Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2017-3579

Опубликовано: 01 июн. 2017
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELSA-2017-3579: Unbreakable Enterprise kernel security update (IMPORTANT)

kernel-uek [4.1.12-94.3.6]

  • net/packet: fix overflow in check for tp_reserve (Andrey Konovalov) [Orabug: 26143545] {CVE-2017-7308}
  • net/packet: fix overflow in check for tp_frame_nr (Andrey Konovalov) [Orabug: 26143545] {CVE-2017-7308}
  • net/packet: fix overflow in check for priv area size (Andrey Konovalov) [Orabug: 26143545] {CVE-2017-7308}

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

dtrace-modules-4.1.12-94.3.6.el6uek

0.6.0-4.el6

kernel-uek

4.1.12-94.3.6.el6uek

kernel-uek-debug

4.1.12-94.3.6.el6uek

kernel-uek-debug-devel

4.1.12-94.3.6.el6uek

kernel-uek-devel

4.1.12-94.3.6.el6uek

kernel-uek-doc

4.1.12-94.3.6.el6uek

kernel-uek-firmware

4.1.12-94.3.6.el6uek

Oracle Linux 7

Oracle Linux x86_64

dtrace-modules-4.1.12-94.3.6.el7uek

0.6.0-4.el7

kernel-uek

4.1.12-94.3.6.el7uek

kernel-uek-debug

4.1.12-94.3.6.el7uek

kernel-uek-debug-devel

4.1.12-94.3.6.el7uek

kernel-uek-devel

4.1.12-94.3.6.el7uek

kernel-uek-doc

4.1.12-94.3.6.el7uek

kernel-uek-firmware

4.1.12-94.3.6.el7uek

Связанные CVE

CVE-2017-7308

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2017-7308

CVSS3: 7.8
ubuntu
около 8 лет назад

The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

redhat логотип

CVE-2017-7308

CVSS3: 7
redhat
около 8 лет назад

The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

nvd логотип

CVE-2017-7308

CVSS3: 7.8
nvd
около 8 лет назад

The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

debian логотип

CVE-2017-7308

CVSS3: 7.8
debian
около 8 лет назад

The packet_set_ring function in net/packet/af_packet.c in the Linux ke ...

suse-cvrf логотип

SUSE-SU-2017:1302-1

suse-cvrf
около 8 лет назад

Security update for Linux Kernel Live Patch 19 for SLE 12