Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2015-3046

Опубликовано: 24 июн. 2015
Источник: oracle-oval
Платформа: Oracle Linux 5
Платформа: Oracle Linux 6

Описание

ELSA-2015-3046: Unbreakable Enterprise kernel security update (IMPORTANT)

[2.6.39-400.250.6]

  • x86/asm/entry/64: Remove a bogus 'ret_from_fork' optimization (Andy Lutomirski) [Orabug: 21308308] {CVE-2015-2830}
  • x86, mm/ASLR: Fix stack randomization on 64-bit systems (Hector Marco-Gisbert) [Orabug: 21307918] {CVE-2015-1593} {CVE-2015-1593}

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

kernel-uek

2.6.39-400.250.6.el5uek

kernel-uek-debug

2.6.39-400.250.6.el5uek

kernel-uek-debug-devel

2.6.39-400.250.6.el5uek

kernel-uek-devel

2.6.39-400.250.6.el5uek

kernel-uek-doc

2.6.39-400.250.6.el5uek

kernel-uek-firmware

2.6.39-400.250.6.el5uek

Oracle Linux i386

kernel-uek

2.6.39-400.250.6.el5uek

kernel-uek-debug

2.6.39-400.250.6.el5uek

kernel-uek-debug-devel

2.6.39-400.250.6.el5uek

kernel-uek-devel

2.6.39-400.250.6.el5uek

kernel-uek-doc

2.6.39-400.250.6.el5uek

kernel-uek-firmware

2.6.39-400.250.6.el5uek

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

2.6.39-400.250.6.el6uek

kernel-uek-debug

2.6.39-400.250.6.el6uek

kernel-uek-debug-devel

2.6.39-400.250.6.el6uek

kernel-uek-devel

2.6.39-400.250.6.el6uek

kernel-uek-doc

2.6.39-400.250.6.el6uek

kernel-uek-firmware

2.6.39-400.250.6.el6uek

Oracle Linux i686

kernel-uek

2.6.39-400.250.6.el6uek

kernel-uek-debug

2.6.39-400.250.6.el6uek

kernel-uek-debug-devel

2.6.39-400.250.6.el6uek

kernel-uek-devel

2.6.39-400.250.6.el6uek

kernel-uek-doc

2.6.39-400.250.6.el6uek

kernel-uek-firmware

2.6.39-400.250.6.el6uek

Связанные CVE

CVE-2015-1593
CVE-2015-2830

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2015-3047

oracle-oval
почти 10 лет назад

ELSA-2015-3047: Unbreakable Enterprise kernel security update (IMPORTANT)

oracle-oval логотип

ELSA-2015-3045

oracle-oval
почти 10 лет назад

ELSA-2015-3045: Unbreakable Enterprise kernel security update (IMPORTANT)

oracle-oval логотип

ELSA-2015-1221

oracle-oval
почти 10 лет назад

ELSA-2015-1221: kernel security, bug fix, and enhancement update (MODERATE)

oracle-oval логотип

ELSA-2015-1137

oracle-oval
почти 10 лет назад

ELSA-2015-1137: kernel security and bug fix update (IMPORTANT)

ubuntu логотип

CVE-2015-1593

ubuntu
больше 10 лет назад

The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c.