Описание
ELSA-2016-3593: Unbreakable Enterprise kernel security update (IMPORTANT)
kernel-uek [4.1.12-37.6.2]
- KEYS: potential uninitialized variable (Dan Carpenter) [Orabug: 24393865] {CVE-2016-4470}
- ovl: fix permission checking for setattr (Miklos Szeredi) [Orabug: 24393742] {CVE-2015-8660}
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
dtrace-modules-4.1.12-37.6.2.el6uek
0.5.2-1.el6
kernel-uek
4.1.12-37.6.2.el6uek
kernel-uek-debug
4.1.12-37.6.2.el6uek
kernel-uek-debug-devel
4.1.12-37.6.2.el6uek
kernel-uek-devel
4.1.12-37.6.2.el6uek
kernel-uek-doc
4.1.12-37.6.2.el6uek
kernel-uek-firmware
4.1.12-37.6.2.el6uek
Oracle Linux 7
Oracle Linux x86_64
dtrace-modules-4.1.12-37.6.2.el7uek
0.5.2-1.el7
kernel-uek
4.1.12-37.6.2.el7uek
kernel-uek-debug
4.1.12-37.6.2.el7uek
kernel-uek-debug-devel
4.1.12-37.6.2.el7uek
kernel-uek-devel
4.1.12-37.6.2.el7uek
kernel-uek-doc
4.1.12-37.6.2.el7uek
kernel-uek-firmware
4.1.12-37.6.2.el7uek
Связанные CVE
Связанные уязвимости
ELSA-2016-1539: kernel security and bug fix update (IMPORTANT)
The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.
The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.
The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.
The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel t ...