[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ELSA-2016-1406 -- Oracle kernel_python-perf_perf

ID: oval:org.secpod.oval:def:1501511Date: (C)2016-07-26   (M)2023-12-20
Class: PATCHFamily: unix




The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: * A flaw was found in the way certain interfaces of the Linux kernel"s Infiniband subsystem used write as bi-directional ioctl replacement, which could lead to insufficient memory security checks when being invoked using the the splice system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system. Red Hat would like to thank Jann Horn for reporting this issue. This update also fixes the following bugs: * When providing some services and using the Integrated Services Digital Network , the system could terminate unexpectedly due to the call of the tty_ldisc_flush function. The provided patch removes this call and the system no longer hangs in the described scenario.

Platform:
Oracle Linux 6
Product:
kernel
python-perf
perf
Reference:
ELSA-2016-1406
CVE-2016-4565
CVE    1
CVE-2016-4565
CPE    5
cpe:/o:linux:linux_kernel
cpe:/a:perf:perf
cpe:/a:python-perf:python-perf
cpe:/o:linux:linux_kernel:4.5.2
...

© SecPod Technologies