[ELSA-2013-2534] Unbreakable Enterprise kernel Security update
[2.6.32-400.29.1]
- KVM: add missing void __user COPYING CREDITS Documentation Kbuild MAINTAINERS Makefile README REPORTING-BUGS arch block crypto drivers firmware fs include init ipc kernel lib mm net samples scripts security sound tools uek-rpm usr virt cast to access_ok() call (Heiko Carstens) [Orabug: 16941620] {CVE-2013-1943}
- KVM: Validate userspace_addr of memslot when registered (Takuya Yoshikawa) [Orabug: 16941620] {CVE-2013-1943}
[2.6.32-400.28.1]
- do_add_mount()/umount -l races (Jerry Snitselaar) [Orabug: 16311974]
- tg3: fix length overflow in VPD firmware parsing (Kees Cook) [Orabug: 16837019] {CVE-2013-1929}
- USB: cdc-wdm: fix buffer overflow (Oliver Neukum) [Orabug: 16837003] {CVE-2013-1860}
- bonding: emit event when bonding changes MAC (Weiping Pan) [Orabug: 16579025]
- sched: Fix ancient race in do_exit() (Joe Jin)
- open debug in page_move_anon_rmap by default. (Xiaowei.Hu) [Orabug: 14046035]
- block: default SCSI command filter does not accomodate commands overlap across device classes (Jamie Iles) [Orabug: 16387136] {CVE-2012-4542}
- vma_adjust: fix the copying of anon_vma chains (Linus Torvalds) [Orabug: 14046035]
- xen-netfront: delay gARP until backend switches to Connected (Laszlo Ersek) [Orabug: 16182568]
- svcrpc: don't hold sv_lock over svc_xprt_put() (J. Bruce Fields) [Orabug: 16032824]
- mm/hotplug: correctly add new zone to all other nodes' zone lists (Jiang Liu) [Orabug: 16603569] {CVE-2012-5517}
- ptrace: ptrace_resume() shouldn't wake up !TASK_TRACED thread (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}
- ptrace: ensure arch_ptrace/ptrace_request can never race with SIGKILL (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}
- ptrace: introduce signal_wake_up_state() and ptrace_signal_wake_up() (Oleg Nesterov) [Orabug: 16405868] {CVE-2013-0871}
- Bluetooth: Fix incorrect strncpy() in hidp_setup_hid() (Anderson Lizardo) [Orabug: 16711062] {CVE-2013-0349}
- dccp: check ccid before dereferencing (Mathias Krause) [Orabug: 16711040] {CVE-2013-1827}
- USB: io_ti: Fix NULL dereference in chase_port() (Wolfgang Frisch) [Orabug: 16425435] {CVE-2013-1774}
- keys: fix race with concurrent install_user_keyrings() (David Howells) [Orabug: 16493369] {CVE-2013-1792}
- KVM: Fix bounds checking in ioapic indirect register reads (CVE-2013-1798) (Andy Honig) [Orabug: 16710937] {CVE-2013-1798}
- KVM: x86: fix for buffer overflow in handling of MSR_KVM_SYSTEM_TIME (CVE-2013-1796) (Jerry Snitselaar) [Orabug: 16710794] {CVE-2013-1796}
[2.6.32-400.27.1]
- net/tun: fix ioctl() based info leaks (Mathias Krause) [Orabug: 16675501] {CVE-2012-6547}
- atm: fix info leak via getsockname() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6546}
- atm: fix info leak in getsockopt(SO_ATMPVC) (Mathias Krause) [Orabug: 16675501] {CVE-2012-6546}
- xfrm_user: fix info leak in copy_to_user_tmpl() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6537}
- xfrm_user: fix info leak in copy_to_user_policy() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6537}
- xfrm_user: fix info leak in copy_to_user_state() (Mathias Krause) [Orabug: 16675501] {CVE-2013-6537}
- xfrm_user: return error pointer instead of NULL #2 (Mathias Krause) [Orabug: 16675501] {CVE-2013-1826}
- xfrm_user: return error pointer instead of NULL (Mathias Krause) [Orabug: 16675501] {CVE-2013-1826}
- llc: fix info leak via getsockname() (Mathias Krause) [Orabug: 16675501] {CVE-2012-6542}
- x86/mm: Check if PUD is large when validating a kernel address (Mel Gorman) [Orabug: 14251997]
- ID
- ELSA-2013-2534
- Severity
- moderate
- URL
- https://linux.oracle.com/errata/ELSA-2013-2534.html
- Published
-
2013-06-11T00:00:00
(11 years ago) - Modified
-
2013-06-11T00:00:00
(11 years ago) - Rights
- Copyright 2013 Oracle, Inc.
