Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2018-4250

Опубликовано: 12 окт. 2018
Источник: oracle-oval
Платформа: Oracle Linux 6

Описание

ELSA-2018-4250: Unbreakable Enterprise kernel security update (IMPORTANT)

[2.6.39-400.302.2]

  • Revert 'Fix up non-directory creation in SGID directories' (Brian Maly) [Orabug: 28781234]

[2.6.39-400.302.1]

  • Fix up non-directory creation in SGID directories (Linus Torvalds) [Orabug: 28459479] {CVE-2018-13405}
  • ALSA: seq: Make ioctls race-free (Takashi Iwai) [Orabug: 28459730] {CVE-2018-7566}
  • rds: CVE-2018-7492: Fix NULL pointer dereference in __rds_rdma_map (Hakon Bugge) [Orabug: 28539910] {CVE-2018-7492}
  • cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (Scott Bauer) [Orabug: 28664549] {CVE-2018-16658}
  • ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c (Seunghun Han) [Orabug: 28664580] {CVE-2017-13695}
  • exec: Limit arg stack to at most 75% of _STK_LIM (Kees Cook) [Orabug: 28710024] {CVE-2018-14634}

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

2.6.39-400.302.2.el6uek

kernel-uek-debug

2.6.39-400.302.2.el6uek

kernel-uek-debug-devel

2.6.39-400.302.2.el6uek

kernel-uek-devel

2.6.39-400.302.2.el6uek

kernel-uek-doc

2.6.39-400.302.2.el6uek

kernel-uek-firmware

2.6.39-400.302.2.el6uek

Oracle Linux i686

kernel-uek

2.6.39-400.302.2.el6uek

kernel-uek-debug

2.6.39-400.302.2.el6uek

kernel-uek-debug-devel

2.6.39-400.302.2.el6uek

kernel-uek-devel

2.6.39-400.302.2.el6uek

kernel-uek-doc

2.6.39-400.302.2.el6uek

kernel-uek-firmware

2.6.39-400.302.2.el6uek

Связанные CVE

CVE-2018-7492
CVE-2018-7566
CVE-2017-13695
CVE-2018-16658

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2018-4246

oracle-oval
больше 6 лет назад

ELSA-2018-4246: Unbreakable Enterprise kernel security update (IMPORTANT)

oracle-oval логотип

ELSA-2018-4245

oracle-oval
больше 6 лет назад

ELSA-2018-4245: Unbreakable Enterprise kernel security update (IMPORTANT)

oracle-oval логотип

ELSA-2018-4242

oracle-oval
больше 6 лет назад

ELSA-2018-4242: Unbreakable Enterprise kernel security update (IMPORTANT)

ubuntu логотип

CVE-2018-7492

CVSS3: 5.5
ubuntu
больше 7 лет назад

A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.

redhat логотип

CVE-2018-7492

CVSS3: 5.5
redhat
больше 7 лет назад

A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.