Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2016-3657

Опубликовано: 21 дек. 2016
Источник: oracle-oval
Платформа: Oracle Linux 5
Платформа: Oracle Linux 6

Описание

ELSA-2016-3657: Unbreakable Enterprise kernel security update (IMPORTANT)

[2.6.39-400.293.2]

  • x86/iopl/64: properly context-switch IOPL on Xen PV (Andy Lutomirski) [Orabug: 25269184] {CVE-2016-3157}
  • net: Fix use after free in the recvmmsg exit path (Arnaldo Carvalho de Melo) [Orabug: 25298618] {CVE-2016-7117}

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

kernel-uek

2.6.39-400.293.2.el5uek

kernel-uek-debug

2.6.39-400.293.2.el5uek

kernel-uek-debug-devel

2.6.39-400.293.2.el5uek

kernel-uek-devel

2.6.39-400.293.2.el5uek

kernel-uek-doc

2.6.39-400.293.2.el5uek

kernel-uek-firmware

2.6.39-400.293.2.el5uek

Oracle Linux i386

kernel-uek

2.6.39-400.293.2.el5uek

kernel-uek-debug

2.6.39-400.293.2.el5uek

kernel-uek-debug-devel

2.6.39-400.293.2.el5uek

kernel-uek-devel

2.6.39-400.293.2.el5uek

kernel-uek-doc

2.6.39-400.293.2.el5uek

kernel-uek-firmware

2.6.39-400.293.2.el5uek

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

2.6.39-400.293.2.el6uek

kernel-uek-debug

2.6.39-400.293.2.el6uek

kernel-uek-debug-devel

2.6.39-400.293.2.el6uek

kernel-uek-devel

2.6.39-400.293.2.el6uek

kernel-uek-doc

2.6.39-400.293.2.el6uek

kernel-uek-firmware

2.6.39-400.293.2.el6uek

Oracle Linux i686

kernel-uek

2.6.39-400.293.2.el6uek

kernel-uek-debug

2.6.39-400.293.2.el6uek

kernel-uek-debug-devel

2.6.39-400.293.2.el6uek

kernel-uek-devel

2.6.39-400.293.2.el6uek

kernel-uek-doc

2.6.39-400.293.2.el6uek

kernel-uek-firmware

2.6.39-400.293.2.el6uek

Связанные CVE

CVE-2016-3157
CVE-2016-7117

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2016-3656

oracle-oval
больше 8 лет назад

ELSA-2016-3656: Unbreakable Enterprise kernel security update (IMPORTANT)

ubuntu логотип

CVE-2016-3157

CVSS3: 7.8
ubuntu
около 9 лет назад

The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel does not properly context-switch IOPL on 64-bit PV Xen guests, which allows local guest OS users to gain privileges, cause a denial of service (guest OS crash), or obtain sensitive information by leveraging I/O port access.

redhat логотип

CVE-2016-3157

CVSS3: 7
redhat
больше 9 лет назад

The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel does not properly context-switch IOPL on 64-bit PV Xen guests, which allows local guest OS users to gain privileges, cause a denial of service (guest OS crash), or obtain sensitive information by leveraging I/O port access.

nvd логотип

CVE-2016-3157

CVSS3: 7.8
nvd
около 9 лет назад

The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel does not properly context-switch IOPL on 64-bit PV Xen guests, which allows local guest OS users to gain privileges, cause a denial of service (guest OS crash), or obtain sensitive information by leveraging I/O port access.

debian логотип

CVE-2016-3157

CVSS3: 7.8
debian
около 9 лет назад

The __switch_to function in arch/x86/kernel/process_64.c in the Linux ...