Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2016-3619

Опубликовано: 22 сент. 2016
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELSA-2016-3619: Unbreakable Enterprise kernel security update (IMPORTANT)

kernel-uek [4.1.12-61.1.10]

  • netfilter: x_tables: make sure e->next_offset covers remaining blob size (Florian Westphal) [Orabug: 24682076] {CVE-2016-4997} {CVE-2016-4998}
  • netfilter: x_tables: validate e->target_offset early (Florian Westphal) [Orabug: 24682076] {CVE-2016-4997} {CVE-2016-4998}

[4.1.12-61.1.9]

  • xen-blkback: don't get ref for each queue (Bob Liu) [Orabug: 24616917]
  • NVMe: Fix obtaining command result (Keith Busch) [Orabug: 24655742]

[4.1.12-61.1.8]

  • Revert 'ixgbe: make a workaround to tx hang issue under dom' (Brian Maly) [Orabug: 24618738]

[4.1.12-61.1.7]

  • x86/xen: Add x86_platform.is_untracked_pat_range quirk to ignore ISA regions. (Konrad Rzeszutek Wilk) [Orabug: 24566046]

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

dtrace-modules-4.1.12-61.1.10.el6uek

0.5.3-2.el6

kernel-uek

4.1.12-61.1.10.el6uek

kernel-uek-debug

4.1.12-61.1.10.el6uek

kernel-uek-debug-devel

4.1.12-61.1.10.el6uek

kernel-uek-devel

4.1.12-61.1.10.el6uek

kernel-uek-doc

4.1.12-61.1.10.el6uek

kernel-uek-firmware

4.1.12-61.1.10.el6uek

Oracle Linux 7

Oracle Linux x86_64

dtrace-modules-4.1.12-61.1.10.el7uek

0.5.3-2.el7

kernel-uek

4.1.12-61.1.10.el7uek

kernel-uek-debug

4.1.12-61.1.10.el7uek

kernel-uek-debug-devel

4.1.12-61.1.10.el7uek

kernel-uek-devel

4.1.12-61.1.10.el7uek

kernel-uek-doc

4.1.12-61.1.10.el7uek

kernel-uek-firmware

4.1.12-61.1.10.el7uek

Связанные CVE

CVE-2016-4997
CVE-2016-4998

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2016-3618

oracle-oval
почти 9 лет назад

ELSA-2016-3618: Unbreakable Enterprise kernel security update (IMPORTANT)

oracle-oval логотип

ELSA-2016-3617

oracle-oval
почти 9 лет назад

ELSA-2016-3617: Unbreakable Enterprise kernel security update (IMPORTANT)

oracle-oval логотип

ELSA-2016-1847

oracle-oval
почти 9 лет назад

ELSA-2016-1847: kernel security, bug fix, and enhancement update (IMPORTANT)

ubuntu логотип

CVE-2016-4998

CVSS3: 7.1
ubuntu
почти 9 лет назад

The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary.

redhat логотип

CVE-2016-4998

CVSS3: 6.1
redhat
почти 9 лет назад

The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary.