[ELSA-2018-4040] Unbreakable Enterprise kernel security update
kernel-uek
[3.8.13-118.20.3]
- gre: fix a possible skb leak (Eric Dumazet) [Orabug: 26403972] {CVE-2017-9074}
- ipv6: Fix leak in ipv6_gso_segment(). (David S. Miller) [Orabug: 26403972] {CVE-2017-9074}
- ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() (Ben Hutchings) [Orabug: 26403972] {CVE-2017-9074}
- ipv6: Check ip6_find_1stfragopt() return value properly. (David S. Miller) [Orabug: 26403972] {CVE-2017-9074}
- ipv6: Prevent overrun when parsing v6 header options (Craig Gallek) [Orabug: 26403972] {CVE-2017-9074}
- tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Wei Wang) [Orabug: 26813390] {CVE-2017-14106}
- rxrpc: Fix several cases where a padded len isn't checked in ticket decode (David Howells) [Orabug: 26880517] {CVE-2017-7482} {CVE-2017-7482}
- xen/mmu: Call xen_cleanhighmap() with 4MB aligned for page tables mapping (Zhenzhong Duan) [Orabug: 26883322]
- KVM: x86: fix deadlock in clock-in-progress request handling (Marcelo Tosatti) [Orabug: 27065995]
- ocfs2: fstrim: Fix start offset of first cluster group during fstrim (Ashish Samant) [Orabug: 27099835]
- USB: serial: console: fix use-after-free after failed setup (Johan Hovold) [Orabug: 27206837] {CVE-2017-16525}
- uwb: properly check kthread_run return value (Andrey Konovalov) [Orabug: 27206897] {CVE-2017-16526}
- ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor (Takashi Iwai) [Orabug: 27206928] {CVE-2017-16529}
- USB: fix out-of-bounds in usb_set_configuration (Greg Kroah-Hartman) [Orabug: 27207240] {CVE-2017-16531}
- USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor() (Alan Stern) [Orabug: 27207983] {CVE-2017-16535}
- dccp: CVE-2017-8824: use-after-free in DCCP code (Mohamed Ghannam) [Orabug: 27290301] {CVE-2017-8824}
- ID
- ELSA-2018-4040
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2018-4040.html
- Published
-
2018-02-26T00:00:00
(6 years ago) - Modified
-
2018-02-26T00:00:00
(6 years ago) - Rights
- Copyright 2018 Oracle, Inc.
- Other Advisories
-
-
ALAS-2017-846
-
ALAS-2018-944
-
ASA-201801-1
-
ASA-201801-3
-
ASA-201801-4
-
DSA-3886-1
-
DSA-3927-1
-
DSA-3945-1
-
DSA-3981-1
-
DSA-4073-1
-
DSA-4082-1
-
DSA-4187-1
-
ELSA-2017-1842
-
ELSA-2017-2930
-
ELSA-2017-3200
-
ELSA-2017-3635
-
ELSA-2017-3637
-
ELSA-2018-0169
-
ELSA-2018-1062
-
ELSA-2018-1319
-
ELSA-2018-4001
-
ELSA-2018-4025
-
ELSA-2018-4041
-
ELSA-2018-4235
-
FEDORA-2017-129969aa8a
-
FEDORA-2017-273b67d5ee
-
FEDORA-2017-6554692044
-
FEDORA-2017-6f06be3fe9
-
FEDORA-2017-85744f8aa9
-
FEDORA-2017-ba6b6e71f7
-
FEDORA-2018-1c80fea1cd
-
FEDORA-2018-1e033dc308
-
FEDORA-2018-2a0f8b2c9d
-
FEDORA-2018-2ee3411cb8
-
FEDORA-2018-2f6df9abfb
-
FEDORA-2018-49bda79bd5
-
FEDORA-2018-4ca01704a2
-
FEDORA-2018-6367a17aa3
-
FEDORA-2018-79d7c3d2df
-
FEDORA-2018-8484550fff
-
FEDORA-2018-884a105c04
-
FEDORA-2018-93c2e74446
-
FEDORA-2018-94315e9a6b
-
FEDORA-2018-9d0e4e40b5
-
FEDORA-2018-b57db4753c
-
FEDORA-2018-b68776e5b0
-
FEDORA-2018-b997780dca
-
FEDORA-2018-c0a1284064
