Описание
ELSA-2017-1723: kernel security and bug fix update (IMPORTANT)
[2.6.32-696.6.3.OL6]
- Update genkey [bug 25599697]
[2.6.32-696.6.3]
- [mm] allow JVM to implement its own stack guard pages (Larry Woodman) [1466667 1464237]
- [mm] enlarge stack guard gap (Larry Woodman) [1466667 1464237]
- Revert: [mm] enlarge stack guard gap (Larry Woodman) [1466667 1464237]
[2.6.32-696.6.2]
- [mm] enlarge stack guard gap (Larry Woodman) [1452729 1452730] {CVE-2017-1000364 CVE-2017-1000366}
[2.6.32-696.6.1]
- [netdrv] ixgbe: fix setup_fc for x550em (Ken Cox) [1457347 1442030]
- [fs] nfsd: stricter decoding of write-like NFSv2/v3 ops (J. Bruce Fields) [1449274 1446755] {CVE-2017-7895}
- [fs] nfsd4: minor NFSv2/v3 write decoding cleanup (J. Bruce Fields) [1449274 1446755] {CVE-2017-7895}
- [scsi] libfc: quarantine timed out xids (Chris Leech) [1455550 1431440]
- [fs] nfsv4: fix getacl ERANGE for some ACL buffer sizes (J. Bruce Fields) [1449096 869942]
- [fs] nfsv4: fix getacl head length estimation (J. Bruce Fields) [1449096 869942]
- [mm] hugetlb: check for pte NULL pointer in page_check_address() (Herton R. Krzesinski) [1444351 1431508]
[2.6.32-696.5.1]
- [fs] sunrpc: Ensure that we wait for connections to complete before retrying (Dave Wysochanski) [1450850 1448170]
- [net] ipv6: check raw payload size correctly in ioctl (Jamie Bainbridge) [1450870 1441909]
[2.6.32-696.4.1]
- [fs] xfs: handle array index overrun in xfs_dir2_leaf_readbuf() (Carlos Maiolino) [1445179 1440361]
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
kernel
2.6.32-696.6.3.el6
kernel-abi-whitelists
2.6.32-696.6.3.el6
kernel-debug
2.6.32-696.6.3.el6
kernel-debug-devel
2.6.32-696.6.3.el6
kernel-devel
2.6.32-696.6.3.el6
kernel-doc
2.6.32-696.6.3.el6
kernel-firmware
2.6.32-696.6.3.el6
kernel-headers
2.6.32-696.6.3.el6
perf
2.6.32-696.6.3.el6
python-perf
2.6.32-696.6.3.el6
Oracle Linux i686
kernel
2.6.32-696.6.3.el6
kernel-abi-whitelists
2.6.32-696.6.3.el6
kernel-debug
2.6.32-696.6.3.el6
kernel-debug-devel
2.6.32-696.6.3.el6
kernel-devel
2.6.32-696.6.3.el6
kernel-doc
2.6.32-696.6.3.el6
kernel-firmware
2.6.32-696.6.3.el6
kernel-headers
2.6.32-696.6.3.el6
perf
2.6.32-696.6.3.el6
python-perf
2.6.32-696.6.3.el6
Связанные CVE
Связанные уязвимости
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.
The NFSv2 and NFSv3 server implementations in the Linux kernel through ...
The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have unspecified other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.