Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2020-5802

Опубликовано: 06 авг. 2020
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELSA-2020-5802: Unbreakable Enterprise kernel security update (IMPORTANT)

kernel-uek [3.8.13-118.48.1]

  • crypto: user - fix memory leak in crypto_report (Navid Emamdoost) [Orabug: 31351641] {CVE-2019-19062}
  • media: rc: prevent memory leak in cx23888_ir_probe (Navid Emamdoost) [Orabug: 31351673] {CVE-2019-19054}

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

dtrace-modules-3.8.13-118.48.1.el6uek

0.4.5-3.el6

kernel-uek

3.8.13-118.48.1.el6uek

kernel-uek-debug

3.8.13-118.48.1.el6uek

kernel-uek-debug-devel

3.8.13-118.48.1.el6uek

kernel-uek-devel

3.8.13-118.48.1.el6uek

kernel-uek-doc

3.8.13-118.48.1.el6uek

kernel-uek-firmware

3.8.13-118.48.1.el6uek

Oracle Linux 7

Oracle Linux x86_64

dtrace-modules-3.8.13-118.48.1.el7uek

0.4.5-3.el7

kernel-uek

3.8.13-118.48.1.el7uek

kernel-uek-debug

3.8.13-118.48.1.el7uek

kernel-uek-debug-devel

3.8.13-118.48.1.el7uek

kernel-uek-devel

3.8.13-118.48.1.el7uek

kernel-uek-doc

3.8.13-118.48.1.el7uek

kernel-uek-firmware

3.8.13-118.48.1.el7uek

Связанные CVE

CVE-2019-19062
CVE-2019-19054

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2019-19054

CVSS3: 4.7
ubuntu
больше 5 лет назад

A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.

redhat логотип

CVE-2019-19054

CVSS3: 4.7
redhat
больше 5 лет назад

A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.

nvd логотип

CVE-2019-19054

CVSS3: 4.7
nvd
больше 5 лет назад

A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.

debian логотип

CVE-2019-19054

CVSS3: 4.7
debian
больше 5 лет назад

A memory leak in the cx23888_ir_probe() function in drivers/media/pci/ ...

ubuntu логотип

CVE-2019-19062

CVSS3: 4.7
ubuntu
больше 5 лет назад

A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042.