Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2017-3622

Опубликовано: 20 сент. 2017
Источник: oracle-oval
Платформа: Oracle Linux 5
Платформа: Oracle Linux 6

Описание

ELSA-2017-3622: Unbreakable Enterprise kernel security update (IMPORTANT)

[2.6.39-400.297.8]

  • Bluetooth: Properly check L2CAP config option output buffer length (Ben Seri) [Orabug: 26796428] {CVE-2017-1000251}

[2.6.39-400.297.7]

  • xen: fix bio vec merging (Roger Pau Monne) [Orabug: 26645562] {CVE-2017-12134}
  • fs/exec.c: account for argv/envp pointers (Kees Cook) [Orabug: 26638926] {CVE-2017-1000365} {CVE-2017-1000365}

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

kernel-uek

2.6.39-400.297.8.el5uek

kernel-uek-debug

2.6.39-400.297.8.el5uek

kernel-uek-debug-devel

2.6.39-400.297.8.el5uek

kernel-uek-devel

2.6.39-400.297.8.el5uek

kernel-uek-doc

2.6.39-400.297.8.el5uek

kernel-uek-firmware

2.6.39-400.297.8.el5uek

Oracle Linux i386

kernel-uek

2.6.39-400.297.8.el5uek

kernel-uek-debug

2.6.39-400.297.8.el5uek

kernel-uek-debug-devel

2.6.39-400.297.8.el5uek

kernel-uek-devel

2.6.39-400.297.8.el5uek

kernel-uek-doc

2.6.39-400.297.8.el5uek

kernel-uek-firmware

2.6.39-400.297.8.el5uek

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

2.6.39-400.297.8.el6uek

kernel-uek-debug

2.6.39-400.297.8.el6uek

kernel-uek-debug-devel

2.6.39-400.297.8.el6uek

kernel-uek-devel

2.6.39-400.297.8.el6uek

kernel-uek-doc

2.6.39-400.297.8.el6uek

kernel-uek-firmware

2.6.39-400.297.8.el6uek

Oracle Linux i686

kernel-uek

2.6.39-400.297.8.el6uek

kernel-uek-debug

2.6.39-400.297.8.el6uek

kernel-uek-debug-devel

2.6.39-400.297.8.el6uek

kernel-uek-devel

2.6.39-400.297.8.el6uek

kernel-uek-doc

2.6.39-400.297.8.el6uek

kernel-uek-firmware

2.6.39-400.297.8.el6uek

Связанные CVE

CVE-2017-1000365
CVE-2017-12134
CVE-2017-1000251

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2017-3621

oracle-oval
около 8 лет назад

ELSA-2017-3621: Unbreakable Enterprise kernel security update (IMPORTANT)

oracle-oval логотип

ELSA-2017-3609

oracle-oval
около 8 лет назад

ELSA-2017-3609: Unbreakable Enterprise kernel security update (IMPORTANT)

suse-cvrf логотип

SUSE-SU-2017:2956-1

suse-cvrf
около 8 лет назад

Security update for the Linux Kernel

ubuntu логотип

CVE-2017-1000365

CVSS3: 7.8
ubuntu
больше 8 лет назад

The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.

redhat логотип

CVE-2017-1000365

CVSS3: 2.9
redhat
больше 8 лет назад

The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.