Описание
ELSA-2020-5968: Unbreakable Enterprise kernel security update (IMPORTANT)
kernel-uek [3.8.13-118.52.1]
- crypto: authenc - fix parsing key with misaligned rta_len (Eric Biggers) [Orabug: 31535530] {CVE-2020-10769}
- crypto: authenc - Export key parsing helper function (Mathias Krause) [Orabug: 31535530] {CVE-2020-10769}
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
dtrace-modules-3.8.13-118.52.1.el6uek
0.4.5-3.el6
kernel-uek
3.8.13-118.52.1.el6uek
kernel-uek-debug
3.8.13-118.52.1.el6uek
kernel-uek-debug-devel
3.8.13-118.52.1.el6uek
kernel-uek-devel
3.8.13-118.52.1.el6uek
kernel-uek-doc
3.8.13-118.52.1.el6uek
kernel-uek-firmware
3.8.13-118.52.1.el6uek
Oracle Linux 7
Oracle Linux x86_64
dtrace-modules-3.8.13-118.52.1.el7uek
0.4.5-3.el7
kernel-uek
3.8.13-118.52.1.el7uek
kernel-uek-debug
3.8.13-118.52.1.el7uek
kernel-uek-debug-devel
3.8.13-118.52.1.el7uek
kernel-uek-devel
3.8.13-118.52.1.el7uek
kernel-uek-doc
3.8.13-118.52.1.el7uek
kernel-uek-firmware
3.8.13-118.52.1.el7uek
Связанные CVE
Связанные уязвимости
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of service.
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of service.
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of service.
A buffer over-read flaw was found in RH kernel versions before 5.0 in ...
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of service.