Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2017-3538

Опубликовано: 13 апр. 2017
Источник: oracle-oval
Платформа: Oracle Linux 5
Платформа: Oracle Linux 6

Описание

ELSA-2017-3538: Unbreakable Enterprise kernel security update (IMPORTANT)

[2.6.39-400.294.7]

  • udp: properly support MSG_PEEK with truncated buffers (Eric Dumazet) [Orabug: 25874741] {CVE-2016-10229}
  • block: fix use-after-free in seq file (Vegard Nossum) [Orabug: 25877531] {CVE-2016-7910}

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

kernel-uek

2.6.39-400.294.7.el5uek

kernel-uek-debug

2.6.39-400.294.7.el5uek

kernel-uek-debug-devel

2.6.39-400.294.7.el5uek

kernel-uek-devel

2.6.39-400.294.7.el5uek

kernel-uek-doc

2.6.39-400.294.7.el5uek

kernel-uek-firmware

2.6.39-400.294.7.el5uek

Oracle Linux i386

kernel-uek

2.6.39-400.294.7.el5uek

kernel-uek-debug

2.6.39-400.294.7.el5uek

kernel-uek-debug-devel

2.6.39-400.294.7.el5uek

kernel-uek-devel

2.6.39-400.294.7.el5uek

kernel-uek-doc

2.6.39-400.294.7.el5uek

kernel-uek-firmware

2.6.39-400.294.7.el5uek

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

2.6.39-400.294.7.el6uek

kernel-uek-debug

2.6.39-400.294.7.el6uek

kernel-uek-debug-devel

2.6.39-400.294.7.el6uek

kernel-uek-devel

2.6.39-400.294.7.el6uek

kernel-uek-doc

2.6.39-400.294.7.el6uek

kernel-uek-firmware

2.6.39-400.294.7.el6uek

Oracle Linux i686

kernel-uek

2.6.39-400.294.7.el6uek

kernel-uek-debug

2.6.39-400.294.7.el6uek

kernel-uek-debug-devel

2.6.39-400.294.7.el6uek

kernel-uek-devel

2.6.39-400.294.7.el6uek

kernel-uek-doc

2.6.39-400.294.7.el6uek

kernel-uek-firmware

2.6.39-400.294.7.el6uek

Связанные CVE

CVE-2016-10229
CVE-2016-7910

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2016-10229

CVSS3: 9.8
ubuntu
больше 8 лет назад

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.

redhat логотип

CVE-2016-10229

CVSS3: 8.1
redhat
почти 10 лет назад

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.

nvd логотип

CVE-2016-10229

CVSS3: 9.8
nvd
больше 8 лет назад

udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.

debian логотип

CVE-2016-10229

CVSS3: 9.8
debian
больше 8 лет назад

udp.c in the Linux kernel before 4.5 allows remote attackers to execut ...

ubuntu логотип

CVE-2016-7910

CVSS3: 7.8
ubuntu
почти 9 лет назад

Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.