[ELSA-2018-4301] Unbreakable Enterprise kernel security update
Severity
Important
Affected Packages
12
CVEs
9
[2.6.39-400.304.1]
- mnt: Prevent pivot_root from creating a loop in the mount tree (Eric W. Biederman) [Orabug: 26575709] {CVE-2014-7970} {CVE-2014-7970}
- vfs: more mnt_parent cleanups (Al Viro) [Orabug: 26575709] {CVE-2014-7970}
- vfs: new internal helper: mnt_has_parent(mnt) (Al Viro) [Orabug: 26575709] {CVE-2014-7970}
- ALSA: seq: Fix racy pool initializations (Takashi Iwai) [Orabug: 28459730] {CVE-2018-7566}
- xen-netback: calculate full_coalesce before the pre-estimation of ring buffer slots to consume (Dongli Zhang) [Orabug: 28818690]
- scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() (Alexander Potapenko) [Orabug: 28892695] {CVE-2018-1000204}
- KVM: MTRR: remove MSR 0x2f8 (Andy Honig) [Orabug: 28901711] {CVE-2016-3713} {CVE-2016-3713}
- cdrom: fix improper type cast, which can leat to information leak. (Young_X) [Orabug: 28929788] {CVE-2018-16658} {CVE-2018-10940} {CVE-2018-18710}
- udf: Check component length before reading it (Jan Kara) [Orabug: 28941923] {CVE-2014-9728}
- udf: Verify symlink size before loading it (Shan Hai) [Orabug: 28941923] {CVE-2014-9728}
- udf: Verify i_size when loading inode (Shan Hai) [Orabug: 28941923] {CVE-2014-9728}
- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (Andy Whitcroft) [Orabug: 28956549] {CVE-2018-7755} {CVE-2018-7755}
- crypto: salsa20 - fix blkcipher_walk API usage (Eric Biggers) [Orabug: 28976586] {CVE-2017-17805}
- crypto: hmac - require that the underlying hash algorithm is unkeyed (Eric Biggers) [Orabug: 28976655] {CVE-2017-17806}
- ID
- ELSA-2018-4301
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2018-4301.html
- Published
-
2018-12-09T00:00:00
(5 years ago) - Modified
-
2018-12-09T00:00:00
(5 years ago) - Rights
- Copyright 2018 Oracle, Inc.
- Other Advisories
-
-
ALAS-2014-455
-
ALAS-2018-1133
-
ALAS-2019-1279
-
ALAS2-2018-1133
-
ALAS2-2019-1279
-
ASA-201801-1
-
ASA-201801-2
-
ASA-201801-3
-
ASA-201801-4
-
DSA-4073-1
-
DSA-4082-1
-
DSA-4187-1
-
DSA-4188-1
-
DSA-4308-1
-
ELSA-2017-1842
-
ELSA-2018-2384
-
ELSA-2018-2390
-
ELSA-2018-3083
-
ELSA-2018-4200
-
ELSA-2018-4211
-
ELSA-2018-4246
-
ELSA-2018-4250
-
ELSA-2018-4288
-
ELSA-2018-4299
-
ELSA-2018-4300
-
ELSA-2018-4304
-
ELSA-2019-2029
-
ELSA-2019-2473
-
ELSA-2019-4316
-
ELSA-2019-4509
-
FEDORA-2014-12955
-
FEDORA-2014-13020
-
FEDORA-2014-13045
-
FEDORA-2014-13558
-
FEDORA-2014-13773
-
FEDORA-2014-14068
-
FEDORA-2014-15200
-
FEDORA-2014-16632
-
FEDORA-2014-17244
-
FEDORA-2014-17283
-
FEDORA-2015-0515
-
FEDORA-2015-1672
-
FEDORA-2015-3594
-
FEDORA-2015-5024
-
FEDORA-2015-6294
-
FEDORA-2015-8518
-
FEDORA-2016-06f1572324
-
FEDORA-2016-2363b37a98
-
FEDORA-2016-f8739a80b0
-
FEDORA-2018-1621b2204a
-
