Описание
ELSA-2017-3631: Unbreakable Enterprise kernel security update (IMPORTANT)
[4.1.12-103.7.4]
- ipv6: avoid overflow of offset in ip6_find_1stfragopt (Sabrina Dubroca) [Orabug: 27011255] {CVE-2017-7542}
- udp: consistently apply ufo or fragmentation (Willem de Bruijn) [Orabug: 26921320] {CVE-2017-1000112}
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
4.1.12-103.7.4.el6uek
kernel-uek-debug
4.1.12-103.7.4.el6uek
kernel-uek-debug-devel
4.1.12-103.7.4.el6uek
kernel-uek-devel
4.1.12-103.7.4.el6uek
kernel-uek-doc
4.1.12-103.7.4.el6uek
kernel-uek-firmware
4.1.12-103.7.4.el6uek
Oracle Linux 7
Oracle Linux x86_64
kernel-uek
4.1.12-103.7.4.el7uek
kernel-uek-debug
4.1.12-103.7.4.el7uek
kernel-uek-debug-devel
4.1.12-103.7.4.el7uek
kernel-uek-devel
4.1.12-103.7.4.el7uek
kernel-uek-doc
4.1.12-103.7.4.el7uek
kernel-uek-firmware
4.1.12-103.7.4.el7uek
Связанные CVE
Связанные уязвимости
ELSA-2017-2930: kernel security and bug fix update (IMPORTANT)
ELSA-2017-2930-1: kernel security and bug fix update (IMPORTANT)
The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.
The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.