Описание
ELSA-2019-4872: Unbreakable Enterprise kernel security update (IMPORTANT)
[2.6.39-400.317.1]
- ieee802154: enforce CAP_NET_RAW for raw sockets (Allen Pais) [Orabug: 30444948] {CVE-2019-17053}
- mISDN: enforce CAP_NET_RAW for raw sockets (Ori Nimron) [Orabug: 30445161] {CVE-2019-17055}
- net: sit: fix memory leak in sit_init_net() (Mao Wenan) [Orabug: 30445309] {CVE-2019-16994}
- media: dvb: usb: fix use after free in dvb_usb_device_exit (Oliver Neukum) [Orabug: 30490493] {CVE-2019-15213}
- media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap (Vandana BN) [Orabug: 30532776] {CVE-2019-15217}
- USB: sisusbvga: fix oops in error path of sisusb_probe (Oliver Neukum) [Orabug: 30548567] {CVE-2019-15219}
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.39-400.317.1.el5uek
kernel-uek-debug
2.6.39-400.317.1.el5uek
kernel-uek-debug-devel
2.6.39-400.317.1.el5uek
kernel-uek-devel
2.6.39-400.317.1.el5uek
kernel-uek-doc
2.6.39-400.317.1.el5uek
kernel-uek-firmware
2.6.39-400.317.1.el5uek
Oracle Linux i386
kernel-uek
2.6.39-400.317.1.el5uek
kernel-uek-debug
2.6.39-400.317.1.el5uek
kernel-uek-debug-devel
2.6.39-400.317.1.el5uek
kernel-uek-devel
2.6.39-400.317.1.el5uek
kernel-uek-doc
2.6.39-400.317.1.el5uek
kernel-uek-firmware
2.6.39-400.317.1.el5uek
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.39-400.317.1.el6uek
kernel-uek-debug
2.6.39-400.317.1.el6uek
kernel-uek-debug-devel
2.6.39-400.317.1.el6uek
kernel-uek-devel
2.6.39-400.317.1.el6uek
kernel-uek-doc
2.6.39-400.317.1.el6uek
kernel-uek-firmware
2.6.39-400.317.1.el6uek
Oracle Linux i686
kernel-uek
2.6.39-400.317.1.el6uek
kernel-uek-debug
2.6.39-400.317.1.el6uek
kernel-uek-debug-devel
2.6.39-400.317.1.el6uek
kernel-uek-devel
2.6.39-400.317.1.el6uek
kernel-uek-doc
2.6.39-400.317.1.el6uek
kernel-uek-firmware
2.6.39-400.317.1.el6uek
Ссылки на источники
Связанные уязвимости
ELSA-2019-4871: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2019-4850: Unbreakable Enterprise kernel security update (IMPORTANT)
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.
ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7.