Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2020-5710

Опубликовано: 05 июн. 2020
Источник: oracle-oval
Платформа: Oracle Linux 5
Платформа: Oracle Linux 6

Описание

ELSA-2020-5710: Unbreakable Enterprise kernel security update (IMPORTANT)

[2.6.39-400.323.1]

  • USB: adutux: fix use-after-free on disconnect (Johan Hovold) [Orabug: 31240297] {CVE-2019-19523}
  • USB: core: Fix races in character device registration and deregistraion (Alan Stern) [Orabug: 31317669] {CVE-2019-19537}
  • USB: iowarrior: fix use-after-free on disconnect (Johan Hovold) [Orabug: 31351064] {CVE-2019-19528}
  • usb: iowarrior: fix deadlock on disconnect (Oliver Neukum) [Orabug: 31351064] {CVE-2019-19528}

[2.6.39-400.322.1]

  • ipvs: reset ipvs pointer in netns (Julian Anastasov) [Orabug: 31027196]
  • ipvs: prefer NETDEV_DOWN event to free cached dsts (Julian Anastasov) [Orabug: 31027196]
  • HID: hiddev: do cleanup in failure of opening a device (Hillf Danton) [Orabug: 31206362] {CVE-2019-19527}
  • HID: hiddev: avoid opening a disconnected device (Hillf Danton) [Orabug: 31206362] {CVE-2019-19527}
  • HID: Fix assumption that devices have inputs (Alan Stern) [Orabug: 31208624] {CVE-2019-19532}

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

kernel-uek

2.6.39-400.323.1.el5uek

kernel-uek-debug

2.6.39-400.323.1.el5uek

kernel-uek-debug-devel

2.6.39-400.323.1.el5uek

kernel-uek-devel

2.6.39-400.323.1.el5uek

kernel-uek-doc

2.6.39-400.323.1.el5uek

kernel-uek-firmware

2.6.39-400.323.1.el5uek

Oracle Linux i386

kernel-uek

2.6.39-400.323.1.el5uek

kernel-uek-debug

2.6.39-400.323.1.el5uek

kernel-uek-debug-devel

2.6.39-400.323.1.el5uek

kernel-uek-devel

2.6.39-400.323.1.el5uek

kernel-uek-doc

2.6.39-400.323.1.el5uek

kernel-uek-firmware

2.6.39-400.323.1.el5uek

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

2.6.39-400.323.1.el6uek

kernel-uek-debug

2.6.39-400.323.1.el6uek

kernel-uek-debug-devel

2.6.39-400.323.1.el6uek

kernel-uek-devel

2.6.39-400.323.1.el6uek

kernel-uek-doc

2.6.39-400.323.1.el6uek

kernel-uek-firmware

2.6.39-400.323.1.el6uek

Oracle Linux i686

kernel-uek

2.6.39-400.323.1.el6uek

kernel-uek-debug

2.6.39-400.323.1.el6uek

kernel-uek-debug-devel

2.6.39-400.323.1.el6uek

kernel-uek-devel

2.6.39-400.323.1.el6uek

kernel-uek-doc

2.6.39-400.323.1.el6uek

kernel-uek-firmware

2.6.39-400.323.1.el6uek

Связанные CVE

CVE-2019-19523
CVE-2019-19528
CVE-2019-19537

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2020-5706

oracle-oval
около 5 лет назад

ELSA-2020-5706: Unbreakable Enterprise kernel security update (IMPORTANT)

suse-cvrf логотип

SUSE-SU-2019:3389-1

suse-cvrf
больше 5 лет назад

Security update for the Linux Kernel

ubuntu логотип

CVE-2019-19523

CVSS3: 4.6
ubuntu
больше 5 лет назад

In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.

redhat логотип

CVE-2019-19523

CVSS3: 7.8
redhat
больше 5 лет назад

In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.

nvd логотип

CVE-2019-19523

CVSS3: 4.6
nvd
больше 5 лет назад

In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.