Описание
ELSA-2019-2827: kernel security update (IMPORTANT)
- [4.18.0-80.11.2_0.OL8]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
[4.18.0-80.11.2_0]
- [vhost] vhost: make sure log_num < in_num (Eugenio Perez) [1750881 1750882] {CVE-2019-14835}
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
kernel-tools-libs-devel
4.18.0-80.11.2.el8_0
Oracle Linux x86_64
bpftool
4.18.0-80.11.2.el8_0
kernel
4.18.0-80.11.2.el8_0
kernel-abi-whitelists
4.18.0-80.11.2.el8_0
kernel-core
4.18.0-80.11.2.el8_0
kernel-cross-headers
4.18.0-80.11.2.el8_0
kernel-debug
4.18.0-80.11.2.el8_0
kernel-debug-core
4.18.0-80.11.2.el8_0
kernel-debug-devel
4.18.0-80.11.2.el8_0
kernel-debug-modules
4.18.0-80.11.2.el8_0
kernel-debug-modules-extra
4.18.0-80.11.2.el8_0
kernel-devel
4.18.0-80.11.2.el8_0
kernel-doc
4.18.0-80.11.2.el8_0
kernel-headers
4.18.0-80.11.2.el8_0
kernel-modules
4.18.0-80.11.2.el8_0
kernel-modules-extra
4.18.0-80.11.2.el8_0
kernel-tools
4.18.0-80.11.2.el8_0
kernel-tools-libs
4.18.0-80.11.2.el8_0
kernel-tools-libs-devel
4.18.0-80.11.2.el8_0
perf
4.18.0-80.11.2.el8_0
python3-perf
4.18.0-80.11.2.el8_0
Связанные CVE
Связанные уязвимости
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in ...
Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2)