Описание
ELSA-2016-3587: kernel-uek security update (IMPORTANT)
kernel-uek [4.1.12-37.6.1]
- vfs: rename: check backing inode being equal (Miklos Szeredi) [Orabug: 24010060] {CVE-2016-6198} {CVE-2016-6197}
- vfs: add vfs_select_inode() helper (Miklos Szeredi) [Orabug: 24010060] {CVE-2016-6198} {CVE-2016-6197}
- ovl: verify upper dentry before unlink and rename (Miklos Szeredi) [Orabug: 24010060] {CVE-2016-6198} {CVE-2016-6197}
- ovl: fix getcwd() failure after unsuccessful rmdir (Rui Wang) [Orabug: 24010060] {CVE-2016-6198} {CVE-2016-6197}
- xen: use same main loop for counting and remapping pages (Juergen Gross) [Orabug: 24012238]
- Revert 'ocfs2: bump up o2cb network protocol version' (Junxiao Bi) [Orabug: 23710417]
- atl2: Disable unimplemented scatter/gather feature (Ben Hutchings) [Orabug: 23704078] {CVE-2016-2117}
- Revert 'perf tools: Bump default sample freq to 4 kHz' (ashok.vairavan) [Orabug: 23634802]
- block: Initialize max_dev_sectors to 0 (Keith Busch) [Orabug: 23333444]
- sd: Fix rw_max for devices that report an optimal xfer size (Martin K. Petersen) [Orabug: 23333444]
- sd: Fix excessive capacity printing on devices with blocks bigger than 512 bytes (Martin K. Petersen) [Orabug: 23333444]
- sd: Optimal I/O size is in bytes, not sectors (Martin K. Petersen) [Orabug: 23333444]
- sd: Reject optimal transfer length smaller than page size (Martin K. Petersen) [Orabug: 23333444]
- Fix kabi issue for upstream commit ca369d51 (Joe Jin) [Orabug: 23333444]
- block/sd: Fix device-imposed transfer length limits (Joe Jin) [Orabug: 23333444]
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
dtrace-modules-4.1.12-37.6.1.el6uek
0.5.2-1.el6
kernel-uek
4.1.12-37.6.1.el6uek
kernel-uek-debug
4.1.12-37.6.1.el6uek
kernel-uek-debug-devel
4.1.12-37.6.1.el6uek
kernel-uek-devel
4.1.12-37.6.1.el6uek
kernel-uek-doc
4.1.12-37.6.1.el6uek
kernel-uek-firmware
4.1.12-37.6.1.el6uek
Oracle Linux 7
Oracle Linux x86_64
dtrace-modules-4.1.12-37.6.1.el7uek
0.5.2-1.el7
kernel-uek
4.1.12-37.6.1.el7uek
kernel-uek-debug
4.1.12-37.6.1.el7uek
kernel-uek-debug-devel
4.1.12-37.6.1.el7uek
kernel-uek-devel
4.1.12-37.6.1.el7uek
kernel-uek-doc
4.1.12-37.6.1.el7uek
kernel-uek-firmware
4.1.12-37.6.1.el7uek
Связанные CVE
Связанные уязвимости
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the L ...
fs/overlayfs/dir.c in the OverlayFS filesystem implementation in the Linux kernel before 4.6 does not properly verify the upper dentry before proceeding with unlink and rename system-call processing, which allows local users to cause a denial of service (system crash) via a rename system call that specifies a self-hardlink.