Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2018-4216

Опубликовано: 14 сент. 2018
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELSA-2018-4216: Unbreakable Enterprise kernel security update (IMPORTANT)

[4.1.12-124.19.2]

  • tcp: add tcp_ooo_try_coalesce() helper (Eric Dumazet) [Orabug: 28639707] {CVE-2018-5390}
  • tcp: call tcp_drop() from tcp_data_queue_ofo() (Eric Dumazet) [Orabug: 28639707] {CVE-2018-5390}
  • tcp: detect malicious patterns in tcp_collapse_ofo_queue() (Eric Dumazet) [Orabug: 28639707] {CVE-2018-5390}
  • tcp: avoid collapses in tcp_prune_queue() if possible (Eric Dumazet) [Orabug: 28639707] {CVE-2018-5390}
  • tcp: free batches of packets in tcp_prune_ofo_queue() (Eric Dumazet) [Orabug: 28639707] {CVE-2018-5390}
  • tcp: use an RB tree for ooo receive queue (Yaogong Wang) [Orabug: 28639707] {CVE-2018-5390}
  • tcp: refine tcp_prune_ofo_queue() to not drop all packets (Eric Dumazet) [Orabug: 28639707] {CVE-2018-5390}
  • tcp: introduce tcp_under_memory_pressure() (Eric Dumazet) [Orabug: 28639707] {CVE-2018-5390}
  • tcp: increment sk_drops for dropped rx packets (Eric Dumazet) [Orabug: 28639707] {CVE-2018-5390}

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

4.1.12-124.19.2.el6uek

kernel-uek-debug

4.1.12-124.19.2.el6uek

kernel-uek-debug-devel

4.1.12-124.19.2.el6uek

kernel-uek-devel

4.1.12-124.19.2.el6uek

kernel-uek-doc

4.1.12-124.19.2.el6uek

kernel-uek-firmware

4.1.12-124.19.2.el6uek

Oracle Linux 7

Oracle Linux x86_64

kernel-uek

4.1.12-124.19.2.el7uek

kernel-uek-debug

4.1.12-124.19.2.el7uek

kernel-uek-debug-devel

4.1.12-124.19.2.el7uek

kernel-uek-devel

4.1.12-124.19.2.el7uek

kernel-uek-doc

4.1.12-124.19.2.el7uek

kernel-uek-firmware

4.1.12-124.19.2.el7uek

Связанные CVE

CVE-2018-5390

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2018-5390

CVSS3: 7.5
ubuntu
почти 7 лет назад

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

redhat логотип

CVE-2018-5390

CVSS3: 7.5
redhat
почти 7 лет назад

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

nvd логотип

CVE-2018-5390

CVSS3: 7.5
nvd
почти 7 лет назад

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

debian логотип

CVE-2018-5390

CVSS3: 7.5
debian
почти 7 лет назад

Linux kernel versions 4.9+ can be forced to make very expensive calls ...

suse-cvrf логотип

SUSE-SU-2019:2230-1

suse-cvrf
почти 6 лет назад

Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP2)