OVMSA-2016-0053

OVMSA-2016-0053 - kernel-uek security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2016-05-20

Description


[3.8.13-118.6.2]
- KEYS: Fix ASN.1 indefinite length object parsing This fixes CVE-2016-0758. (David Howells) [Orabug: 23279020] {CVE-2016-0758}
- net: add validation for the socket syscall protocol argument (Hannes Frederic Sowa) [Orabug: 23267997] {CVE-2015-8543} {CVE-2015-8543}
- ipv6: addrconf: validate new MTU before applying it (Marcelo Leitner) [Orabug: 23263252] {CVE-2015-8215}
- unix: properly account for FDs passed over unix sockets (willy tarreau) [Orabug: 23262276] {CVE-2013-4312} {CVE-2013-4312}


Related CVEs


CVE-2016-0758
CVE-2013-4312
CVE-2015-8215
CVE-2015-8543

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle VM 3.3 (x86_64) kernel-uek-3.8.13-118.6.2.el6uek.src.rpm23149eef1ed400ab31b9db4521295d43OVMSA-2021-0016
kernel-uek-3.8.13-118.6.2.el6uek.x86_64.rpm70b08307a38fa49638627a9ed59bc7bbOVMSA-2021-0016
kernel-uek-firmware-3.8.13-118.6.2.el6uek.noarch.rpma23f29c8f98001c693dab431fedcae53OVMSA-2021-0016



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete