Описание
ELSA-2020-5983: Unbreakable Enterprise kernel security update (IMPORTANT)
[2.6.39-400.328.1]
- crypto: authenc - fix parsing key with misaligned rta_len (Eric Biggers) [Orabug: 31535531] {CVE-2020-10769}
- crypto: authenc - Export key parsing helper function (Mathias Krause) [Orabug: 31535531] {CVE-2020-10769}
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.39-400.328.1.el6uek
kernel-uek-debug
2.6.39-400.328.1.el6uek
kernel-uek-debug-devel
2.6.39-400.328.1.el6uek
kernel-uek-devel
2.6.39-400.328.1.el6uek
kernel-uek-doc
2.6.39-400.328.1.el6uek
kernel-uek-firmware
2.6.39-400.328.1.el6uek
Oracle Linux i686
kernel-uek
2.6.39-400.328.1.el6uek
kernel-uek-debug
2.6.39-400.328.1.el6uek
kernel-uek-debug-devel
2.6.39-400.328.1.el6uek
kernel-uek-devel
2.6.39-400.328.1.el6uek
kernel-uek-doc
2.6.39-400.328.1.el6uek
kernel-uek-firmware
2.6.39-400.328.1.el6uek
Связанные CVE
Связанные уязвимости
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of service.
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of service.
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of service.
A buffer over-read flaw was found in RH kernel versions before 5.0 in ...
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of service.