Oracle Linux 5 ELSA-2013-2543 Critical: Kernel Security Issues Resolved
oracle
August 29, 2013
The following updated rpms for Oracle Linux 5 have been uploaded to the Unbreakable Linux Network:
Summary
[2.6.39-400.109.6.el5uek] - block: do not pass disk names as format strings (Kees Cook) [Orabug: 17230083] {CVE-2013-2851} - libceph: Fix NULL pointer dereference in auth client code (Tyler Hicks) [Orabug: 17230108] {CVE-2013-1059} - ipv6: ip6_sk_dst_check() must not assume ipv6 dst (Eric Dumazet) [Orabug: 17371078] {CVE-2013-2232} - af_key: initialize satype in key_notify_policy_flush() (Nicolas Dichtel) [Orabug: 17370788] {CVE-2013-2237} - Bluetooth: HCI - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17370892] {CVE-2012-6544} - Bluetooth: L2CAP - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17371050] {CVE-2012-6544} - Bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER) (Mathias Krause) [Orabug: 17371065] {CVE-2012-6544} - sctp: Use correct sideffect command in duplicate cookie handling (Vlad Yasevich) [Orabug: 17371118] {CVE-2013-2206} - sctp: deal with multiple COOKIE_ECHO chunks (Max Matveev) [Orabug: 17372121] {CVE-2013-2206}
Topics Covered
SRPMs
https://oss.oracle.com:443/ol5/SRPMS-updates/kernel-uek-2.6.39-400.109.6.el5uek.src.rpm
x86_64
kernel-uek-firmware-2.6.39-400.109.6.el5uek.noarch.rpm kernel-uek-doc-2.6.39-400.109.6.el5uek.noarch.rpm kernel-uek-2.6.39-400.109.6.el5uek.x86_64.rpm kernel-uek-devel-2.6.39-400.109.6.el5uek.x86_64.rpm kernel-uek-debug-devel-2.6.39-400.109.6.el5uek.x86_64.rpm kernel-uek-debug-2.6.39-400.109.6.el5uek.x86_64.rpm
aarch64
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!