Описание
ELSA-2017-3632: Unbreakable Enterprise kernel security update (IMPORTANT)
kernel-uek [3.8.13-118.19.10]
- mqueue: fix a use-after-free in sys_mq_notify() (Cong Wang) [Orabug: 26643556] {CVE-2017-11176}
[3.8.13-118.19.9]
- ipv6: avoid overflow of offset in ip6_find_1stfragopt (Sabrina Dubroca) [Orabug: 27011273] {CVE-2017-7542}
- packet: fix tp_reserve race in packet_set_ring (Willem de Bruijn) [Orabug: 27002450] {CVE-2017-1000111}
[3.8.13-118.19.8]
- mlx4_core: calculate log_num_mtt based on total system memory (Wei Lin Guay) [Orabug: 26883934]
- xen/x86: Add interface for querying amount of host memory (Boris Ostrovsky) [Orabug: 26883934]
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
dtrace-modules-3.8.13-118.19.10.el6uek
0.4.5-3.el6
kernel-uek
3.8.13-118.19.10.el6uek
kernel-uek-debug
3.8.13-118.19.10.el6uek
kernel-uek-debug-devel
3.8.13-118.19.10.el6uek
kernel-uek-devel
3.8.13-118.19.10.el6uek
kernel-uek-doc
3.8.13-118.19.10.el6uek
kernel-uek-firmware
3.8.13-118.19.10.el6uek
Oracle Linux 7
Oracle Linux x86_64
dtrace-modules-3.8.13-118.19.10.el7uek
0.4.5-3.el7
kernel-uek
3.8.13-118.19.10.el7uek
kernel-uek-debug
3.8.13-118.19.10.el7uek
kernel-uek-debug-devel
3.8.13-118.19.10.el7uek
kernel-uek-devel
3.8.13-118.19.10.el7uek
kernel-uek-doc
3.8.13-118.19.10.el7uek
kernel-uek-firmware
3.8.13-118.19.10.el7uek
Связанные CVE
Связанные уязвимости
ELSA-2017-3633: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2017-2930: kernel security and bug fix update (IMPORTANT)
ELSA-2017-2930-1: kernel security and bug fix update (IMPORTANT)
ELSA-2018-0169: kernel security and bug fix update (IMPORTANT)
The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.