Описание
ELSA-2018-4269: Unbreakable Enterprise kernel security update (IMPORTANT)
[2.6.39-400.303.1]
- scsi: libsas: fix memory leak in sas_smp_get_phy_events() (Jason Yan) [Orabug: 27927686] {CVE-2018-7757}
- Revert 'Fix up non-directory creation in SGID directories' (Brian Maly) [Orabug: 28781234]
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.39-400.303.1.el5uek
kernel-uek-debug
2.6.39-400.303.1.el5uek
kernel-uek-debug-devel
2.6.39-400.303.1.el5uek
kernel-uek-devel
2.6.39-400.303.1.el5uek
kernel-uek-doc
2.6.39-400.303.1.el5uek
kernel-uek-firmware
2.6.39-400.303.1.el5uek
Oracle Linux i386
kernel-uek
2.6.39-400.303.1.el5uek
kernel-uek-debug
2.6.39-400.303.1.el5uek
kernel-uek-debug-devel
2.6.39-400.303.1.el5uek
kernel-uek-devel
2.6.39-400.303.1.el5uek
kernel-uek-doc
2.6.39-400.303.1.el5uek
kernel-uek-firmware
2.6.39-400.303.1.el5uek
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.39-400.303.1.el6uek
kernel-uek-debug
2.6.39-400.303.1.el6uek
kernel-uek-debug-devel
2.6.39-400.303.1.el6uek
kernel-uek-devel
2.6.39-400.303.1.el6uek
kernel-uek-doc
2.6.39-400.303.1.el6uek
kernel-uek-firmware
2.6.39-400.303.1.el6uek
Oracle Linux i686
kernel-uek
2.6.39-400.303.1.el6uek
kernel-uek-debug
2.6.39-400.303.1.el6uek
kernel-uek-debug-devel
2.6.39-400.303.1.el6uek
kernel-uek-devel
2.6.39-400.303.1.el6uek
kernel-uek-doc
2.6.39-400.303.1.el6uek
kernel-uek-firmware
2.6.39-400.303.1.el6uek
Связанные CVE
Связанные уязвимости
Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.
Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.
Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.
Memory leak in the sas_smp_get_phy_events function in drivers/scsi/lib ...
Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.