Описание
ELSA-2017-3510: Unbreakable Enterprise kernel security update (IMPORTANT)
[2.6.39-400.294.1]
- nvme: Limit command retries (Ashok Vairavan) [Orabug: 25342947]
- tcp: fix use after free in tcp_xmit_retransmit_queue() (Eric Dumazet) [Orabug: 25374376] {CVE-2016-6828}
- ALSA: pcm : Call kill_fasync() in stream lock (Takashi Iwai) [Orabug: 25231728] {CVE-2016-9794}
- net: avoid signed overflows for SO_{SND|RCV}BUFFORCE (Eric Dumazet) [Orabug: 25231758] {CVE-2016-9793}
- KEYS: Fix short sprintf buffer in /proc/keys show function (David Howells) [Orabug: 25306377] {CVE-2016-7042}
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.39-400.294.1.el5uek
kernel-uek-debug
2.6.39-400.294.1.el5uek
kernel-uek-debug-devel
2.6.39-400.294.1.el5uek
kernel-uek-devel
2.6.39-400.294.1.el5uek
kernel-uek-doc
2.6.39-400.294.1.el5uek
kernel-uek-firmware
2.6.39-400.294.1.el5uek
Oracle Linux i386
kernel-uek
2.6.39-400.294.1.el5uek
kernel-uek-debug
2.6.39-400.294.1.el5uek
kernel-uek-debug-devel
2.6.39-400.294.1.el5uek
kernel-uek-devel
2.6.39-400.294.1.el5uek
kernel-uek-doc
2.6.39-400.294.1.el5uek
kernel-uek-firmware
2.6.39-400.294.1.el5uek
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.39-400.294.1.el6uek
kernel-uek-debug
2.6.39-400.294.1.el6uek
kernel-uek-debug-devel
2.6.39-400.294.1.el6uek
kernel-uek-devel
2.6.39-400.294.1.el6uek
kernel-uek-doc
2.6.39-400.294.1.el6uek
kernel-uek-firmware
2.6.39-400.294.1.el6uek
Oracle Linux i686
kernel-uek
2.6.39-400.294.1.el6uek
kernel-uek-debug
2.6.39-400.294.1.el6uek
kernel-uek-debug-devel
2.6.39-400.294.1.el6uek
kernel-uek-devel
2.6.39-400.294.1.el6uek
kernel-uek-doc
2.6.39-400.294.1.el6uek
kernel-uek-firmware
2.6.39-400.294.1.el6uek
Связанные CVE
Связанные уязвимости
ELSA-2017-3509: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2017-3508: Unbreakable Enterprise kernel security update (IMPORTANT)
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.