Описание
ELSA-2017-3606: Unbreakable Enterprise kernel security update (IMPORTANT)
kernel-uek [3.8.13-118.19.4]
- l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind() (Guillaume Nault) [Orabug: 26586047] {CVE-2016-10200}
- xfs: fix two memory leaks in xfs_attr_list.c error paths (Mateusz Guzik) [Orabug: 26586022] {CVE-2016-9685}
- KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings (David Howells) [Orabug: 26585994] {CVE-2016-9604}
- ipv6: fix out of bound writes in __ip6_append_data() (Eric Dumazet) [Orabug: 26578198] {CVE-2017-9242}
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
dtrace-modules-3.8.13-118.19.4.el6uek
0.4.5-3.el6
kernel-uek
3.8.13-118.19.4.el6uek
kernel-uek-debug
3.8.13-118.19.4.el6uek
kernel-uek-debug-devel
3.8.13-118.19.4.el6uek
kernel-uek-devel
3.8.13-118.19.4.el6uek
kernel-uek-doc
3.8.13-118.19.4.el6uek
kernel-uek-firmware
3.8.13-118.19.4.el6uek
Oracle Linux 7
Oracle Linux x86_64
dtrace-modules-3.8.13-118.19.4.el7uek
0.4.5-3.el7
kernel-uek
3.8.13-118.19.4.el7uek
kernel-uek-debug
3.8.13-118.19.4.el7uek
kernel-uek-debug-devel
3.8.13-118.19.4.el7uek
kernel-uek-devel
3.8.13-118.19.4.el7uek
kernel-uek-doc
3.8.13-118.19.4.el7uek
kernel-uek-firmware
3.8.13-118.19.4.el7uek
Связанные уязвимости
ELSA-2017-3607: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2017-1842: kernel security, bug fix, and enhancement update (IMPORTANT)
ELSA-2017-1842-1: kernel security, bug fix, and enhancement update (IMPORTANT)
ELSA-2017-3605: Unbreakable Enterprise kernel security update (IMPORTANT)
Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.