- Other Advisories
-
- ALAS-2013-200
- DSA-2669-1
- ELSA-2013-0496
- ELSA-2013-0747
- ELSA-2013-0911
- ELSA-2013-1034
- ELSA-2013-1645
- ELSA-2013-2523
- ELSA-2013-2525
- ELSA-2014-0328
- FEDORA-2013-10695
- FEDORA-2013-12530
- FEDORA-2013-12990
- FEDORA-2013-13536
- FEDORA-2013-15151
- FEDORA-2013-16336
- FEDORA-2013-17010
- FEDORA-2013-17942
- FEDORA-2013-18364
- FEDORA-2013-18822
- FEDORA-2013-20748
- FEDORA-2013-21822
- FEDORA-2013-22695
- FEDORA-2013-3909
- FEDORA-2013-4012
- FEDORA-2013-4240
- FEDORA-2013-4357
- FEDORA-2013-5368
- FEDORA-2013-6041
- FEDORA-2013-6537
- FEDORA-2013-6999
- FEDORA-2013-9123
- RHSA-2013:0496
- RHSA-2013:0911
- RHSA-2013:1645
- RHSA-2014:0328
- SUSE-SU-2015:0481-1
- SUSE-SU-2015:0581-1
- SUSE-SU-2015:0652-1
- SUSE-SU-2015:0736-1
- SUSE-SU-2015:1174-1
- SUSE-SU-2015:1376-1
- USN-1599-1
- USN-1610-1
- USN-1648-1
- USN-1649-1
- USN-1652-1
- USN-1805-1
- USN-1808-1
- USN-1809-1
- USN-1811-1
- USN-1812-1
- USN-1813-1
- USN-1814-1
- USN-1824-1
- USN-1829-1
- USN-1833-1
- USN-1834-1
- USN-1835-1
- USN-1836-1
- USN-1838-1
- USN-1839-1
- USN-1939-1
- USN-1940-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2013-2534 | http://linux.oracle.com/errata/ELSA-2013-2534.html | |
CVE | CVE-2012-4542 | http://linux.oracle.com/cve/CVE-2012-4542 | |
CVE | CVE-2012-6542 | http://linux.oracle.com/cve/CVE-2012-6542 | |
CVE | CVE-2013-1943 | http://linux.oracle.com/cve/CVE-2013-1943 | |
CVE | CVE-2013-1929 | http://linux.oracle.com/cve/CVE-2013-1929 | |
CVE | CVE-2013-1860 | http://linux.oracle.com/cve/CVE-2013-1860 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/ofa-2.6.32-400.29.1.el6uekdebug | oraclelinux | ofa-2.6.32-400.29.1.el6uekdebug | < 1.5.1-4.0.58 | |||
Affected | pkg:rpm/oraclelinux/ofa-2.6.32-400.29.1.el6uek | oraclelinux | ofa-2.6.32-400.29.1.el6uek | < 1.5.1-4.0.58 | |||
Affected | pkg:rpm/oraclelinux/ofa-2.6.32-400.29.1.el5uekdebug | oraclelinux | ofa-2.6.32-400.29.1.el5uekdebug | < 1.5.1-4.0.58 | |||
Affected | pkg:rpm/oraclelinux/ofa-2.6.32-400.29.1.el5uek | oraclelinux | ofa-2.6.32-400.29.1.el5uek | < 1.5.1-4.0.58 | |||
Affected | pkg:rpm/oraclelinux/mlnx_en-2.6.32-400.29.1.el6uekdebug | oraclelinux | mlnx_en-2.6.32-400.29.1.el6uekdebug | < 1.5.7-0.1 | |||
Affected | pkg:rpm/oraclelinux/mlnx_en-2.6.32-400.29.1.el6uek | oraclelinux | mlnx_en-2.6.32-400.29.1.el6uek | < 1.5.7-0.1 | |||
Affected | pkg:rpm/oraclelinux/mlnx_en-2.6.32-400.29.1.el5uekdebug | oraclelinux | mlnx_en-2.6.32-400.29.1.el5uekdebug | < 1.5.7-2 | |||
Affected | pkg:rpm/oraclelinux/mlnx_en-2.6.32-400.29.1.el5uek | oraclelinux | mlnx_en-2.6.32-400.29.1.el5uek | < 1.5.7-2 | |||
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux | kernel-uek | < 2.6.32-400.29.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-5 | oraclelinux | kernel-uek | < 2.6.32-400.29.1.el5uek | oraclelinux-5 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-headers?distro=oraclelinux-6 | oraclelinux | kernel-uek-headers | < 2.6.32-400.29.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-headers?distro=oraclelinux-5 | oraclelinux | kernel-uek-headers | < 2.6.32-400.29.1.el5uek | oraclelinux-5 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux | kernel-uek-firmware | < 2.6.32-400.29.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-5 | oraclelinux | kernel-uek-firmware | < 2.6.32-400.29.1.el5uek | oraclelinux-5 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux | kernel-uek-doc | < 2.6.32-400.29.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-5 | oraclelinux | kernel-uek-doc | < 2.6.32-400.29.1.el5uek | oraclelinux-5 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-devel | < 2.6.32-400.29.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-5 | oraclelinux | kernel-uek-devel | < 2.6.32-400.29.1.el5uek | oraclelinux-5 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug | < 2.6.32-400.29.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-5 | oraclelinux | kernel-uek-debug | < 2.6.32-400.29.1.el5uek | oraclelinux-5 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug-devel | < 2.6.32-400.29.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-5 | oraclelinux | kernel-uek-debug-devel | < 2.6.32-400.29.1.el5uek | oraclelinux-5 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |