Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2016-3617

Опубликовано: 22 сент. 2016
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELSA-2016-3617: Unbreakable Enterprise kernel security update (IMPORTANT)

kernel-uek [3.8.13-118.11.2]

  • Btrfs: fix truncation of compressed and inlined extents (Ashish Samant) [Orabug: 22307285] {CVE-2015-8374}
  • Btrfs: fix file corruption and data loss after cloning inline extents (Divya Indi) [Orabug: 22307285] {CVE-2015-8374}
  • netfilter: x_tables: make sure e->next_offset covers remaining blob size (Florian Westphal) [Orabug: 24682074] {CVE-2016-4997} {CVE-2016-4998}
  • netfilter: x_tables: validate e->target_offset early (Florian Westphal) [Orabug: 24682074] {CVE-2016-4997} {CVE-2016-4998}

[3.8.13-118.11.1]

  • rds: schedule local connection activity in proper workqueue (Ajaykumar Hotchandani) [Orabug: 24624195]
  • ib_core: make wait_event uninterruptible in ib_flush_fmr_pool() (Avinash Repaka) [Orabug: 24655952]
  • net/mlx4: Support shutdown() interface (Gavin Shan) [Orabug: 24624181]

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

dtrace-modules-3.8.13-118.11.2.el6uek

0.4.5-3.el6

kernel-uek

3.8.13-118.11.2.el6uek

kernel-uek-debug

3.8.13-118.11.2.el6uek

kernel-uek-debug-devel

3.8.13-118.11.2.el6uek

kernel-uek-devel

3.8.13-118.11.2.el6uek

kernel-uek-doc

3.8.13-118.11.2.el6uek

kernel-uek-firmware

3.8.13-118.11.2.el6uek

Oracle Linux 7

Oracle Linux x86_64

dtrace-modules-3.8.13-118.11.2.el7uek

0.4.5-3.el7

kernel-uek

3.8.13-118.11.2.el7uek

kernel-uek-debug

3.8.13-118.11.2.el7uek

kernel-uek-debug-devel

3.8.13-118.11.2.el7uek

kernel-uek-devel

3.8.13-118.11.2.el7uek

kernel-uek-doc

3.8.13-118.11.2.el7uek

kernel-uek-firmware

3.8.13-118.11.2.el7uek

Связанные CVE

CVE-2016-4997
CVE-2016-4998
CVE-2015-8374

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2016-3618

oracle-oval
почти 9 лет назад

ELSA-2016-3618: Unbreakable Enterprise kernel security update (IMPORTANT)

oracle-oval логотип

ELSA-2016-3619

oracle-oval
почти 9 лет назад

ELSA-2016-3619: Unbreakable Enterprise kernel security update (IMPORTANT)

oracle-oval логотип

ELSA-2016-1847

oracle-oval
почти 9 лет назад

ELSA-2016-1847: kernel security, bug fix, and enhancement update (IMPORTANT)

ubuntu логотип

CVE-2016-4997

CVSS3: 7.8
ubuntu
почти 9 лет назад

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.

redhat логотип

CVE-2016-4997

CVSS3: 7.3
redhat
почти 9 лет назад

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.