Описание
ELSA-2018-4246: Unbreakable Enterprise kernel security update (IMPORTANT)
[2.6.39-400.302.1]
- Fix up non-directory creation in SGID directories (Linus Torvalds) [Orabug: 28459479] {CVE-2018-13405}
- ALSA: seq: Make ioctls race-free (Takashi Iwai) [Orabug: 28459730] {CVE-2018-7566}
- rds: CVE-2018-7492: Fix NULL pointer dereference in __rds_rdma_map (Hakon Bugge) [Orabug: 28539910] {CVE-2018-7492}
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (Scott Bauer) [Orabug: 28664549] {CVE-2018-16658}
- ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c (Seunghun Han) [Orabug: 28664580] {CVE-2017-13695}
- exec: Limit arg stack to at most 75% of _STK_LIM (Kees Cook) [Orabug: 28710024] {CVE-2018-14634}
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.39-400.302.1.el5uek
kernel-uek-debug
2.6.39-400.302.1.el5uek
kernel-uek-debug-devel
2.6.39-400.302.1.el5uek
kernel-uek-devel
2.6.39-400.302.1.el5uek
kernel-uek-doc
2.6.39-400.302.1.el5uek
kernel-uek-firmware
2.6.39-400.302.1.el5uek
Oracle Linux i386
kernel-uek
2.6.39-400.302.1.el5uek
kernel-uek-debug
2.6.39-400.302.1.el5uek
kernel-uek-debug-devel
2.6.39-400.302.1.el5uek
kernel-uek-devel
2.6.39-400.302.1.el5uek
kernel-uek-doc
2.6.39-400.302.1.el5uek
kernel-uek-firmware
2.6.39-400.302.1.el5uek
Связанные уязвимости
ELSA-2018-4250: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2018-4245: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2018-4242: Unbreakable Enterprise kernel security update (IMPORTANT)
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.