Описание
ELSA-2017-3539: Unbreakable Enterprise kernel security update (IMPORTANT)
kernel-uek [4.1.12-61.1.34]
- uek-rpm: enable CONFIG_KSPLICE. (Jamie Iles) [Orabug: 25698171]
- ksplice: add sysctls for determining Ksplice features. (Jamie Iles) [Orabug: 25698171]
- signal: protect SIGNAL_UNKILLABLE from unintentional clearing. (Jamie Iles) [Orabug: 25698171]
- KVM: x86: fix emulation of 'MOV SS, null selector' (Paolo Bonzini) [Orabug: 25719659] {CVE-2017-2583} {CVE-2017-2583}
- ext4: store checksum seed in superblock (Darrick J. Wong) [Orabug: 25719728] {CVE-2016-10208}
- ext4: reserve code points for the project quota feature (Theodore Ts'o) [Orabug: 25719728] {CVE-2016-10208}
- ext4: validate s_first_meta_bg at mount time (Eryu Guan) [Orabug: 25719728] {CVE-2016-10208}
- ext4: clean up feature test macros with predicate functions (Darrick J. Wong) [Orabug: 25719728] {CVE-2016-10208}
- sctp: avoid BUG_ON on sctp_wait_for_sndbuf (Marcelo Ricardo Leitner) [Orabug: 25719793] {CVE-2017-5986}
- tcp: avoid infinite loop in tcp_splice_read() (Eric Dumazet) [Orabug: 25720805] {CVE-2017-6214}
- ip: fix IP_CHECKSUM handling (Paolo Abeni) [Orabug: 25720839] {CVE-2017-6347}
- udp: fix IP_CHECKSUM handling (Eric Dumazet) [Orabug: 25720839] {CVE-2017-6347}
- udp: do not expect udp headers in recv cmsg IP_CMSG_CHECKSUM (Willem de Bruijn) [Orabug: 25720839] {CVE-2017-6347}
- xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder (Andy Whitcroft) [Orabug: 25814641] {CVE-2017-7184}
- xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window (Andy Whitcroft) [Orabug: 25814641] {CVE-2017-7184}
- block: fix use-after-free in seq file (Vegard Nossum) [Orabug: 25877509] {CVE-2016-7910}
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
dtrace-modules-4.1.12-61.1.34.el6uek
0.5.3-2.el6
kernel-uek
4.1.12-61.1.34.el6uek
kernel-uek-debug
4.1.12-61.1.34.el6uek
kernel-uek-debug-devel
4.1.12-61.1.34.el6uek
kernel-uek-devel
4.1.12-61.1.34.el6uek
kernel-uek-doc
4.1.12-61.1.34.el6uek
kernel-uek-firmware
4.1.12-61.1.34.el6uek
Oracle Linux 7
Oracle Linux x86_64
dtrace-modules-4.1.12-61.1.34.el7uek
0.5.3-2.el7
kernel-uek
4.1.12-61.1.34.el7uek
kernel-uek-debug
4.1.12-61.1.34.el7uek
kernel-uek-debug-devel
4.1.12-61.1.34.el7uek
kernel-uek-devel
4.1.12-61.1.34.el7uek
kernel-uek-doc
4.1.12-61.1.34.el7uek
kernel-uek-firmware
4.1.12-61.1.34.el7uek
Ссылки на источники
Связанные уязвимости
ELSA-2017-3566: Unbreakable Enterprise kernel security update (IMPORTANT)
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image.
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image.
The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image.