FEDORA-2018-2645eb8dab
-
FEDORA-2018-3857a8b41a
-
FEDORA-2018-5904d0794d
-
FEDORA-2018-6e8c330d50
-
FEDORA-2018-87ba0312c2
-
FEDORA-2018-a0914af224
-
FEDORA-2018-b68776e5b0
-
FEDORA-2018-f55c305488
-
FEDORA-2019-164946aa7f
-
FEDORA-2019-16de0047d4
-
FEDORA-2019-196ab64d65
-
FEDORA-2019-1b986880ea
-
FEDORA-2019-1e8a4c6958
-
FEDORA-2019-20a89ca9af
-
FEDORA-2019-337484d88b
-
FEDORA-2019-3da64f3e61
-
FEDORA-2019-4002b91800
-
FEDORA-2019-48b34fc991
-
FEDORA-2019-509c133845
-
FEDORA-2019-65c6d11eba
-
FEDORA-2019-7462acf8ba
-
FEDORA-2019-7bdeed7fc5
-
FEDORA-2019-7d3500d712
-
FEDORA-2019-8169b57f28
-
FEDORA-2019-8219efa9f6
-
FEDORA-2019-87e7046631
-
FEDORA-2019-94dc902948
-
FEDORA-2019-96b31a9602
-
FEDORA-2019-a6cd583a8d
-
FEDORA-2019-aabdaa013d
-
FEDORA-2019-b0f7a7b74b
-
FEDORA-2019-be9add5b77
-
FEDORA-2019-c36afa818c
-
FEDORA-2019-ce2933b003
-
FEDORA-2019-e6bf55e821
-
FEDORA-2019-f812c9fb22
-
RHSA-2017:1842
-
RHSA-2017:2077
-
RHSA-2018:2384
-
RHSA-2018:2390
-
RHSA-2018:2395
-
RHSA-2018:3083
-
RHSA-2018:3096
-
RHSA-2019:2029
-
RHSA-2019:2043
-
RHSA-2019:2473
-
SSA:2019-030-01
-
SUSE-SU-2015:0581-1
-
SUSE-SU-2015:0736-1
-
SUSE-SU-2015:1174-1
-
SUSE-SU-2015:1224-1
-
SUSE-SU-2015:1324-1
-
SUSE-SU-2015:1376-1
-
SUSE-SU-2015:1592-1
-
SUSE-SU-2015:1611-1
-
SUSE-SU-2015:1678-1
-
SUSE-SU-2018:0010-1
-
SUSE-SU-2018:0011-1
-
SUSE-SU-2018:0012-1
-
SUSE-SU-2018:0040-1
-
SUSE-SU-2018:0180-1
-
SUSE-SU-2018:0213-1
-
SUSE-SU-2018:0437-1
-
SUSE-SU-2018:0525-1
-
SUSE-SU-2018:0834-1
-
SUSE-SU-2018:0848-1
-
SUSE-SU-2018:0988-1
-
SUSE-SU-2018:0989-1
-
SUSE-SU-2018:0990-1
-
SUSE-SU-2018:0991-1
-
SUSE-SU-2018:0992-1
-
SUSE-SU-2018:0993-1
-
SUSE-SU-2018:0994-1
-
SUSE-SU-2018:0995-1
-
SUSE-SU-2018:0996-1
-
SUSE-SU-2018:0997-1
-
SUSE-SU-2018:0998-1
-
SUSE-SU-2018:0999-1
-
SUSE-SU-2018:1000-1
-
SUSE-SU-2018:1001-1
-
SUSE-SU-2018:1002-1
-
SUSE-SU-2018:1003-1
-
SUSE-SU-2018:1004-1
-
SUSE-SU-2018:1005-1
-
SUSE-SU-2018:1006-1
-
SUSE-SU-2018:1007-1
-
SUSE-SU-2018:1008-1
-
SUSE-SU-2018:1009-1
-
SUSE-SU-2018:1010-1
-
SUSE-SU-2018:1011-1
-
SUSE-SU-2018:1012-1
-
SUSE-SU-2018:1013-1
-
SUSE-SU-2018:1014-1
-
SUSE-SU-2018:1015-1
-
SUSE-SU-2018:1016-1
-
SUSE-SU-2018:1018-1
-
SUSE-SU-2018:1019-1
-
SUSE-SU-2018:1020-1
-
SUSE-SU-2018:1021-1
-
SUSE-SU-2018:1022-1
-
SUSE-SU-2018:1023-1
-
SUSE-SU-2018:1024-1
-
SUSE-SU-2018:1025-1
-
SUSE-SU-2018:1026-1
-
SUSE-SU-2018:1027-1
-
SUSE-SU-2018:1028-1
-
SUSE-SU-2018:1029-1
-
SUSE-SU-2018:1030-1
-
SUSE-SU-2018:1031-1
-
SUSE-SU-2018:1032-1
-
SUSE-SU-2018:1033-1
-
SUSE-SU-2018:1034-1
-
SUSE-SU-2018:1035-1
-
SUSE-SU-2018:1080-1
-
SUSE-SU-2018:1172-1
-
SUSE-SU-2018:1309-1
-
SUSE-SU-2018:1761-1
-
SUSE-SU-2018:1762-1
-
SUSE-SU-2018:1855-1
-
SUSE-SU-2018:1855-2
-
SUSE-SU-2018:2092-1
-
SUSE-SU-2018:2332-1
-
SUSE-SU-2018:2366-1
-
SUSE-SU-2018:2637-1
-
SUSE-SU-2018:3688-1
