[ELSA-2017-3635] Unbreakable Enterprise kernel security update
[4.1.12-103.9.2]
- Revert 'drivers/char/mem.c: deny access in open operation when securelevel is set' (Brian Maly) [Orabug: 27037811]
[4.1.12-103.9.1]
- xfs: use dedicated log worker wq to avoid deadlock with cil wq (Brian Foster) [Orabug: 27013241]
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly (Xin Long) [Orabug: 26988633] {CVE-2017-14489}
- nvme: honor RTD3 Entry Latency for shutdowns (Martin K. Petersen) [Orabug: 26999097]
- ipv6: avoid overflow of offset in ip6_find_1stfragopt (Sabrina Dubroca) [Orabug: 27013220] {CVE-2017-7542}
- udp: consistently apply ufo or fragmentation (Willem de Bruijn) [Orabug: 27013227] {CVE-2017-1000112}
- drivers/char/mem.c: deny access in open operation when securelevel is set (Ethan Zhao) [Orabug: 26943884]
[4.1.12-103.8.1]
- tcp: fix tcp_mark_head_lost to check skb len before fragmenting (Neal Cardwell) [Orabug: 26923675]
- timerfd: Protect the might cancel mechanism proper (Thomas Gleixner) [Orabug: 26899775] {CVE-2017-10661}
- kvm: nVMX: Don't allow L2 to access the hardware CR8 (Jim Mattson) {CVE-2017-12154} {CVE-2017-12154}
- brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx() (Tim Tianyang Chen) [Orabug: 26880590] {CVE-2017-7541}
- crypto: ahash - Fix EINPROGRESS notification callback (Herbert Xu) [Orabug: 26916575] {CVE-2017-7618}
- ovl: use O_LARGEFILE in ovl_copy_up() (David Howells) [Orabug: 25953280]
- rxrpc: Fix several cases where a padded len isn't checked in ticket decode (David Howells) [Orabug: 26880508] {CVE-2017-7482} {CVE-2017-7482}
- tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Wei Wang) [Orabug: 26813385] {CVE-2017-14106}
- ID
- ELSA-2017-3635
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2017-3635.html
- Published
-
2017-11-02T00:00:00
(6 years ago) - Modified
-
2017-11-02T00:00:00
(6 years ago) - Rights
- Copyright 2017 Oracle, Inc.
- Other Advisories
-
-
ALAS-2017-828
-
ALAS-2017-914
-
DSA-3927-1
-
DSA-3945-1
-
DSA-3981-1
-
ELSA-2017-2930
-
ELSA-2017-3200
-
ELSA-2017-3636
-
ELSA-2017-3637
-
ELSA-2018-1062
-
ELSA-2018-4040
-
ELSA-2018-4041
-
ELSA-2018-4235
-
FEDORA-2017-26c9ecd7a4
-
FEDORA-2017-7369ea045c
-
FEDORA-2017-8e7549fb91
-
FEDORA-2017-e07d7fb18e
-
FEDORA-2018-4ca01704a2
-
FEDORA-2018-6367a17aa3
-
FEDORA-2018-884a105c04
-
RHSA-2017:2930
-
RHSA-2017:2931
-
RHSA-2017:3200
-
RHSA-2018:0676
-
RHSA-2018:1062
-
SSA:2017-181-02
-
SSA:2017-184-01
-
SUSE-SU-2017:1853-1
-
SUSE-SU-2017:1990-1
-
SUSE-SU-2017:2342-1
-
SUSE-SU-2017:2389-1
-
SUSE-SU-2017:2525-1
-
SUSE-SU-2017:2847-1
-
SUSE-SU-2017:2869-1
-
SUSE-SU-2017:2908-1
-
SUSE-SU-2017:2920-1
-
SUSE-SU-2017:2956-1
-
SUSE-SU-2017:3165-1
-
SUSE-SU-2017:3265-1
-
SUSE-SU-2017:3267-1
-
SUSE-SU-2017:3398-1
-
SUSE-SU-2017:3410-1
-
SUSE-SU-2018:0011-1
-
SUSE-SU-2018:0040-1
-
SUSE-SU-2018:0180-1
-
SUSE-SU-2018:0213-1
-
USN-3312-1
-
USN-3312-2
-
USN-3314-1
-
USN-3361-1
-
USN-3377-1
-
USN-3377-2
-
USN-3378-1
-
USN-3378-2
-
USN-3381-1
-
USN-3381-2
-
USN-3443-1
-
USN-3443-2
-
USN-3443-3
-
USN-3444-1
-
USN-3444-2
-
USN-3445-1
-
USN-3445-2
-
USN-3469-1
-
USN-3469-2
-
USN-3487-1
-
USN-3583-1
-
USN-3583-2
-
USN-3698-1
-
USN-3698-2
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2017-3635 |
|
|
| CVE | CVE-2017-14106 |
|
|
| CVE | CVE-2017-14489 |
|
|
| CVE | CVE-2017-7482 |
|
|
| CVE | CVE-2017-12154 |
|
|
| CVE | CVE-2017-7618 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux |
 kernel-uek
|
< 4.1.12-103.9.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux |
kernel-uek
|
< 4.1.12-103.9.2.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-103.9.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-103.9.2.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-103.9.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-103.9.2.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-103.9.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-103.9.2.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-103.9.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-103.9.2.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-103.9.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-103.9.2.el6uek | oraclelinux-6 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |