Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2016-3595

Опубликовано: 15 авг. 2016
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELSA-2016-3595: Unbreakable Enterprise kernel security update (IMPORTANT)

kernel-uek [3.8.13-118.10.2]

  • tcp: make challenge acks less predictable (Eric Dumazet) [Orabug: 24010012] [Orabug: 2401010] {CVE-2016-5696}

[3.8.13-118.10.1]

  • ocfs2: call ocfs2_journal_access_di() before ocfs2_journal_dirty() in ocfs2_write_end_nolock() (yangwenfang) [Orabug: 19601200]
  • ocfs2: improve recovery performance (Junxiao Bi) [Orabug: 24395691]

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

dtrace-modules-3.8.13-118.10.2.el6uek

0.4.5-3.el6

kernel-uek

3.8.13-118.10.2.el6uek

kernel-uek-debug

3.8.13-118.10.2.el6uek

kernel-uek-debug-devel

3.8.13-118.10.2.el6uek

kernel-uek-devel

3.8.13-118.10.2.el6uek

kernel-uek-doc

3.8.13-118.10.2.el6uek

kernel-uek-firmware

3.8.13-118.10.2.el6uek

Oracle Linux 7

Oracle Linux x86_64

dtrace-modules-3.8.13-118.10.2.el7uek

0.4.5-3.el7

kernel-uek

3.8.13-118.10.2.el7uek

kernel-uek-debug

3.8.13-118.10.2.el7uek

kernel-uek-debug-devel

3.8.13-118.10.2.el7uek

kernel-uek-devel

3.8.13-118.10.2.el7uek

kernel-uek-doc

3.8.13-118.10.2.el7uek

kernel-uek-firmware

3.8.13-118.10.2.el7uek

Связанные CVE

CVE-2016-5696

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2016-5696

CVSS3: 4.8
ubuntu
около 9 лет назад

net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.

redhat логотип

CVE-2016-5696

CVSS3: 4.8
redhat
около 9 лет назад

net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.

nvd логотип

CVE-2016-5696

CVSS3: 4.8
nvd
около 9 лет назад

net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.

debian логотип

CVE-2016-5696

CVSS3: 4.8
debian
около 9 лет назад

net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly ...

github логотип

GHSA-26qg-wc7f-8867

CVSS3: 4.8
github
больше 3 лет назад

net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.