Описание
ELSA-2019-4706: Unbreakable Enterprise kernel security update (IMPORTANT)
kernel-uek [3.8.13-118.36.1]
- tun: call dev_get_valid_name() before register_netdevice() (Cong Wang) [Orabug: 29925557] {CVE-2018-7191}
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
dtrace-modules-3.8.13-118.36.1.el7uek
0.4.5-3.el7
kernel-uek
3.8.13-118.36.1.el7uek
kernel-uek-debug
3.8.13-118.36.1.el7uek
kernel-uek-debug-devel
3.8.13-118.36.1.el7uek
kernel-uek-devel
3.8.13-118.36.1.el7uek
kernel-uek-doc
3.8.13-118.36.1.el7uek
kernel-uek-firmware
3.8.13-118.36.1.el7uek
Связанные CVE
Связанные уязвимости
In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.
In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.
In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.
In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid ...
In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.