Описание
ELSA-2015-3036: Unbreakable Enterprise kernel security and bugfix update (IMPORTANT)
[2.6.39-400.250.2]
- crypto: aesni - fix memory usage in GCM decryption (Stephan Mueller) [Orabug: 21077389] {CVE-2015-3331}
[2.6.39-400.250.1]
- xen/pciback: Don't disable PCI_COMMAND on PCI device reset. (Konrad Rzeszutek Wilk) [Orabug: 20807440] {CVE-2015-2150}
- xen-blkfront: fix accounting of reqs when migrating (Roger Pau Monne) [Orabug: 20727114]
- Revert 'qla2xxx: Ramp down queue depth for attached SCSI devices when driver resources are low.' (Chad Dupuis) [Orabug: 20657415]
- x86/xen: allow privcmd hypercalls to be preempted (David Vrabel) [Orabug: 20618759]
- sched: Expose preempt_schedule_irq() (Thomas Gleixner) [Orabug: 20618759]
- isofs: Fix unchecked printing of ER records (Jan Kara) [Orabug: 20930552] {CVE-2014-9584}
- selinux: Permit bounded transitions under NO_NEW_PRIVS or NOSUID. (Stephen Smalley) [Orabug: 20930502] {CVE-2014-3215}
- Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs (Andy Lutomirski) [Orabug: 20930518] {CVE-2014-3215}
- IB/core: Prevent integer overflow in ib_umem_get address arithmetic (Shachar Raindel) [Orabug: 20788393] {CVE-2014-8159} {CVE-2014-8159}
- xen-pciback: limit guest control of command register (Jan Beulich) [Orabug: 20704156] {CVE-2015-2150} {CVE-2015-2150}
- net: sctp: fix slab corruption from use after free on INIT collisions (Daniel Borkmann) [Orabug: 20780348] {CVE-2015-1421}
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.39-400.250.2.el5uek
kernel-uek-debug
2.6.39-400.250.2.el5uek
kernel-uek-debug-devel
2.6.39-400.250.2.el5uek
kernel-uek-devel
2.6.39-400.250.2.el5uek
kernel-uek-doc
2.6.39-400.250.2.el5uek
kernel-uek-firmware
2.6.39-400.250.2.el5uek
Oracle Linux i386
kernel-uek
2.6.39-400.250.2.el5uek
kernel-uek-debug
2.6.39-400.250.2.el5uek
kernel-uek-debug-devel
2.6.39-400.250.2.el5uek
kernel-uek-devel
2.6.39-400.250.2.el5uek
kernel-uek-doc
2.6.39-400.250.2.el5uek
kernel-uek-firmware
2.6.39-400.250.2.el5uek
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.39-400.250.2.el6uek
kernel-uek-debug
2.6.39-400.250.2.el6uek
kernel-uek-debug-devel
2.6.39-400.250.2.el6uek
kernel-uek-devel
2.6.39-400.250.2.el6uek
kernel-uek-doc
2.6.39-400.250.2.el6uek
kernel-uek-firmware
2.6.39-400.250.2.el6uek
Oracle Linux i686
kernel-uek
2.6.39-400.250.2.el6uek
kernel-uek-debug
2.6.39-400.250.2.el6uek
kernel-uek-debug-devel
2.6.39-400.250.2.el6uek
kernel-uek-devel
2.6.39-400.250.2.el6uek
kernel-uek-doc
2.6.39-400.250.2.el6uek
kernel-uek-firmware
2.6.39-400.250.2.el6uek
Связанные CVE
Связанные уязвимости
ELSA-2015-3035: Unbreakable Enterprise kernel security and bugfix update (IMPORTANT)
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not pro ...