Описание
ELSA-2016-3529: kernel-uek security update (IMPORTANT)
kernel-uek [4.1.12-32.2.3]
- rebuild bumping release
[4.1.12-32.2.2]
- x86/iopl/64: properly context-switch IOPL on Xen PV (Andy Lutomirski) [Orabug: 22997978] {CVE-2016-3157}
- fs/hugetlbfs/inode.c: fix bugs in hugetlb_vmtruncate_list() (Mike Kravetz) [Orabug: 22667863]
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
dtrace-modules-4.1.12-32.2.3.el6uek
0.5.1-1.el6
kernel-uek
4.1.12-32.2.3.el6uek
kernel-uek-debug
4.1.12-32.2.3.el6uek
kernel-uek-debug-devel
4.1.12-32.2.3.el6uek
kernel-uek-devel
4.1.12-32.2.3.el6uek
kernel-uek-doc
4.1.12-32.2.3.el6uek
kernel-uek-firmware
4.1.12-32.2.3.el6uek
Oracle Linux 7
Oracle Linux x86_64
dtrace-modules-4.1.12-32.2.3.el7uek
0.5.1-1.el7
kernel-uek
4.1.12-32.2.3.el7uek
kernel-uek-debug
4.1.12-32.2.3.el7uek
kernel-uek-debug-devel
4.1.12-32.2.3.el7uek
kernel-uek-devel
4.1.12-32.2.3.el7uek
kernel-uek-doc
4.1.12-32.2.3.el7uek
kernel-uek-firmware
4.1.12-32.2.3.el7uek
Связанные CVE
Связанные уязвимости
Unspecified vulnerability in the kernel-uek component in Oracle Linux 6 allows local users to affect availability via unknown vectors.
Unspecified vulnerability in the kernel-uek component in Oracle Linux 6 allows local users to affect availability via unknown vectors.
Unspecified vulnerability in the kernel-uek component in Oracle Linux 6 allows local users to affect availability via unknown vectors.
Unspecified vulnerability in the kernel-uek component in Oracle Linux ...
The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel does not properly context-switch IOPL on 64-bit PV Xen guests, which allows local guest OS users to gain privileges, cause a denial of service (guest OS crash), or obtain sensitive information by leveraging I/O port access.