Описание
ELSA-2015-3042: Unbreakable Enterprise kernel security update (IMPORTANT)
[2.6.39-400.250.5]
- x86_64, vdso: Fix the vdso address randomization algorithm (Andy Lutomirski) [Orabug: 21226730] {CVE-2014-9585}
- isofs: Fix infinite looping over CE entries (Jan Kara) [Orabug: 21225976] {CVE-2014-9420}
- x86_64, switch_to(): Load TLS descriptors before switching DS and ES (Andy Lutomirski) [Orabug: 21225938] {CVE-2014-9419}
[2.6.39-400.250.4]
- IB/ipoib: Disable TSO in connected mode (Yuval Shaia) [Orabug: 20637991]
[2.6.39-400.250.3]
- af_unix: dont send SCM_CREDENTIALS by default (Eric Dumazet) [Orabug: 20604916]
- scm: Capture the full credentials of the scm sender (Tim Chen) [Orabug: 20604916]
- af_unix: limit recursion level (Eric Dumazet) [Orabug: 20604916]
- af_unix: Allow credentials to work across user and pid namespaces. (Eric W. Biederman) [Orabug: 20604916]
- scm: Capture the full credentials of the scm sender. (Eric W. Biederman) [Orabug: 20604916]
- BUG_ON(lockres->l_level != DLM_LOCK_EX && !checkpointed) tripped in ocfs2_ci_checkpointed (Tariq Saeed) [Orabug: 20189959]
- sched: Prevent divide by zero when cpu power calculation is 0 (Todd Vierling) [Orabug: 17936435]
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.39-400.250.5.el5uek
kernel-uek-debug
2.6.39-400.250.5.el5uek
kernel-uek-debug-devel
2.6.39-400.250.5.el5uek
kernel-uek-devel
2.6.39-400.250.5.el5uek
kernel-uek-doc
2.6.39-400.250.5.el5uek
kernel-uek-firmware
2.6.39-400.250.5.el5uek
Oracle Linux i386
kernel-uek
2.6.39-400.250.5.el5uek
kernel-uek-debug
2.6.39-400.250.5.el5uek
kernel-uek-debug-devel
2.6.39-400.250.5.el5uek
kernel-uek-devel
2.6.39-400.250.5.el5uek
kernel-uek-doc
2.6.39-400.250.5.el5uek
kernel-uek-firmware
2.6.39-400.250.5.el5uek
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.39-400.250.5.el6uek
kernel-uek-debug
2.6.39-400.250.5.el6uek
kernel-uek-debug-devel
2.6.39-400.250.5.el6uek
kernel-uek-devel
2.6.39-400.250.5.el6uek
kernel-uek-doc
2.6.39-400.250.5.el6uek
kernel-uek-firmware
2.6.39-400.250.5.el6uek
Oracle Linux i686
kernel-uek
2.6.39-400.250.5.el6uek
kernel-uek-debug
2.6.39-400.250.5.el6uek
kernel-uek-debug-devel
2.6.39-400.250.5.el6uek
kernel-uek-devel
2.6.39-400.250.5.el6uek
kernel-uek-doc
2.6.39-400.250.5.el6uek
kernel-uek-firmware
2.6.39-400.250.5.el6uek
Связанные CVE
Связанные уязвимости
ELSA-2015-3043: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2015-3041: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2015-1081: kernel security, bug fix, and enhancement update (IMPORTANT)
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.
The vdso_addr function in arch/x86/vdso/vma.c in the Linux kernel through 3.18.2 does not properly choose memory locations for the vDSO area, which makes it easier for local users to bypass the ASLR protection mechanism by guessing a location at the end of a PMD.