Описание
ELSA-2019-4644: Unbreakable Enterprise kernel security update (IMPORTANT)
kernel-uek [3.8.13-118.34.1]
- Input: wacom - move the USB (now hid) Wacom driver in drivers/hid (Benjamin Tissoires) [Orabug: 25512494] {CVE-2016-3139}
- net: qmi_wwan: fix divide by 0 on bad descriptors (Bjorn Mork) [Orabug: 27215229] {CVE-2017-16650}
- USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data (Hui Peng) [Orabug: 29605987] {CVE-2018-19985} {CVE-2018-19985}
- KEYS: encrypted: fix buffer overread in valid_master_desc() (Eric Biggers) [Orabug: 29605993] {CVE-2017-13305}
- ecryptfs: don't allow mmap when the lower fs doesn't support it (Jeff Mahoney) [Orabug: 29666607] {CVE-2016-1583} {CVE-2016-1583}
- Revert 'ecryptfs: forbid opening files without mmap handler' (Brian Maly) [Orabug: 29666607] {CVE-2016-1583}
- binfmt_elf: switch to new creds when switching to new mm (Linus Torvalds) [Orabug: 29677234] {CVE-2019-11190}
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
dtrace-modules-3.8.13-118.34.1.el6uek
0.4.5-3.el6
kernel-uek
3.8.13-118.34.1.el6uek
kernel-uek-debug
3.8.13-118.34.1.el6uek
kernel-uek-debug-devel
3.8.13-118.34.1.el6uek
kernel-uek-devel
3.8.13-118.34.1.el6uek
kernel-uek-doc
3.8.13-118.34.1.el6uek
kernel-uek-firmware
3.8.13-118.34.1.el6uek
Oracle Linux 7
Oracle Linux x86_64
dtrace-modules-3.8.13-118.34.1.el7uek
0.4.5-3.el7
kernel-uek
3.8.13-118.34.1.el7uek
kernel-uek-debug
3.8.13-118.34.1.el7uek
kernel-uek-debug-devel
3.8.13-118.34.1.el7uek
kernel-uek-devel
3.8.13-118.34.1.el7uek
kernel-uek-doc
3.8.13-118.34.1.el7uek
kernel-uek-firmware
3.8.13-118.34.1.el7uek
Ссылки на источники
Связанные уязвимости
The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.
The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Li ...
The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.