Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2015-3101

Опубликовано: 27 нояб. 2015
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELSA-2015-3101: Unbreakable Enterprise kernel security update (IMPORTANT)

kernel-uek [3.8.13-118.2.1]

  • ipc/sem.c: fully initialize sem_array before making it visible (Manfred Spraul) [Orabug: 22277382] {CVE-2015-7613}
  • ipc: fix msg newqueue add (Guru Anbalagane) [Orabug: 22277382] {CVE-2015-7613}

[3.8.13-118.1.1]

  • sctp: fix race on protocol/netns initialization (Marcelo Ricardo Leitner) [Orabug: 22249981] {CVE-2015-5283}
  • Initialize msg/shm IPC objects before doing ipc_addid() (Linus Torvalds) [Orabug: 22250045] {CVE-2015-7613}
  • ixgbe: reset copper phy power mode (Ethan Zhao) [Orabug: 22271769]

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

dtrace-modules-3.8.13-118.2.1.el6uek

0.4.5-3.el6

kernel-uek

3.8.13-118.2.1.el6uek

kernel-uek-debug

3.8.13-118.2.1.el6uek

kernel-uek-debug-devel

3.8.13-118.2.1.el6uek

kernel-uek-devel

3.8.13-118.2.1.el6uek

kernel-uek-doc

3.8.13-118.2.1.el6uek

kernel-uek-firmware

3.8.13-118.2.1.el6uek

Oracle Linux 7

Oracle Linux x86_64

dtrace-modules-3.8.13-118.2.1.el7uek

0.4.5-3.el7

kernel-uek

3.8.13-118.2.1.el7uek

kernel-uek-debug

3.8.13-118.2.1.el7uek

kernel-uek-debug-devel

3.8.13-118.2.1.el7uek

kernel-uek-devel

3.8.13-118.2.1.el7uek

kernel-uek-doc

3.8.13-118.2.1.el7uek

kernel-uek-firmware

3.8.13-118.2.1.el7uek

Связанные CVE

CVE-2015-7613
CVE-2015-5283

Ссылки на источники

Связанные уязвимости

suse-cvrf логотип

SUSE-SU-2015:1727-1

suse-cvrf
больше 9 лет назад

Security update for kernel-source

ubuntu логотип

CVE-2015-5283

ubuntu
больше 9 лет назад

The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished.

redhat логотип

CVE-2015-5283

redhat
больше 9 лет назад

The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished.

nvd логотип

CVE-2015-5283

nvd
больше 9 лет назад

The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished.

debian логотип

CVE-2015-5283

debian
больше 9 лет назад

The sctp_init function in net/sctp/protocol.c in the Linux kernel befo ...