Описание
ELSA-2015-3041: Unbreakable Enterprise kernel security update (IMPORTANT)
kernel-uek [3.8.13-68.3.2]
- x86_64, vdso: Fix the vdso address randomization algorithm (Andy Lutomirski) [Orabug: 21226729] {CVE-2014-9585}
- isofs: Fix infinite looping over CE entries (Jan Kara) [Orabug: 21225975] {CVE-2014-9420}
- x86_64, switch_to(): Load TLS descriptors before switching DS and ES (Andy Lutomirski) [Orabug: 21225937] {CVE-2014-9419}
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
dtrace-modules-3.8.13-68.3.2.el6uek
0.4.3-4.el6
kernel-uek
3.8.13-68.3.2.el6uek
kernel-uek-debug
3.8.13-68.3.2.el6uek
kernel-uek-debug-devel
3.8.13-68.3.2.el6uek
kernel-uek-devel
3.8.13-68.3.2.el6uek
kernel-uek-doc
3.8.13-68.3.2.el6uek
kernel-uek-firmware
3.8.13-68.3.2.el6uek
Oracle Linux 7
Oracle Linux x86_64
dtrace-modules-3.8.13-68.3.2.el7uek
0.4.3-4.el7
kernel-uek
3.8.13-68.3.2.el7uek
kernel-uek-debug
3.8.13-68.3.2.el7uek
kernel-uek-debug-devel
3.8.13-68.3.2.el7uek
kernel-uek-devel
3.8.13-68.3.2.el7uek
kernel-uek-doc
3.8.13-68.3.2.el7uek
kernel-uek-firmware
3.8.13-68.3.2.el7uek
Связанные CVE
Связанные уязвимости
ELSA-2015-3043: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2015-3042: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2015-1081: kernel security, bug fix, and enhancement update (IMPORTANT)
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.