ELSA-2016-2006

Опубликовано: 04 окт. 2016

Источник: oracle-oval

Платформа: Oracle Linux 6

Описание

ELSA-2016-2006: kernel security and bug fix update (IMPORTANT)

[2.6.32-642.6.1]

[net] tcp: make challenge acks less predictable (Florian Westphal) [1355606 1355607] {CVE-2016-5696}
[fs] sunrpc: move NO_CRKEY_TIMEOUT to the auth->au_flags (Scott Mayhew) [1366962 1294939]
[usbhid] hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands (Yauheni Kaliuta) [1359999 1360008] {CVE-2016-5829}

[2.6.32-642.5.1]

[scsi] megaraid_sas: Do not fire MR_DCMD_PD_LIST_QUERY to controllers which do not support it (Tomas Henzl) [1359039 1352826]
[scsi] libfc: sanity check cpu number extracted from xid (Chris Leech) [1359036 1351356]
[security] keys: potential uninitialized variable (Mateusz Guzik) [1345945 1345946] {CVE-2016-4470}
[fs] gfs2: Lock holder cleanup (Robert S Peterson) [1359038 1238861]
[fs] gfs2: Large-filesystem fix for 32-bit systems (Robert S Peterson) [1359038 1238861]
[fs] gfs2: Get rid of gfs2_ilookup (Robert S Peterson) [1359038 1238861]
[fs] gfs2: Fix gfs2_lookup_by_inum lock inversion (Robert S Peterson) [1359038 1238861]
[fs] gfs2: Initialize iopen glock holder for new inodes (Robert S Peterson) [1359038 1238861]
[fs] gfs2: Release iopen glock in gfs2_create_inode error cases (Robert S Peterson) [1359038 1238861]
[fs] gfs2: Wait for iopen glock dequeues (Robert S Peterson) [1359038 1238861]
[fs] gfs2: Re-add an omission from upstream (Robert S Peterson) [1359038 1238861]
[fs] gfs2: Eliminate parameter non_block on gfs2_inode_lookup (Robert S Peterson) [1359038 1238861]
[fs] gfs2: Don't filter out I_FREEING inodes anymore (Robert S Peterson) [1359038 1238861]
[fs] gfs2: Check if iopen is held when deleting inode (Robert S Peterson) [1359037 1173286]
[fs] gfs2: Don't do glock put when inode creation fails (Robert S Peterson) [1359037 1173286]
[fs] gfs2: Prevent delete work from occurring on glocks used for create (Robert S Peterson) [1359037 1173286]
[fs] gfs2: Always use iopen glock for gl_deletes (Robert S Peterson) [1359037 1173286]
[fs] gfs2: Update master statfs buffer with sd_statfs_spin locked (Robert S Peterson) [1359037 1173286]

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

kernel

2.6.32-642.6.1.el6

kernel-abi-whitelists

2.6.32-642.6.1.el6

kernel-debug

2.6.32-642.6.1.el6

kernel-debug-devel

2.6.32-642.6.1.el6

kernel-devel

2.6.32-642.6.1.el6

kernel-doc

2.6.32-642.6.1.el6

kernel-firmware

2.6.32-642.6.1.el6

kernel-headers

2.6.32-642.6.1.el6

perf

2.6.32-642.6.1.el6

python-perf

2.6.32-642.6.1.el6

Oracle Linux i686

kernel

2.6.32-642.6.1.el6

kernel-abi-whitelists

2.6.32-642.6.1.el6

kernel-debug

2.6.32-642.6.1.el6

kernel-debug-devel

2.6.32-642.6.1.el6

kernel-devel

2.6.32-642.6.1.el6

kernel-doc

2.6.32-642.6.1.el6

kernel-firmware

2.6.32-642.6.1.el6

kernel-headers

2.6.32-642.6.1.el6

perf

2.6.32-642.6.1.el6

python-perf

2.6.32-642.6.1.el6

Связанные CVE

CVE-2016-4470

CVE-2016-5829

Ссылки на источники

Связанные уязвимости

SUSE-SU-2016:2018-1

suse-cvrf

почти 9 лет назад

Security update for the Linux Kernel

openSUSE-SU-2016:1798-1

suse-cvrf

почти 9 лет назад

Security update for the Linux Kernel

CVE-2016-5829

CVSS3: 7.8

ubuntu

почти 9 лет назад

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

CVE-2016-5829

CVSS3: 7.8

redhat

почти 9 лет назад

CVE-2016-5829

CVSS3: 7.8

nvd

почти 9 лет назад