-
SUSE-SU-2018:3689-1
-
SUSE-SU-2018:3746-1
-
SUSE-SU-2018:3773-1
-
SUSE-SU-2018:3869-1
-
SUSE-SU-2018:3934-1
-
SUSE-SU-2018:3961-1
-
SUSE-SU-2018:4069-1
-
SUSE-SU-2018:4072-1
-
SUSE-SU-2019:0095-1
-
SUSE-SU-2019:0224-1
-
SUSE-SU-2019:0439-1
-
SUSE-SU-2019:1245-1
-
SUSE-SU-2019:1289-1
-
SUSE-SU-2022:1651-1
-
SUSE-SU-2022:1668-1
-
SUSE-SU-2022:1686-1
-
SUSE-SU-2022:2077-1
-
SUSE-SU-2022:2082-1
-
SUSE-SU-2022:2111-1
-
SUSE-SU-2023:0416-1
-
USN-2419-1
-
USN-2420-1
-
USN-2447-1
-
USN-2448-1
-
USN-2513-1
-
USN-2514-1
-
USN-2517-1
-
USN-2518-1
-
USN-2541-1
-
USN-2542-1
-
USN-2543-1
-
USN-2544-1
-
USN-2978-1
-
USN-2978-2
-
USN-2979-1
-
USN-2979-2
-
USN-3583-1
-
USN-3583-2
-
USN-3617-1
-
USN-3617-2
-
USN-3617-3
-
USN-3619-1
-
USN-3619-2
-
USN-3620-1
-
USN-3620-2
-
USN-3631-1
-
USN-3631-2
-
USN-3632-1
-
USN-3695-1
-
USN-3695-2
-
USN-3696-1
-
USN-3696-2
-
USN-3697-1
-
USN-3697-2
-
USN-3698-1
-
USN-3698-2
-
USN-3752-1
-
USN-3752-2
-
USN-3752-3
-
USN-3754-1
-
USN-3798-1
-
USN-3798-2
-
USN-3846-1
-
USN-3847-1
-
USN-3847-2
-
USN-3847-3
-
USN-3848-1
-
USN-3848-2
-
USN-3849-1
-
USN-3849-2
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2018-4301 |
|
|
| CVE | CVE-2014-7970 |
|
|
| CVE | CVE-2018-7566 |
|
|
| CVE | CVE-2017-17805 |
|
|
| CVE | CVE-2018-1000204 |
|
|
| CVE | CVE-2018-18710 |
|
|
| CVE | CVE-2014-9728 |
|
|
| CVE | CVE-2016-3713 |
|
|
| CVE | CVE-2017-17806 |
|
|
| CVE | CVE-2018-7755 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux |
 kernel-uek
|
< 2.6.39-400.304.1.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-5 | oraclelinux |
kernel-uek
|
< 2.6.39-400.304.1.el5uek | oraclelinux-5 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux |
kernel-uek-firmware
|
< 2.6.39-400.304.1.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-5 | oraclelinux |
kernel-uek-firmware
|
< 2.6.39-400.304.1.el5uek | oraclelinux-5 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux |
kernel-uek-doc
|
< 2.6.39-400.304.1.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-5 | oraclelinux |
kernel-uek-doc
|
< 2.6.39-400.304.1.el5uek | oraclelinux-5 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-devel
|
< 2.6.39-400.304.1.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-5 | oraclelinux |
kernel-uek-devel
|
< 2.6.39-400.304.1.el5uek | oraclelinux-5 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug
|
< 2.6.39-400.304.1.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-5 | oraclelinux |
kernel-uek-debug
|
< 2.6.39-400.304.1.el5uek | oraclelinux-5 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug-devel
|
< 2.6.39-400.304.1.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-5 | oraclelinux |
kernel-uek-debug-devel
|
< 2.6.39-400.304.1.el5uek | oraclelinux-5 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |