ELSA-2017-2473

Опубликовано: 15 авг. 2017

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2017-2473: kernel security and bug fix update (IMPORTANT)

[3.10.0-693.1.1.OL7]
Oracle Linux certificates (Alexey Petrenko)
Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
Update x509.genkey [bug 24817676]

[3.10.0-693.1.1]

[fs] dentry name snapshots (Miklos Szeredi) [1471131 1470403] {CVE-2017-7533}
[fs] fix the regression from 'direct-io: Fix negative return from dio read beyond eof' (Eric Sandeen) [1475669 1473549]
[fs] direct-io: Fix negative return from dio read beyond eof (Eric Sandeen) [1475669 1473549]

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

kernel

3.10.0-693.1.1.el7

kernel-abi-whitelists

3.10.0-693.1.1.el7

kernel-debug

3.10.0-693.1.1.el7

kernel-debug-devel

3.10.0-693.1.1.el7

kernel-devel

3.10.0-693.1.1.el7

kernel-doc

3.10.0-693.1.1.el7

kernel-headers

3.10.0-693.1.1.el7

kernel-tools

3.10.0-693.1.1.el7

kernel-tools-libs

3.10.0-693.1.1.el7

kernel-tools-libs-devel

3.10.0-693.1.1.el7

perf

3.10.0-693.1.1.el7

python-perf

3.10.0-693.1.1.el7

Связанные CVE

CVE-2017-7533

Ссылки на источники

Связанные уязвимости

CVE-2017-7533

CVSS3: 7

ubuntu

около 8 лет назад

Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.