Описание
ELSA-2018-4190: Unbreakable Enterprise kernel security update (IMPORTANT)
[4.14.35-1818.0.15]
- tcp: add tcp_ooo_try_coalesce() helper (Eric Dumazet) [Orabug: 28453849] {CVE-2018-5390}
- tcp: call tcp_drop() from tcp_data_queue_ofo() (Eric Dumazet) [Orabug: 28453849] {CVE-2018-5390}
- tcp: detect malicious patterns in tcp_collapse_ofo_queue() (Eric Dumazet) [Orabug: 28453849] {CVE-2018-5390}
- tcp: avoid collapses in tcp_prune_queue() if possible (Eric Dumazet) [Orabug: 28453849] {CVE-2018-5390}
- tcp: free batches of packets in tcp_prune_ofo_queue() (Eric Dumazet) [Orabug: 28453849] {CVE-2018-5390}
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
kernel-uek
4.14.35-1818.0.15.el7uek
kernel-uek-debug
4.14.35-1818.0.15.el7uek
kernel-uek-debug-devel
4.14.35-1818.0.15.el7uek
kernel-uek-devel
4.14.35-1818.0.15.el7uek
kernel-uek-headers
4.14.35-1818.0.15.el7uek
kernel-uek-tools
4.14.35-1818.0.15.el7uek
kernel-uek-tools-libs
4.14.35-1818.0.15.el7uek
kernel-uek-tools-libs-devel
4.14.35-1818.0.15.el7uek
perf
4.14.35-1818.0.15.el7uek
python-perf
4.14.35-1818.0.15.el7uek
Связанные CVE
Связанные уязвимости
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.
Linux kernel versions 4.9+ can be forced to make very expensive calls ...
Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP2)