Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2020-5792

Опубликовано: 29 июл. 2020
Источник: oracle-oval
Платформа: Oracle Linux 7
Платформа: Oracle Linux 8

Описание

ELSA-2020-5792: Unbreakable Enterprise kernel security update (IMPORTANT)

[5.4.17-2011.4.6.el8uek]

  • Revert 'uek-rpm: Move grub boot menu update to posttrans stage.' (Somasundaram Krishnasamy) [Orabug: 31358097]

[5.4.17-2011.4.5.el8uek]

  • IB/sa: Resolv use-after-free in ib_nl_make_request() (Divya Indi) [Orabug: 31631527]
  • certs: Remove Oracle cert compiled into the kernel (Eric Snowberg) [Orabug: 31555595]
  • acpi: disallow loading configfs acpi tables when locked down (Jason A. Donenfeld) [Orabug: 31642981]

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

kernel-uek

5.4.17-2011.4.6.el7uek

kernel-uek-debug

5.4.17-2011.4.6.el7uek

kernel-uek-debug-devel

5.4.17-2011.4.6.el7uek

kernel-uek-devel

5.4.17-2011.4.6.el7uek

kernel-uek-doc

5.4.17-2011.4.6.el7uek

kernel-uek-tools

5.4.17-2011.4.6.el7uek

kernel-uek-tools-libs

5.4.17-2011.4.6.el7uek

perf

5.4.17-2011.4.6.el7uek

python-perf

5.4.17-2011.4.6.el7uek

Oracle Linux x86_64

kernel-uek

5.4.17-2011.4.6.el7uek

kernel-uek-debug

5.4.17-2011.4.6.el7uek

kernel-uek-debug-devel

5.4.17-2011.4.6.el7uek

kernel-uek-devel

5.4.17-2011.4.6.el7uek

kernel-uek-doc

5.4.17-2011.4.6.el7uek

kernel-uek-tools

5.4.17-2011.4.6.el7uek

Oracle Linux 8

Oracle Linux aarch64

kernel-uek

5.4.17-2011.4.6.el8uek

kernel-uek-debug

5.4.17-2011.4.6.el8uek

kernel-uek-debug-devel

5.4.17-2011.4.6.el8uek

kernel-uek-devel

5.4.17-2011.4.6.el8uek

kernel-uek-doc

5.4.17-2011.4.6.el8uek

Oracle Linux x86_64

kernel-uek

5.4.17-2011.4.6.el8uek

kernel-uek-debug

5.4.17-2011.4.6.el8uek

kernel-uek-debug-devel

5.4.17-2011.4.6.el8uek

kernel-uek-devel

5.4.17-2011.4.6.el8uek

kernel-uek-doc

5.4.17-2011.4.6.el8uek

Связанные CVE

CVE-2020-15780

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2020-15780

CVSS3: 6.7
ubuntu
около 5 лет назад

An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.

redhat логотип

CVE-2020-15780

CVSS3: 6.4
redhat
больше 5 лет назад

An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.

nvd логотип

CVE-2020-15780

CVSS3: 6.7
nvd
около 5 лет назад

An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.

msrc логотип

CVE-2020-15780

CVSS3: 6.7
msrc
около 5 лет назад

Описание отсутствует

debian логотип

CVE-2020-15780

CVSS3: 6.7
debian
около 5 лет назад

An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux k ...