Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2015-3034

Опубликовано: 23 апр. 2015
Источник: oracle-oval
Платформа: Oracle Linux 5
Платформа: Oracle Linux 6

Описание

ELSA-2015-3034: Unbreakable Enterprise kernel security update (IMPORTANT)

kernel-uek [2.6.32-400.37.4]

  • isofs: Fix unchecked printing of ER records (Jan Kara) [Orabug: 20930553] {CVE-2014-9584}
  • selinux: Permit bounded transitions under NO_NEW_PRIVS or NOSUID. (Stephen Smalley) [Orabug: 20930502] {CVE-2014-3215}
  • Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs (Andy Lutomirski) [Orabug: 20930519] {CVE-2014-3215}

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

kernel-uek

2.6.32-400.37.4.el5uek

kernel-uek-debug

2.6.32-400.37.4.el5uek

kernel-uek-debug-devel

2.6.32-400.37.4.el5uek

kernel-uek-devel

2.6.32-400.37.4.el5uek

kernel-uek-doc

2.6.32-400.37.4.el5uek

kernel-uek-firmware

2.6.32-400.37.4.el5uek

mlnx_en-2.6.32-400.37.4.el5uek

1.5.7-2

mlnx_en-2.6.32-400.37.4.el5uekdebug

1.5.7-2

ofa-2.6.32-400.37.4.el5uek

1.5.1-4.0.58

ofa-2.6.32-400.37.4.el5uekdebug

1.5.1-4.0.58

Oracle Linux i386

kernel-uek

2.6.32-400.37.4.el5uek

kernel-uek-debug

2.6.32-400.37.4.el5uek

kernel-uek-debug-devel

2.6.32-400.37.4.el5uek

kernel-uek-devel

2.6.32-400.37.4.el5uek

kernel-uek-doc

2.6.32-400.37.4.el5uek

kernel-uek-firmware

2.6.32-400.37.4.el5uek

mlnx_en-2.6.32-400.37.4.el5uek

1.5.7-2

mlnx_en-2.6.32-400.37.4.el5uekdebug

1.5.7-2

ofa-2.6.32-400.37.4.el5uek

1.5.1-4.0.58

ofa-2.6.32-400.37.4.el5uekdebug

1.5.1-4.0.58

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

2.6.32-400.37.4.el6uek

kernel-uek-debug

2.6.32-400.37.4.el6uek

kernel-uek-debug-devel

2.6.32-400.37.4.el6uek

kernel-uek-devel

2.6.32-400.37.4.el6uek

kernel-uek-doc

2.6.32-400.37.4.el6uek

kernel-uek-firmware

2.6.32-400.37.4.el6uek

mlnx_en-2.6.32-400.37.4.el6uek

1.5.7-0.1

mlnx_en-2.6.32-400.37.4.el6uekdebug

1.5.7-0.1

ofa-2.6.32-400.37.4.el6uek

1.5.1-4.0.58

ofa-2.6.32-400.37.4.el6uekdebug

1.5.1-4.0.58

Oracle Linux i686

kernel-uek

2.6.32-400.37.4.el6uek

kernel-uek-debug

2.6.32-400.37.4.el6uek

kernel-uek-debug-devel

2.6.32-400.37.4.el6uek

kernel-uek-devel

2.6.32-400.37.4.el6uek

kernel-uek-doc

2.6.32-400.37.4.el6uek

kernel-uek-firmware

2.6.32-400.37.4.el6uek

mlnx_en-2.6.32-400.37.4.el6uek

1.5.7-0.1

mlnx_en-2.6.32-400.37.4.el6uekdebug

1.5.7-0.1

ofa-2.6.32-400.37.4.el6uek

1.5.1-4.0.58

ofa-2.6.32-400.37.4.el6uekdebug

1.5.1-4.0.58

Связанные CVE

CVE-2014-3215
CVE-2014-9584

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2015-3033

oracle-oval
около 10 лет назад

ELSA-2015-3033: Unbreakable Enterprise kernel security update (IMPORTANT)

oracle-oval логотип

ELSA-2015-3032

oracle-oval
около 10 лет назад

ELSA-2015-3032: Unbreakable Enterprise kernel security update (IMPORTANT)

oracle-oval логотип

ELSA-2015-0864

oracle-oval
около 10 лет назад

ELSA-2015-0864: kernel security and bug fix update (IMPORTANT)

ubuntu логотип

CVE-2014-3215

ubuntu
около 11 лет назад

seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.

redhat логотип

CVE-2014-3215

redhat
больше 12 лет назад

seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.