New Search

ELSA-2013-2585 -- Unbreakable Enterprise Kernel security update (important)

oval:org.mitre.oval:def:27358

kernel-uek [2.6.32-400.33.3uek] - af_key: fix info leaks in notify messages (Mathias Krause) [Orabug: 17837974] {CVE-2013-2234} - drivers/cdrom/cdrom.c: use kzalloc() for failing hardware (Jonathan Salwan) [Orabug: 17837971] {CVE-2013-2164} - fs/compat_ioctl.c: VIDEO_SET_SPU_PALETTE missing error check (Kees Cook) [Orabug: 17837966] {CVE-2013-1928} - Bluetooth: RFCOMM - Fix info leak in ioctl(RFCOMMGETDEVLIST) (Mathias Krause) [Orabug: 17837959] {CVE-2012-6545} - Bluetooth: RFCOMM - Fix info leak via getsockname() (Mathias Krause) [Orabug: 17838023] {CVE-2012-6545} - llc: Fix missing msg_namelen update in llc_ui_recvmsg() (Mathias Krause) [Orabug: 17837945] {CVE-2013-3231} - HID: pantherlord: validate output report details (Kees Cook) [Orabug: 17837942] {CVE-2013-2892} - HID: zeroplus: validate output report details (Kees Cook) [Orabug: 17837936] {CVE-2013-2889} - HID: provide a helper for validating hid reports (Kees Cook) [Orabug: 17837936] - NFSv4: Check for buffer length in __nfs4_get_acl_uncached (Sven Wegener) [Orabug: 17837931] {CVE-2013-4591} - ansi_cprng: Fix off by one error in non-block size request (Neil Horman) [Orabug: 17837999] {CVE-2013-4345} - HID: validate HID report id size (Kees Cook) [Orabug: 17837925] {CVE-2013-2888} - ipv6: remove max_addresses check from ipv6_create_tempaddr (Hannes Frederic Sowa) [Orabug: 17837923] {CVE-2013-0343}

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 6
  • Oracle Linux 5
Class:
patch
Reference(s):
  • ELSA-2013-2585
  • CVE-2012-6545
  • CVE-2013-3231
  • CVE-2013-2164
  • CVE-2013-2234
  • CVE-2013-0343
  • CVE-2013-4345
  • CVE-2013-1928
  • CVE-2013-2888
  • CVE-2013-2889
  • CVE-2013-2892
  • CVE-2013-4591
Product(s):
  • kernel-uek
  • kernel-uek-debug-devel
  • kernel-uek-devel
  • kernel-uek-doc
  • kernel-uek-headers
  • ofa
  • mlnx_en
  • kernel-uek-debug
  • kernel-uek-firmware