[ELSA-2017-3635] Unbreakable Enterprise kernel security update
[4.1.12-103.9.2]
- Revert 'drivers/char/mem.c: deny access in open operation when securelevel is set' (Brian Maly) [Orabug: 27037811]
[4.1.12-103.9.1]
- xfs: use dedicated log worker wq to avoid deadlock with cil wq (Brian Foster) [Orabug: 27013241]
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly (Xin Long) [Orabug: 26988633] {CVE-2017-14489}
- nvme: honor RTD3 Entry Latency for shutdowns (Martin K. Petersen) [Orabug: 26999097]
- ipv6: avoid overflow of offset in ip6_find_1stfragopt (Sabrina Dubroca) [Orabug: 27013220] {CVE-2017-7542}
- udp: consistently apply ufo or fragmentation (Willem de Bruijn) [Orabug: 27013227] {CVE-2017-1000112}
- drivers/char/mem.c: deny access in open operation when securelevel is set (Ethan Zhao) [Orabug: 26943884]
[4.1.12-103.8.1]
- tcp: fix tcp_mark_head_lost to check skb len before fragmenting (Neal Cardwell) [Orabug: 26923675]
- timerfd: Protect the might cancel mechanism proper (Thomas Gleixner) [Orabug: 26899775] {CVE-2017-10661}
- kvm: nVMX: Don't allow L2 to access the hardware CR8 (Jim Mattson) {CVE-2017-12154} {CVE-2017-12154}
- brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx() (Tim Tianyang Chen) [Orabug: 26880590] {CVE-2017-7541}
- crypto: ahash - Fix EINPROGRESS notification callback (Herbert Xu) [Orabug: 26916575] {CVE-2017-7618}
- ovl: use O_LARGEFILE in ovl_copy_up() (David Howells) [Orabug: 25953280]
- rxrpc: Fix several cases where a padded len isn't checked in ticket decode (David Howells) [Orabug: 26880508] {CVE-2017-7482} {CVE-2017-7482}
- tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Wei Wang) [Orabug: 26813385] {CVE-2017-14106}
- ID
- ELSA-2017-3635
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2017-3635.html
- Published
-
2017-11-02T00:00:00
(6 years ago) - Modified
-
2017-11-02T00:00:00
(6 years ago) - Rights
- Copyright 2017 Oracle, Inc.
- Other Advisories
-
- ALAS-2017-828
- ALAS-2017-914
- DSA-3927-1
- DSA-3945-1
- DSA-3981-1
- ELSA-2017-2930
- ELSA-2017-3200
- ELSA-2017-3636
- ELSA-2017-3637
- ELSA-2018-1062
- ELSA-2018-4040
- ELSA-2018-4041
- ELSA-2018-4235
- FEDORA-2017-26c9ecd7a4
- FEDORA-2017-7369ea045c
- FEDORA-2017-8e7549fb91
- FEDORA-2017-e07d7fb18e
- FEDORA-2018-4ca01704a2
- FEDORA-2018-6367a17aa3
- FEDORA-2018-884a105c04
- RHSA-2017:2930
- RHSA-2017:2931
- RHSA-2017:3200
- RHSA-2018:0676
- RHSA-2018:1062
- SSA:2017-181-02
- SSA:2017-184-01
- SUSE-SU-2017:1853-1
- SUSE-SU-2017:1990-1
- SUSE-SU-2017:2342-1
- SUSE-SU-2017:2389-1
- SUSE-SU-2017:2525-1
- SUSE-SU-2017:2847-1
- SUSE-SU-2017:2869-1
- SUSE-SU-2017:2908-1
- SUSE-SU-2017:2920-1
- SUSE-SU-2017:2956-1
- SUSE-SU-2017:3165-1
- SUSE-SU-2017:3265-1
- SUSE-SU-2017:3267-1
- SUSE-SU-2017:3398-1
- SUSE-SU-2017:3410-1
- SUSE-SU-2018:0011-1
- SUSE-SU-2018:0040-1
- SUSE-SU-2018:0180-1
- SUSE-SU-2018:0213-1
- USN-3312-1
- USN-3312-2
- USN-3314-1
- USN-3361-1
- USN-3377-1
- USN-3377-2
- USN-3378-1
- USN-3378-2
- USN-3381-1
- USN-3381-2
- USN-3443-1
- USN-3443-2
- USN-3443-3
- USN-3444-1
- USN-3444-2
- USN-3445-1
- USN-3445-2
- USN-3469-1
- USN-3469-2
- USN-3487-1
- USN-3583-1
- USN-3583-2
- USN-3698-1
- USN-3698-2
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2017-3635 | http://linux.oracle.com/errata/ELSA-2017-3635.html | |
CVE | CVE-2017-14106 | http://linux.oracle.com/cve/CVE-2017-14106.html | |
CVE | CVE-2017-14489 | http://linux.oracle.com/cve/CVE-2017-14489.html | |
CVE | CVE-2017-7482 | http://linux.oracle.com/cve/CVE-2017-7482.html | |
CVE | CVE-2017-12154 | http://linux.oracle.com/cve/CVE-2017-12154.html | |
CVE | CVE-2017-7618 | http://linux.oracle.com/cve/CVE-2017-7618.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux | kernel-uek | < 4.1.12-103.9.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux | kernel-uek | < 4.1.12-103.9.2.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux | kernel-uek-firmware | < 4.1.12-103.9.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux | kernel-uek-firmware | < 4.1.12-103.9.2.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux | kernel-uek-doc | < 4.1.12-103.9.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux | kernel-uek-doc | < 4.1.12-103.9.2.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-devel | < 4.1.12-103.9.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-devel | < 4.1.12-103.9.2.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug | < 4.1.12-103.9.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug | < 4.1.12-103.9.2.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug-devel | < 4.1.12-103.9.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug-devel | < 4.1.12-103.9.2.el6uek | oraclelinux-6 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |