Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2017-1842-1

Опубликовано: 15 авг. 2017
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2017-1842-1: kernel security, bug fix, and enhancement update (IMPORTANT)

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

kernel

3.10.0-693.0.0.0.1.el7

kernel-abi-whitelists

3.10.0-693.0.0.0.1.el7

kernel-debug

3.10.0-693.0.0.0.1.el7

kernel-debug-devel

3.10.0-693.0.0.0.1.el7

kernel-devel

3.10.0-693.0.0.0.1.el7

kernel-doc

3.10.0-693.0.0.0.1.el7

kernel-headers

3.10.0-693.0.0.0.1.el7

kernel-tools

3.10.0-693.0.0.0.1.el7

kernel-tools-libs

3.10.0-693.0.0.0.1.el7

kernel-tools-libs-devel

3.10.0-693.0.0.0.1.el7

perf

3.10.0-693.0.0.0.1.el7

python-perf

3.10.0-693.0.0.0.1.el7

Связанные уязвимости

oracle-oval
почти 8 лет назад

ELSA-2017-1842: kernel security, bug fix, and enhancement update (IMPORTANT)

oracle-oval
почти 8 лет назад

ELSA-2017-3607: Unbreakable Enterprise kernel security update (IMPORTANT)

oracle-oval
почти 8 лет назад

ELSA-2017-3606: Unbreakable Enterprise kernel security update (IMPORTANT)

CVSS3: 4.4
ubuntu
около 7 лет назад

It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.

CVSS3: 4.4
redhat
больше 8 лет назад

It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.