Описание
ELSA-2019-2736: kernel security and bug fix update (IMPORTANT)
[2.6.32-754.21.1.OL6]
- Update genkey [bug 25599697]
[2.6.32-754.21.1]
- [scsi] scsi: megaraid_sas: return error when create DMA pool failed (Tomas Henzl) [1712858] {CVE-2019-11810}
- [net] net: Set sk_prot_creator when copying sockets to the right proto (Andrea Claudi) [1657117] {CVE-2018-9568}
[2.6.32-754.20.1]
- [x86] x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations (Waiman Long) [1724512] {CVE-2019-1125}
- [x86] x86/speculation: Enable Spectre v1 swapgs mitigations (Waiman Long) [1724512] {CVE-2019-1125}
[2.6.32-754.19.1]
- [net] tcp: be more careful in tcp_fragment() (Marcelo Leitner) [1732107]
- [net] tcp: refine memory limit test in tcp_fragment() (Florian Westphal) [1728931]
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
kernel
2.6.32-754.22.1.el6
kernel-abi-whitelists
2.6.32-754.22.1.el6
kernel-debug
2.6.32-754.22.1.el6
kernel-debug-devel
2.6.32-754.22.1.el6
kernel-devel
2.6.32-754.22.1.el6
kernel-doc
2.6.32-754.22.1.el6
kernel-firmware
2.6.32-754.22.1.el6
kernel-headers
2.6.32-754.22.1.el6
perf
2.6.32-754.22.1.el6
python-perf
2.6.32-754.22.1.el6
Oracle Linux i686
kernel
2.6.32-754.22.1.el6
kernel-abi-whitelists
2.6.32-754.22.1.el6
kernel-debug
2.6.32-754.22.1.el6
kernel-debug-devel
2.6.32-754.22.1.el6
kernel-devel
2.6.32-754.22.1.el6
kernel-doc
2.6.32-754.22.1.el6
kernel-firmware
2.6.32-754.22.1.el6
kernel-headers
2.6.32-754.22.1.el6
perf
2.6.32-754.22.1.el6
python-perf
2.6.32-754.22.1.el6
Связанные CVE
Связанные уязвимости
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.
An issue was discovered in the Linux kernel before 5.0.7. A NULL point ...
In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel.