ELSA-2018-4300

ELSA-2018-4300 - Unbreakable Enterprise kernel security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2018-12-06

Description


kernel-uek
[3.8.13-118.28.1]
- udf: Check component length before reading it (Jan Kara) [Orabug: 21193696] {CVE-2014-9728}
- udf: Verify i_size when loading inode (Shan Hai) [Orabug: 21193696] {CVE-2014-9728}
- intel_pstate: Fix overflow in busy_scaled due to long delay (mridula shastry) [Orabug: 28005134]
- scsi: libsas: defer ata device eh commands to libata (Jason Yan) [Orabug: 28459689] {CVE-2018-10021}
- nfsd: silence sparse warning about accessing credentials (Jeff Layton) [Orabug: 28824742] {CVE-2017-13168}
- scsi: sg: mitigate read/write abuse (Jann Horn) [Orabug: 28824742] {CVE-2017-13168}
- scsi: sg: allocate with __GFP_ZERO in sg_build_indirect() (Alexander Potapenko) [Orabug: 28892683] {CVE-2018-1000204}
- ALSA: rawmidi: Change resized buffers atomically (Takashi Iwai) [Orabug: 28898650] {CVE-2018-10902}
- KVM: MTRR: remove MSR 0x2f8 (Andy Honig) [Orabug: 28901657] {CVE-2016-3713} {CVE-2016-3713}
- cdrom: fix improper type cast, which can leat to information leak. (Young_X) [Orabug: 28929777] {CVE-2018-16658} {CVE-2018-10940} {CVE-2018-18710}
- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (Andy Whitcroft) {CVE-2018-7755} {CVE-2018-7755}
- crypto: salsa20 - fix blkcipher_walk API usage (Eric Biggers) [Orabug: 28976585] {CVE-2017-17805}
- crypto: hmac - require that the underlying hash algorithm is unkeyed (Eric Biggers) [Orabug: 28976654] {CVE-2017-17806}


Related CVEs


CVE-2017-17805
CVE-2018-10902
CVE-2017-13168
CVE-2018-1000204
CVE-2018-18710
CVE-2014-9728
CVE-2016-3713
CVE-2017-17806
CVE-2018-7755
CVE-2018-10021

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (x86_64) dtrace-modules-3.8.13-118.28.1.el6uek-0.4.5-3.el6.src.rpm12d811f6a237b67734b06352f8365104-
kernel-uek-3.8.13-118.28.1.el6uek.src.rpm385d7d5d9fc3212ab7152288fe138e37-
dtrace-modules-3.8.13-118.28.1.el6uek-0.4.5-3.el6.x86_64.rpm15c87ebe330409e0dcd9d8fcc680c8fb-
kernel-uek-3.8.13-118.28.1.el6uek.x86_64.rpm442118ae10070175d8e5310253bdb8f6-
kernel-uek-debug-3.8.13-118.28.1.el6uek.x86_64.rpmc20e7bf0b52d4ce40bb77ad9e0672087-
kernel-uek-debug-devel-3.8.13-118.28.1.el6uek.x86_64.rpme352ad1cd84408246d3c416e54c694af-
kernel-uek-devel-3.8.13-118.28.1.el6uek.x86_64.rpm339cb95a3aee16270f9fc4b1d924163c-
kernel-uek-doc-3.8.13-118.28.1.el6uek.noarch.rpm449f3d3f67b3f1fc1a67f85d7d374629-
kernel-uek-firmware-3.8.13-118.28.1.el6uek.noarch.rpmf5075054b9d6ef2bdf6231aca15eb898-
Oracle Linux 7 (x86_64) dtrace-modules-3.8.13-118.28.1.el7uek-0.4.5-3.el7.src.rpm519346873d00c47fc19796d2b957d184-
kernel-uek-3.8.13-118.28.1.el7uek.src.rpm6feacedf8f7526b4aeca2d2dcbe2eb1f-
dtrace-modules-3.8.13-118.28.1.el7uek-0.4.5-3.el7.x86_64.rpmd46c254711c642260ea5656f6b2014be-
kernel-uek-3.8.13-118.28.1.el7uek.x86_64.rpm7f867d9ea6aeda4a2d693dd9efcf5f81-
kernel-uek-debug-3.8.13-118.28.1.el7uek.x86_64.rpm9c8a800072e33a3e197a4637d55944aa-
kernel-uek-debug-devel-3.8.13-118.28.1.el7uek.x86_64.rpm29528b66f04b530e54a82b0305bf019d-
kernel-uek-devel-3.8.13-118.28.1.el7uek.x86_64.rpmfc32108e3e22b34d24496bf704e540c5-
kernel-uek-doc-3.8.13-118.28.1.el7uek.noarch.rpme51bfb08670cd42f96110ef40d6a48c3-
kernel-uek-firmware-3.8.13-118.28.1.el7uek.noarch.rpmc90ea67749c9b9e92f26e6364ef6e3b1-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete