Описание
ELSA-2020-5878: Unbreakable Enterprise kernel security update (IMPORTANT)
[2.6.39-400.325.1]
- media: rc: prevent memory leak in cx23888_ir_probe (Navid Emamdoost) [Orabug: 31351676] {CVE-2019-19054}
- vgacon: Fix for missing check in scrollback handling (Yunhai Zhang) [Orabug: 31705125] {CVE-2020-14331} {CVE-2020-14331}
- rename kABI whitelists to lockedlists (Dan Duval) [Orabug: 31783153]
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.39-400.325.1.el5uek
kernel-uek-debug
2.6.39-400.325.1.el5uek
kernel-uek-debug-devel
2.6.39-400.325.1.el5uek
kernel-uek-devel
2.6.39-400.325.1.el5uek
kernel-uek-doc
2.6.39-400.325.1.el5uek
kernel-uek-firmware
2.6.39-400.325.1.el5uek
Oracle Linux i386
kernel-uek
2.6.39-400.325.1.el5uek
kernel-uek-debug
2.6.39-400.325.1.el5uek
kernel-uek-debug-devel
2.6.39-400.325.1.el5uek
kernel-uek-devel
2.6.39-400.325.1.el5uek
kernel-uek-doc
2.6.39-400.325.1.el5uek
kernel-uek-firmware
2.6.39-400.325.1.el5uek
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.39-400.325.1.el6uek
kernel-uek-debug
2.6.39-400.325.1.el6uek
kernel-uek-debug-devel
2.6.39-400.325.1.el6uek
kernel-uek-devel
2.6.39-400.325.1.el6uek
kernel-uek-doc
2.6.39-400.325.1.el6uek
kernel-uek-firmware
2.6.39-400.325.1.el6uek
Oracle Linux i686
kernel-uek
2.6.39-400.325.1.el6uek
kernel-uek-debug
2.6.39-400.325.1.el6uek
kernel-uek-debug-devel
2.6.39-400.325.1.el6uek
kernel-uek-devel
2.6.39-400.325.1.el6uek
kernel-uek-doc
2.6.39-400.325.1.el6uek
kernel-uek-firmware
2.6.39-400.325.1.el6uek
Связанные CVE
Связанные уязвимости
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/ ...
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.