Описание
ELSA-2022-9781: kernel security update (IMPORTANT)
[2.6.32-754.35.1.0.6.OL6] [[:digit]o_epoll_ctl(): clean the failure exits up a bit (Marc Zyngier) {CVE-2020-0466} [Orabug: 34086960]
- epoll: Keep a reference on files added to the check list (Al Viro) {CVE-2020-0466} [Orabug: 34086960]
- fix regression in 'epoll: Keep a reference on files added to the check list (Al Viro) {CVE-2021-1048} [Orabug: 34086960]
- net: split out functions related to registering inflight socket files (Jens Axboe) [Orabug: 34086960]
- af_unix: fix garbage collect vs MSG_PEEK (Miklos Szeredi) {CVE-2021-0920} [Orabug: 34086960]
- xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate (Darrick J. Wong) {CVE-2021-4155} [Orabug: 34086960]
- cgroup-v1: Require capabilities to set release_agent (Waiman Long) {CVE-2022-0492} [Orabug: 34086960]
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
kernel
2.6.32-754.35.1.0.6.el6
kernel-abi-whitelists
2.6.32-754.35.1.0.6.el6
kernel-debug
2.6.32-754.35.1.0.6.el6
kernel-debug-devel
2.6.32-754.35.1.0.6.el6
kernel-devel
2.6.32-754.35.1.0.6.el6
kernel-doc
2.6.32-754.35.1.0.6.el6
kernel-firmware
2.6.32-754.35.1.0.6.el6
kernel-headers
2.6.32-754.35.1.0.6.el6
perf
2.6.32-754.35.1.0.6.el6
python-perf
2.6.32-754.35.1.0.6.el6
Oracle Linux i686
kernel
2.6.32-754.35.1.0.6.el6
kernel-abi-whitelists
2.6.32-754.35.1.0.6.el6
kernel-debug
2.6.32-754.35.1.0.6.el6
kernel-debug-devel
2.6.32-754.35.1.0.6.el6
kernel-devel
2.6.32-754.35.1.0.6.el6
kernel-doc
2.6.32-754.35.1.0.6.el6
kernel-firmware
2.6.32-754.35.1.0.6.el6
kernel-headers
2.6.32-754.35.1.0.6.el6
perf
2.6.32-754.35.1.0.6.el6
python-perf
2.6.32-754.35.1.0.6.el6
Связанные CVE
Связанные уязвимости
ELSA-2022-0620: kernel security and bug fix update (IMPORTANT)
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
