Описание
ELSA-2018-4131: Unbreakable Enterprise kernel security update (IMPORTANT)
[4.1.12-124.16.2]
- netlink: add a start callback for starting a netlink dump (Tom Herbert) [Orabug: 27169581] {CVE-2017-16939}
- ipsec: Fix aborted xfrm policy dump crash (Herbert Xu) [Orabug: 27169581] {CVE-2017-16939}
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
4.1.12-124.16.2.el6uek
kernel-uek-debug
4.1.12-124.16.2.el6uek
kernel-uek-debug-devel
4.1.12-124.16.2.el6uek
kernel-uek-devel
4.1.12-124.16.2.el6uek
kernel-uek-doc
4.1.12-124.16.2.el6uek
kernel-uek-firmware
4.1.12-124.16.2.el6uek
Oracle Linux 7
Oracle Linux x86_64
kernel-uek
4.1.12-124.16.2.el7uek
kernel-uek-debug
4.1.12-124.16.2.el7uek
kernel-uek-debug-devel
4.1.12-124.16.2.el7uek
kernel-uek-devel
4.1.12-124.16.2.el7uek
kernel-uek-doc
4.1.12-124.16.2.el7uek
kernel-uek-firmware
4.1.12-124.16.2.el7uek
Связанные CVE
Связанные уязвимости
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages.
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Lin ...
Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP1)