Описание
ELSA-2019-4316: Unbreakable Enterprise kernel security update (IMPORTANT)
kernel-uek [3.8.13-118.29.1]
- Copy secure_boot flag in boot params across kexec reboot (Dave Young) [Orabug: 22066352] {CVE-2015-7837}
- ipv6: tcp: add rcu locking in tcp_v6_send_synack() (Eric Dumazet) [Orabug: 25059183] {CVE-2016-3841}
- ipv6: add complete rcu protection around np->opt (Eric Dumazet) [Orabug: 25059183] {CVE-2016-3841}
- scsi: qla2xxx: Fix an integer overflow in sysfs code (Dan Carpenter) [Orabug: 28220420] {CVE-2017-14051}
- ext4: fail ext4_iget for root directory if unallocated (Theodore Ts'o) [Orabug: 28220433] {CVE-2018-1092} {CVE-2018-1092}
- certs: Add Oracle's new X509 cert into the kernel keyring (Eric Snowberg) [Orabug: 28926205]
- ALSA: seq: Fix regression by incorrect ioctl_mutex usages (Takashi Iwai) [Orabug: 29005190] {CVE-2018-1000004}
- netfilter: xt_osf: Add missing permission checks (Kevin Cernekee) [Orabug: 29037832] {CVE-2017-17450}
- wil6210: missing length check in wmi_set_ie (Lior David) [Orabug: 29060697] {CVE-2018-5848}
- HID: debug: check length before copy_to_user() (Daniel Rosenberg) [Orabug: 29128167] {CVE-2018-9516}
- x86/MCE: Serialize sysfs changes (Seunghun Han) [Orabug: 29152249] {CVE-2018-7995}
- Input: i8042 - fix crash at boot time (Chen Hong) [Orabug: 29152329] {CVE-2017-18079}
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
dtrace-modules-3.8.13-118.29.1.el6uek
0.4.5-3.el6
kernel-uek
3.8.13-118.29.1.el6uek
kernel-uek-debug
3.8.13-118.29.1.el6uek
kernel-uek-debug-devel
3.8.13-118.29.1.el6uek
kernel-uek-devel
3.8.13-118.29.1.el6uek
kernel-uek-doc
3.8.13-118.29.1.el6uek
kernel-uek-firmware
3.8.13-118.29.1.el6uek
Oracle Linux 7
Oracle Linux x86_64
dtrace-modules-3.8.13-118.29.1.el7uek
0.4.5-3.el7
kernel-uek
3.8.13-118.29.1.el7uek
kernel-uek-debug
3.8.13-118.29.1.el7uek
kernel-uek-debug-devel
3.8.13-118.29.1.el7uek
kernel-uek-devel
3.8.13-118.29.1.el7uek
kernel-uek-doc
3.8.13-118.29.1.el7uek
kernel-uek-firmware
3.8.13-118.29.1.el7uek
Связанные CVE
Ссылки на источники
Связанные уязвимости
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot.
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot.
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot restrictions by leveraging improper handling of secure_boot flag across kexec reboot.
The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, an ...
ELSA-2018-4300: Unbreakable Enterprise kernel security update (IMPORTANT)