-
FEDORA-2018-c449dc1c9c
-
FEDORA-2018-d77cc41f35
-
FEDORA-2018-e71875c4aa
-
FEDORA-2018-e8f793bbfc
-
RHSA-2017:1842
-
RHSA-2017:2077
-
RHSA-2017:2930
-
RHSA-2017:2931
-
RHSA-2017:3200
-
RHSA-2018:0169
-
RHSA-2018:0676
-
RHSA-2018:1062
-
RHSA-2018:1319
-
SSA:2017-181-02
-
SSA:2017-184-01
-
SUSE-SU-2017:1853-1
-
SUSE-SU-2017:1990-1
-
SUSE-SU-2017:2342-1
-
SUSE-SU-2017:2389-1
-
SUSE-SU-2017:2525-1
-
SUSE-SU-2017:2847-1
-
SUSE-SU-2017:2869-1
-
SUSE-SU-2017:2908-1
-
SUSE-SU-2017:2920-1
-
SUSE-SU-2017:2956-1
-
SUSE-SU-2017:3210-1
-
SUSE-SU-2017:3249-1
-
SUSE-SU-2017:3265-1
-
SUSE-SU-2017:3398-1
-
SUSE-SU-2017:3410-1
-
SUSE-SU-2018:0011-1
-
SUSE-SU-2018:0031-1
-
SUSE-SU-2018:0040-1
-
SUSE-SU-2018:0115-1
-
SUSE-SU-2018:0180-1
-
SUSE-SU-2018:0213-1
-
SUSE-SU-2022:2379-1
-
SUSE-SU-2022:2478-1
-
USN-3342-1
-
USN-3342-2
-
USN-3343-1
-
USN-3343-2
-
USN-3344-1
-
USN-3344-2
-
USN-3345-1
-
USN-3360-2
-
USN-3377-1
-
USN-3377-2
-
USN-3378-1
-
USN-3378-2
-
USN-3381-1
-
USN-3381-2
-
USN-3443-1
-
USN-3443-2
-
USN-3443-3
-
USN-3444-1
-
USN-3444-2
-
USN-3445-1
-
USN-3445-2
-
USN-3485-1
-
USN-3485-2
-
USN-3485-3
-
USN-3487-1
-
USN-3507-1
-
USN-3581-1
-
USN-3581-2
-
USN-3581-3
-
USN-3582-1
-
USN-3582-2
-
USN-3583-1
-
USN-3583-2
-
USN-3754-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2018-4040 |
|
|
| CVE | CVE-2017-14106 |
|
|
| CVE | CVE-2017-7482 |
|
|
| CVE | CVE-2017-16525 |
|
|
| CVE | CVE-2017-16529 |
|
|
| CVE | CVE-2017-16535 |
|
|
| CVE | CVE-2017-16526 |
|
|
| CVE | CVE-2017-16531 |
|
|
| CVE | CVE-2017-8824 |
|
|
| CVE | CVE-2017-9074 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux |
 kernel-uek
|
< 3.8.13-118.20.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux |
kernel-uek
|
< 3.8.13-118.20.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux |
kernel-uek-firmware
|
< 3.8.13-118.20.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux |
kernel-uek-firmware
|
< 3.8.13-118.20.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux |
kernel-uek-doc
|
< 3.8.13-118.20.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux |
kernel-uek-doc
|
< 3.8.13-118.20.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-devel
|
< 3.8.13-118.20.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-devel
|
< 3.8.13-118.20.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug
|
< 3.8.13-118.20.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug
|
< 3.8.13-118.20.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug-devel
|
< 3.8.13-118.20.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug-devel
|
< 3.8.13-118.20.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/dtrace-modules-3.8.13-118.20.3.el7uek?distro=oraclelinux-7 | oraclelinux |
dtrace-modules-3.8.13-118.20.3.el7uek
|
< 0.4.5-3.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/dtrace-modules-3.8.13-118.20.3.el6uek?distro=oraclelinux-6 | oraclelinux |
dtrace-modules-3.8.13-118.20.3.el6uek
|
< 0.4.5-3.el6 | oraclelinux-6 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |