[ELSA-2017-3514] Unbreakable Enterprise kernel security update
Severity
Important
Affected Packages
14
CVEs
7
kernel-uek
[4.1.12-61.1.27]
- vfio/pci: Fix integer overflows, bitmask check (Vlad Tsyrklevich) [Orabug: 25164094] {CVE-2016-9083} {CVE-2016-9084}
- Don't feed anything but regular iovec's to blk_rq_map_user_iov (Linus Torvalds) [Orabug: 25231931] {CVE-2016-9576}
- kvm: x86: Check memopp before dereference (CVE-2016-8630) (Owen Hofmann) [Orabug: 25417387] {CVE-2016-8630}
- crypto: algif_hash - Only export and import on sockets with data (Herbert Xu) [Orabug: 25417799] {CVE-2016-8646}
- USB: usbfs: fix potential infoleak in devio (Kangjie Lu) [Orabug: 25462755] {CVE-2016-4482}
- net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462799] {CVE-2016-4485}
[4.1.12-61.1.26]
- xen-netback: fix extra_info handling in xenvif_tx_err() (Paul Durrant) [Orabug: 25445336]
- net: Documentation: Fix default value tcp_limit_output_bytes (Niklas Cassel) [Orabug: 25458076]
- tcp: double default TSQ output bytes limit (Wei Liu) [Orabug: 25458076]
- xenbus: fix deadlock on writes to /proc/xen/xenbus (David Vrabel) [Orabug: 25430143]
- ID
- ELSA-2017-3514
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2017-3514.html
- Published
-
2017-02-06T00:00:00
(7 years ago) - Modified
-
2017-02-06T00:00:00
(7 years ago) - Rights
- Copyright 2017 Oracle, Inc.
- Other Advisories
-
-
ALAS-2016-703
-
ALAS-2016-772
-
ALAS-2017-782
-
DSA-3607-1
-
ELSA-2017-0386
-
ELSA-2017-0817
-
ELSA-2017-1308
-
ELSA-2017-1842
-
ELSA-2017-3515
-
ELSA-2017-3516
-
FEDORA-2016-06f1572324
-
FEDORA-2016-107f03cc00
-
FEDORA-2016-14c4187e3a
-
FEDORA-2016-4ce97823af
-
FEDORA-2016-5aff4a6bbc
-
FEDORA-2016-5cb5b4082d
-
FEDORA-2016-7d900003e6
-
FEDORA-2016-876deae183
-
FEDORA-2016-96d276367e
-
FEDORA-2016-a159c484e4
-
FEDORA-2016-ee3a114958
-
FEDORA-2016-ef973efab7
-
RHSA-2017:0386
-
RHSA-2017:0387
-
RHSA-2017:0817
-
RHSA-2017:1298
-
RHSA-2017:1308
-
RHSA-2017:1842
-
RHSA-2017:2077
-
SUSE-SU-2016:1672-1
-
SUSE-SU-2016:1690-1
-
SUSE-SU-2016:1696-1
-
SUSE-SU-2016:1937-1
-
SUSE-SU-2016:1985-1
-
SUSE-SU-2016:2105-1
-
SUSE-SU-2016:2245-1
-
SUSE-SU-2016:3146-1
-
SUSE-SU-2016:3188-1
-
SUSE-SU-2016:3203-1
-
SUSE-SU-2016:3217-1
-
SUSE-SU-2016:3248-1
-
SUSE-SU-2016:3252-1
-
SUSE-SU-2017:0181-1
-
SUSE-SU-2017:0226-1
-
SUSE-SU-2017:0227-1
-
SUSE-SU-2017:0228-1
-
SUSE-SU-2017:0229-1
-
SUSE-SU-2017:0230-1
-
SUSE-SU-2017:0231-1
-
SUSE-SU-2017:0233-1
-
SUSE-SU-2017:0234-1
-
SUSE-SU-2017:0235-1
-
SUSE-SU-2017:0244-1
-
SUSE-SU-2017:0245-1
-
SUSE-SU-2017:0246-1
-
SUSE-SU-2017:0247-1
-
SUSE-SU-2017:0248-1
-
SUSE-SU-2017:0249-1
-
SUSE-SU-2017:0267-1
-
SUSE-SU-2017:0268-1
-
SUSE-SU-2017:0278-1
-
SUSE-SU-2017:0293-1
-
SUSE-SU-2017:0294-1
-
SUSE-SU-2017:0333-1
-
SUSE-SU-2017:0407-1
-
SUSE-SU-2017:0437-1
-
SUSE-SU-2017:0464-1
-
SUSE-SU-2017:0471-1
-
SUSE-SU-2017:0494-1
-
SUSE-SU-2017:1102-1
-
USN-2989-1
-
USN-2996-1
-
USN-2997-1
-
USN-2998-1
-
USN-3000-1
-
USN-3001-1
-
USN-3002-1
-
USN-3003-1
-
USN-3004-1
-
USN-3005-1
-
USN-3006-1
-
USN-3007-1
-
USN-3016-1
-
USN-3016-2
-
USN-3016-3
-
USN-3016-4
-
USN-3017-1
-
USN-3017-2
-
USN-3017-3
-
USN-3018-1
-
USN-3018-2
-
USN-3019-1
-
USN-3020-1
-
USN-3021-1
-
USN-3021-2
-
USN-3161-1
-
USN-3161-2
-
USN-3161-3
-
USN-3161-4
-
USN-3162-1
-
USN-3162-2
-
USN-3312-1
-
USN-3312-2
-
USN-3361-1
-
USN-3422-1
-
USN-3422-2
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2017-3514 |
|
|
| CVE | CVE-2016-8630 |
|
|
| CVE | CVE-2016-4485 |
|
|
| CVE | CVE-2016-9083 |
|
|
| CVE | CVE-2016-9084 |
|
|
| CVE | CVE-2016-9576 |
|
|
| CVE | CVE-2016-8646 |
|
|
| CVE | CVE-2016-4482 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux |
 kernel-uek
|
< 4.1.12-61.1.27.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux |
kernel-uek
|
< 4.1.12-61.1.27.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-61.1.27.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-61.1.27.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-61.1.27.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-61.1.27.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-61.1.27.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-61.1.27.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-61.1.27.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-61.1.27.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-61.1.27.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-61.1.27.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/dtrace-modules-4.1.12-61.1.27.el7uek?distro=oraclelinux-7 | oraclelinux |
dtrace-modules-4.1.12-61.1.27.el7uek
|
< 0.5.3-2.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/dtrace-modules-4.1.12-61.1.27.el6uek?distro=oraclelinux-6 | oraclelinux |
dtrace-modules-4.1.12-61.1.27.el6uek
|
< 0.5.3-2.el6 | oraclelinux-6 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |