Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2017-3538

Опубликовано: 13 апр. 2017
Источник: oracle-oval
Платформа: Oracle Linux 5
Платформа: Oracle Linux 6

Описание

ELSA-2017-3538: Unbreakable Enterprise kernel security update (IMPORTANT)

[2.6.39-400.294.7]

  • udp: properly support MSG_PEEK with truncated buffers (Eric Dumazet) [Orabug: 25874741] {CVE-2016-10229}
  • block: fix use-after-free in seq file (Vegard Nossum) [Orabug: 25877531] {CVE-2016-7910}

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

kernel-uek

2.6.39-400.294.7.el5uek

kernel-uek-debug

2.6.39-400.294.7.el5uek

kernel-uek-debug-devel

2.6.39-400.294.7.el5uek

kernel-uek-devel

2.6.39-400.294.7.el5uek

kernel-uek-doc

2.6.39-400.294.7.el5uek

kernel-uek-firmware

2.6.39-400.294.7.el5uek

Oracle Linux i386

kernel-uek

2.6.39-400.294.7.el5uek

kernel-uek-debug

2.6.39-400.294.7.el5uek

kernel-uek-debug-devel

2.6.39-400.294.7.el5uek

kernel-uek-devel

2.6.39-400.294.7.el5uek

kernel-uek-doc

2.6.39-400.294.7.el5uek

kernel-uek-firmware

2.6.39-400.294.7.el5uek

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

2.6.39-400.294.7.el6uek

kernel-uek-debug

2.6.39-400.294.7.el6uek

kernel-uek-debug-devel

2.6.39-400.294.7.el6uek

kernel-uek-devel

2.6.39-400.294.7.el6uek

kernel-uek-doc

2.6.39-400.294.7.el6uek

kernel-uek-firmware

2.6.39-400.294.7.el6uek

Oracle Linux i686

kernel-uek

2.6.39-400.294.7.el6uek

kernel-uek-debug

2.6.39-400.294.7.el6uek

kernel-uek-debug-devel

2.6.39-400.294.7.el6uek

kernel-uek-devel

2.6.39-400.294.7.el6uek

kernel-uek-doc

2.6.39-400.294.7.el6uek

kernel-uek-firmware

2.6.39-400.294.7.el6uek

Связанные CVE

CVE-2016-10229
CVE-2016-7910

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2016-10229

CVSS3: 9.8
ubuntu
около 8 лет назад

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.

redhat логотип

CVE-2016-10229

CVSS3: 8.1
redhat
больше 9 лет назад

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.

nvd логотип

CVE-2016-10229

CVSS3: 9.8
nvd
около 8 лет назад

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.

debian логотип

CVE-2016-10229

CVSS3: 9.8
debian
около 8 лет назад

udp.c in the Linux kernel before 4.5 allows remote attackers to execut ...

ubuntu логотип

CVE-2016-7910

CVSS3: 7.8
ubuntu
больше 8 лет назад

Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.