ELSA-2017-3592

Опубликовано: 12 июл. 2017

Источник: oracle-oval

Платформа: Oracle Linux 5

Платформа: Oracle Linux 6

Описание

ELSA-2017-3592: Unbreakable Enterprise kernel security update (IMPORTANT)

[2.6.39-400.297.4]

mm: larger stack guard gap, between vmas (Hugh Dickins) [Orabug: 26326145] {CVE-2017-1000364}

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

kernel-uek

2.6.39-400.297.4.el5uek

kernel-uek-debug

2.6.39-400.297.4.el5uek

kernel-uek-debug-devel

2.6.39-400.297.4.el5uek

kernel-uek-devel

2.6.39-400.297.4.el5uek

kernel-uek-doc

2.6.39-400.297.4.el5uek

kernel-uek-firmware

2.6.39-400.297.4.el5uek

Oracle Linux i386

kernel-uek

2.6.39-400.297.4.el5uek

kernel-uek-debug

2.6.39-400.297.4.el5uek

kernel-uek-debug-devel

2.6.39-400.297.4.el5uek

kernel-uek-devel

2.6.39-400.297.4.el5uek

kernel-uek-doc

2.6.39-400.297.4.el5uek

kernel-uek-firmware

2.6.39-400.297.4.el5uek

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

2.6.39-400.297.4.el6uek

kernel-uek-debug

2.6.39-400.297.4.el6uek

kernel-uek-debug-devel

2.6.39-400.297.4.el6uek

kernel-uek-devel

2.6.39-400.297.4.el6uek

kernel-uek-doc

2.6.39-400.297.4.el6uek

kernel-uek-firmware

2.6.39-400.297.4.el6uek

Oracle Linux i686

kernel-uek

2.6.39-400.297.4.el6uek

kernel-uek-debug

2.6.39-400.297.4.el6uek

kernel-uek-debug-devel

2.6.39-400.297.4.el6uek

kernel-uek-devel

2.6.39-400.297.4.el6uek

kernel-uek-doc

2.6.39-400.297.4.el6uek

kernel-uek-firmware

2.6.39-400.297.4.el6uek

Связанные CVE

CVE-2017-1000364

Ссылки на источники

Связанные уязвимости

CVE-2017-1000364

CVSS3: 7.4

ubuntu

больше 8 лет назад

An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).