Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2020-5956

Опубликовано: 02 дек. 2020
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELSA-2020-5956: Unbreakable Enterprise kernel security update (IMPORTANT)

kernel-uek [3.8.13-118.51.2]

  • Revert 'kexec: Validate pe files against the system_lacklist_keyring' (John Donnelly) [Orabug: 32171714] {CVE-2020-26541} {CVE-2020-26541}

[3.8.13-118.51.1]

  • usb: cdc-acm: make sure a refcount is taken early enough (Oliver Neukum) [Orabug: 31351090] {CVE-2019-19530}
  • kexec: Validate pe files against the system_lacklist_keyring (Eric Snowberg) [Orabug: 31961121] {CVE-2020-26541}
  • uek-rpm: Update secure boot UEK signing certificates (Brian Maly) [Orabug: 31974695]

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

dtrace-modules-3.8.13-118.51.2.el6uek

0.4.5-3.el6

kernel-uek

3.8.13-118.51.2.el6uek

kernel-uek-debug

3.8.13-118.51.2.el6uek

kernel-uek-debug-devel

3.8.13-118.51.2.el6uek

kernel-uek-devel

3.8.13-118.51.2.el6uek

kernel-uek-doc

3.8.13-118.51.2.el6uek

kernel-uek-firmware

3.8.13-118.51.2.el6uek

Oracle Linux 7

Oracle Linux x86_64

dtrace-modules-3.8.13-118.51.2.el7uek

0.4.5-3.el7

kernel-uek

3.8.13-118.51.2.el7uek

kernel-uek-debug

3.8.13-118.51.2.el7uek

kernel-uek-debug-devel

3.8.13-118.51.2.el7uek

kernel-uek-devel

3.8.13-118.51.2.el7uek

kernel-uek-doc

3.8.13-118.51.2.el7uek

kernel-uek-firmware

3.8.13-118.51.2.el7uek

Связанные CVE

CVE-2019-19530

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2019-19530

CVSS3: 4.6
ubuntu
больше 5 лет назад

In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef.

redhat логотип

CVE-2019-19530

CVSS3: 5.7
redhat
почти 6 лет назад

In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef.

nvd логотип

CVE-2019-19530

CVSS3: 4.6
nvd
больше 5 лет назад

In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef.

debian логотип

CVE-2019-19530

CVSS3: 4.6
debian
больше 5 лет назад

In the Linux kernel before 5.2.10, there is a use-after-free bug that ...

github логотип

GHSA-php2-hmpj-qvcw

CVSS3: 4.6
github
около 3 лет назад

In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef.