (Suresh Siddha) [Orabug: 20239143]
- x86, fpu: Consolidate inline asm routines for saving/restoring fpu state (Suresh Siddha) [Orabug: 20239143]
- x86, signal: Cleanup ifdefs and is_ia32, is_x32 (Suresh Siddha) [Orabug: 20239143] into exported and internal interfaces (Linus Torvalds) [Orabug: 20239143]
- i387: Uninline the generic FP helpers that we expose to kernel modules (Linus Torvalds) [Orabug: 20239143]
- i387: use 'restore_fpu_checking()' directly in task switching code (Linus Torvalds) [Orabug: 20239143]
- i387: fix up some fpu_counter confusion (Linus Torvalds) [Orabug: 20239143]
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.39-400.246.2.el5uek
kernel-uek-debug
2.6.39-400.246.2.el5uek
kernel-uek-debug-devel
2.6.39-400.246.2.el5uek
kernel-uek-devel
2.6.39-400.246.2.el5uek
kernel-uek-doc
2.6.39-400.246.2.el5uek
kernel-uek-firmware
2.6.39-400.246.2.el5uek
Oracle Linux i386
kernel-uek
2.6.39-400.246.2.el5uek
kernel-uek-debug
2.6.39-400.246.2.el5uek
kernel-uek-debug-devel
2.6.39-400.246.2.el5uek
kernel-uek-devel
2.6.39-400.246.2.el5uek
kernel-uek-doc
2.6.39-400.246.2.el5uek
kernel-uek-firmware
2.6.39-400.246.2.el5uek
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.39-400.246.2.el6uek
kernel-uek-debug
2.6.39-400.246.2.el6uek
kernel-uek-debug-devel
2.6.39-400.246.2.el6uek
kernel-uek-devel
2.6.39-400.246.2.el6uek
kernel-uek-doc
2.6.39-400.246.2.el6uek
kernel-uek-firmware
2.6.39-400.246.2.el6uek
Oracle Linux i686
kernel-uek
2.6.39-400.246.2.el6uek
kernel-uek-debug
2.6.39-400.246.2.el6uek
kernel-uek-debug-devel
2.6.39-400.246.2.el6uek
kernel-uek-devel
2.6.39-400.246.2.el6uek
kernel-uek-doc
2.6.39-400.246.2.el6uek
kernel-uek-firmware
2.6.39-400.246.2.el6uek
Связанные CVE
Связанные уязвимости
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCT ...
The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malformed INIT chunk.