Описание
ELSA-2017-1842-1: kernel security, bug fix, and enhancement update (IMPORTANT)
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
kernel
3.10.0-693.0.0.0.1.el7
kernel-abi-whitelists
3.10.0-693.0.0.0.1.el7
kernel-debug
3.10.0-693.0.0.0.1.el7
kernel-debug-devel
3.10.0-693.0.0.0.1.el7
kernel-devel
3.10.0-693.0.0.0.1.el7
kernel-doc
3.10.0-693.0.0.0.1.el7
kernel-headers
3.10.0-693.0.0.0.1.el7
kernel-tools
3.10.0-693.0.0.0.1.el7
kernel-tools-libs
3.10.0-693.0.0.0.1.el7
kernel-tools-libs-devel
3.10.0-693.0.0.0.1.el7
perf
3.10.0-693.0.0.0.1.el7
python-perf
3.10.0-693.0.0.0.1.el7
Связанные CVE
Ссылки на источники
Связанные уязвимости
ELSA-2017-1842: kernel security, bug fix, and enhancement update (IMPORTANT)
ELSA-2017-3607: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2017-3606: Unbreakable Enterprise kernel security update (IMPORTANT)
It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.
It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.