Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2016-3651

Опубликовано: 09 дек. 2016
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELSA-2016-3651: Unbreakable Enterprise kernel security update (IMPORTANT)

kernel-uek [3.8.13-118.15.1]

  • Revert 'i40e: Set defport behavior for the Main VSI when in promiscuous mode' (Jack Vogel) [Orabug: 22683573]
  • mlx4: avoid multiple free on id_map_ent (Wengang Wang)
  • xen-netfront: cast grant table reference first to type int (Dongli Zhang)
  • xen-netfront: do not cast grant table reference to signed short (Dongli Zhang)
  • RDS: Drop the connection as part of cancel to avoid hangs (Avinash Repaka) [Orabug: 25045360]
  • sctp: validate chunk len before actually using it (Marcelo Ricardo Leitner) [Orabug: 25142879] {CVE-2016-9555}
  • mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (Andrey Ryabinin) [Orabug: 25154098] {CVE-2016-8650} {CVE-2016-8650}

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

dtrace-modules-3.8.13-118.15.1.el6uek

0.4.5-3.el6

kernel-uek

3.8.13-118.15.1.el6uek

kernel-uek-debug

3.8.13-118.15.1.el6uek

kernel-uek-debug-devel

3.8.13-118.15.1.el6uek

kernel-uek-devel

3.8.13-118.15.1.el6uek

kernel-uek-doc

3.8.13-118.15.1.el6uek

kernel-uek-firmware

3.8.13-118.15.1.el6uek

Oracle Linux 7

Oracle Linux x86_64

dtrace-modules-3.8.13-118.15.1.el7uek

0.4.5-3.el7

kernel-uek

3.8.13-118.15.1.el7uek

kernel-uek-debug

3.8.13-118.15.1.el7uek

kernel-uek-debug-devel

3.8.13-118.15.1.el7uek

kernel-uek-devel

3.8.13-118.15.1.el7uek

kernel-uek-doc

3.8.13-118.15.1.el7uek

kernel-uek-firmware

3.8.13-118.15.1.el7uek

Связанные CVE

CVE-2016-8650
CVE-2016-9555

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2016-3648

oracle-oval
больше 8 лет назад

ELSA-2016-3648: Unbreakable Enterprise kernel security update (IMPORTANT)

ubuntu логотип

CVE-2016-8650

CVSS3: 5.5
ubuntu
больше 8 лет назад

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

redhat логотип

CVE-2016-8650

CVSS3: 8.8
redhat
больше 8 лет назад

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

nvd логотип

CVE-2016-8650

CVSS3: 5.5
nvd
больше 8 лет назад

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through 4.8.11 does not ensure that memory is allocated for limb data, which allows local users to cause a denial of service (stack memory corruption and panic) via an add_key system call for an RSA key with a zero exponent.

debian логотип

CVE-2016-8650

CVSS3: 5.5
debian
больше 8 лет назад

The mpi_powm function in lib/mpi/mpi-pow.c in the Linux kernel through ...