Unbreakable Enterprise kernel security update

2018-12-0900:00:00

linux.oracle.com

EPSS

0.001

Percentile

50.6%

JSON

[2.6.39-400.304.1]

mnt: Prevent pivot_root from creating a loop in the mount tree (Eric W. Biederman) [Orabug: 26575709] {CVE-2014-7970} {CVE-2014-7970}
vfs: more mnt_parent cleanups (Al Viro) [Orabug: 26575709] {CVE-2014-7970}
vfs: new internal helper: mnt_has_parent(mnt) (Al Viro) [Orabug: 26575709] {CVE-2014-7970}
ALSA: seq: Fix racy pool initializations (Takashi Iwai) [Orabug: 28459730] {CVE-2018-7566}
xen-netback: calculate full_coalesce before the pre-estimation of ring buffer slots to consume (Dongli Zhang) [Orabug: 28818690]
scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() (Alexander Potapenko) [Orabug: 28892695] {CVE-2018-1000204}
KVM: MTRR: remove MSR 0x2f8 (Andy Honig) [Orabug: 28901711] {CVE-2016-3713} {CVE-2016-3713}
cdrom: fix improper type cast, which can leat to information leak. (Young_X) [Orabug: 28929788] {CVE-2018-16658} {CVE-2018-10940} {CVE-2018-18710}
udf: Check component length before reading it (Jan Kara) [Orabug: 28941923] {CVE-2014-9728}
udf: Verify symlink size before loading it (Shan Hai) [Orabug: 28941923] {CVE-2014-9728}
udf: Verify i_size when loading inode (Shan Hai) [Orabug: 28941923] {CVE-2014-9728}
floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (Andy Whitcroft) [Orabug: 28956549] {CVE-2018-7755} {CVE-2018-7755}
crypto: salsa20 - fix blkcipher_walk API usage (Eric Biggers) [Orabug: 28976586] {CVE-2017-17805}
crypto: hmac - require that the underlying hash algorithm is unkeyed (Eric Biggers) [Orabug: 28976655] {CVE-2017-17806}

OSVersionArchitecturePackageVersionFilename
oracle linux5srckernel-uek< 2.6.39-400.304.1.el5uekkernel-uek-2.6.39-400.304.1.el5uek.src.rpm
oracle linux5i686kernel-uek< 2.6.39-400.304.1.el5uekkernel-uek-2.6.39-400.304.1.el5uek.i686.rpm
oracle linux5i686kernel-uek-debug< 2.6.39-400.304.1.el5uekkernel-uek-debug-2.6.39-400.304.1.el5uek.i686.rpm
oracle linux5i686kernel-uek-debug-devel< 2.6.39-400.304.1.el5uekkernel-uek-debug-devel-2.6.39-400.304.1.el5uek.i686.rpm
oracle linux5i686kernel-uek-devel< 2.6.39-400.304.1.el5uekkernel-uek-devel-2.6.39-400.304.1.el5uek.i686.rpm
oracle linux5noarchkernel-uek-doc< 2.6.39-400.304.1.el5uekkernel-uek-doc-2.6.39-400.304.1.el5uek.noarch.rpm
oracle linux5noarchkernel-uek-firmware< 2.6.39-400.304.1.el5uekkernel-uek-firmware-2.6.39-400.304.1.el5uek.noarch.rpm
oracle linux5srckernel-uek< 2.6.39-400.304.1.el5uekkernel-uek-2.6.39-400.304.1.el5uek.src.rpm
oracle linux5x86_64kernel-uek< 2.6.39-400.304.1.el5uekkernel-uek-2.6.39-400.304.1.el5uek.x86_64.rpm
oracle linux5x86_64kernel-uek-debug< 2.6.39-400.304.1.el5uekkernel-uek-debug-2.6.39-400.304.1.el5uek.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	5	src	kernel-uek	< 2.6.39-400.304.1.el5uek	kernel-uek-2.6.39-400.304.1.el5uek.src.rpm
oracle linux	5	i686	kernel-uek	< 2.6.39-400.304.1.el5uek	kernel-uek-2.6.39-400.304.1.el5uek.i686.rpm
oracle linux	5	i686	kernel-uek-debug	< 2.6.39-400.304.1.el5uek	kernel-uek-debug-2.6.39-400.304.1.el5uek.i686.rpm
oracle linux	5	i686	kernel-uek-debug-devel	< 2.6.39-400.304.1.el5uek	kernel-uek-debug-devel-2.6.39-400.304.1.el5uek.i686.rpm
oracle linux	5	i686	kernel-uek-devel	< 2.6.39-400.304.1.el5uek	kernel-uek-devel-2.6.39-400.304.1.el5uek.i686.rpm
oracle linux	5	noarch	kernel-uek-doc	< 2.6.39-400.304.1.el5uek	kernel-uek-doc-2.6.39-400.304.1.el5uek.noarch.rpm
oracle linux	5	noarch	kernel-uek-firmware	< 2.6.39-400.304.1.el5uek	kernel-uek-firmware-2.6.39-400.304.1.el5uek.noarch.rpm
oracle linux	5	src	kernel-uek	< 2.6.39-400.304.1.el5uek	kernel-uek-2.6.39-400.304.1.el5uek.src.rpm
oracle linux	5	x86_64	kernel-uek	< 2.6.39-400.304.1.el5uek	kernel-uek-2.6.39-400.304.1.el5uek.x86_64.rpm
oracle linux	5	x86_64	kernel-uek-debug	< 2.6.39-400.304.1.el5uek	kernel-uek-debug-2.6.39-400.304.1.el5uek.x86_64.rpm