Описание
ELSA-2016-1633: kernel security and bug fix update (IMPORTANT)
- [3.10.0-327.28.3.OL7]
- Oracle Linux certificates (Alexey Petrenko)
[3.10.0-327.28.3]
- [net] tcp: enable per-socket rate limiting of all 'challenge acks' (Florian Westphal) [1355603 1355605] {CVE-2016-5696}
- [net] tcp: uninline tcp_oow_rate_limited() (Florian Westphal) [1355603 1355605] {CVE-2016-5696}
- [net] tcp: make challenge acks less predictable (Florian Westphal) [1355603 1355605] {CVE-2016-5696}
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
kernel
3.10.0-327.28.3.el7
kernel-abi-whitelists
3.10.0-327.28.3.el7
kernel-debug
3.10.0-327.28.3.el7
kernel-debug-devel
3.10.0-327.28.3.el7
kernel-devel
3.10.0-327.28.3.el7
kernel-doc
3.10.0-327.28.3.el7
kernel-headers
3.10.0-327.28.3.el7
kernel-tools
3.10.0-327.28.3.el7
kernel-tools-libs
3.10.0-327.28.3.el7
kernel-tools-libs-devel
3.10.0-327.28.3.el7
perf
3.10.0-327.28.3.el7
python-perf
3.10.0-327.28.3.el7
Связанные CVE
Связанные уязвимости
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly ...
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.