Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2017-3580

Опубликовано: 01 июн. 2017
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELSA-2017-3580: Unbreakable Enterprise kernel security update (IMPORTANT)

kernel-uek [3.8.13-118.18.4]

  • net/packet: fix overflow in check for tp_reserve (Andrey Konovalov) [Orabug: 26143552] {CVE-2017-7308}
  • net/packet: fix overflow in check for tp_frame_nr (Andrey Konovalov) [Orabug: 26143552] {CVE-2017-7308}
  • net/packet: fix overflow in check for priv area size (Andrey Konovalov) [Orabug: 26143552] {CVE-2017-7308}

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

dtrace-modules-3.8.13-118.18.4.el6uek

0.4.5-3.el6

kernel-uek

3.8.13-118.18.4.el6uek

kernel-uek-debug

3.8.13-118.18.4.el6uek

kernel-uek-debug-devel

3.8.13-118.18.4.el6uek

kernel-uek-devel

3.8.13-118.18.4.el6uek

kernel-uek-doc

3.8.13-118.18.4.el6uek

kernel-uek-firmware

3.8.13-118.18.4.el6uek

Oracle Linux 7

Oracle Linux x86_64

dtrace-modules-3.8.13-118.18.4.el7uek

0.4.5-3.el7

kernel-uek

3.8.13-118.18.4.el7uek

kernel-uek-debug

3.8.13-118.18.4.el7uek

kernel-uek-debug-devel

3.8.13-118.18.4.el7uek

kernel-uek-devel

3.8.13-118.18.4.el7uek

kernel-uek-doc

3.8.13-118.18.4.el7uek

kernel-uek-firmware

3.8.13-118.18.4.el7uek

Связанные CVE

CVE-2017-7308

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2017-7308

CVSS3: 7.8
ubuntu
около 8 лет назад

The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

redhat логотип

CVE-2017-7308

CVSS3: 7
redhat
около 8 лет назад

The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

nvd логотип

CVE-2017-7308

CVSS3: 7.8
nvd
около 8 лет назад

The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.

debian логотип

CVE-2017-7308

CVSS3: 7.8
debian
около 8 лет назад

The packet_set_ring function in net/packet/af_packet.c in the Linux ke ...

suse-cvrf логотип

SUSE-SU-2017:1302-1

suse-cvrf
около 8 лет назад

Security update for Linux Kernel Live Patch 19 for SLE 12