Описание
ELSA-2015-3014: Unbreakable Enterprise kernel security update (IMPORTANT)
[2.6.39-400.248.3]
- kvm: fix excessive pages un-pinning in kvm_iommu_map error path. (Quentin Casasnovas) [Orabug: 20687314] {CVE-2014-3601} {CVE-2014-8369} {CVE-2014-3601}
- Revert 'mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support' (Guangyu Sun) [Orabug: 20673281] {CVE-2014-8173}
[2.6.39-400.248.2]
- netfilter: conntrack: disable generic tracking for known protocols (Florian Westphal) [Orabug: 20679630] {CVE-2014-8160}
- mac80211: fix fragmentation code, particularly for encryption (Johannes Berg) [Orabug: 20673313] {CVE-2014-8709}
- mm: Fix NULL pointer dereference in madvise(MADV_WILLNEED) support (Kirill A. Shutemov) [Orabug: 20673282] {CVE-2014-8173}
- tracing/syscalls: Ignore numbers outside NR_syscalls' range (Rabin Vincent) [Orabug: 20673164] {CVE-2014-7825} {CVE-2014-7826}
- tracing/syscalls: Fix perf syscall tracing when syscall_nr == -1 (Will Deacon) [Orabug: 20673164] {CVE-2014-7825} {CVE-2014-7826}
[2.6.39-400.248.1]
- NVMe: Disable pci before clearing queue (Keith Busch) [Orabug: 20533100]
- x86, fpu: disable eagerfpu by default (Santosh Shilimkar) [Orabug: 20521543]
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.39-400.248.3.el5uek
kernel-uek-debug
2.6.39-400.248.3.el5uek
kernel-uek-debug-devel
2.6.39-400.248.3.el5uek
kernel-uek-devel
2.6.39-400.248.3.el5uek
kernel-uek-doc
2.6.39-400.248.3.el5uek
kernel-uek-firmware
2.6.39-400.248.3.el5uek
Oracle Linux i386
kernel-uek
2.6.39-400.248.3.el5uek
kernel-uek-debug
2.6.39-400.248.3.el5uek
kernel-uek-debug-devel
2.6.39-400.248.3.el5uek
kernel-uek-devel
2.6.39-400.248.3.el5uek
kernel-uek-doc
2.6.39-400.248.3.el5uek
kernel-uek-firmware
2.6.39-400.248.3.el5uek
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.39-400.248.3.el6uek
kernel-uek-debug
2.6.39-400.248.3.el6uek
kernel-uek-debug-devel
2.6.39-400.248.3.el6uek
kernel-uek-devel
2.6.39-400.248.3.el6uek
kernel-uek-doc
2.6.39-400.248.3.el6uek
kernel-uek-firmware
2.6.39-400.248.3.el6uek
Oracle Linux i686
kernel-uek
2.6.39-400.248.3.el6uek
kernel-uek-debug
2.6.39-400.248.3.el6uek
kernel-uek-debug-devel
2.6.39-400.248.3.el6uek
kernel-uek-devel
2.6.39-400.248.3.el6uek
kernel-uek-doc
2.6.39-400.248.3.el6uek
kernel-uek-firmware
2.6.39-400.248.3.el6uek
Ссылки на источники
Связанные уязвимости
ELSA-2015-3015: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2015-0290: kernel security, bug fix, and enhancement update (IMPORTANT)
ELSA-2015-3013: Unbreakable Enterprise kernel security update (IMPORTANT)
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application.
kernel/trace/trace_syscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via a crafted application.