New Search

ELSA-2013-2542 -- unbreakable enterprise kernel security update (important)

oval:org.mitre.oval:def:26512

kernel-uek [2.6.32-400.29.3uek] - block: do not pass disk names as format strings (Jerry Snitselaar) [Orabug: 17230124] {CVE-2013-2851} - af_key: initialize satype in key_notify_policy_flush() (Nicolas Dichtel) [Orabug: 17370765] {CVE-2013-2237} - Bluetooth: L2CAP - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17371054] {CVE-2012-6544} - Bluetooth: HCI - Fix info leak in getsockopt(HCI_FILTER) (Mathias Krause) [Orabug: 17371072] {CVE-2012-6544} - ipv6: ip6_sk_dst_check() must not assume ipv6 dst (Eric Dumazet) [Orabug: 17371079] {CVE-2013-2232} - sctp: Use correct sideffect command in duplicate cookie handling (Vlad Yasevich) [Orabug: 17371121] {CVE-2013-2206} - sctp: deal with multiple COOKIE_ECHO chunks (Max Matveev) [Orabug: 17372129] {CVE-2013-2206}

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 5
  • Oracle Linux 6
Class:
patch
Reference(s):
  • ELSA-2013-2542
  • CVE-2012-6544
  • CVE-2013-2206
  • CVE-2013-2232
  • CVE-2013-2237
  • CVE-2013-2851
Product(s):
  • ofa
  • kernel-uek-doc
  • kernel-uek-firmware
  • kernel-uek-headers
  • kernel-uek
  • kernel-uek-debug
  • kernel-uek-devel
  • kernel-uek-debug-devel
  • mlnx_en