New Search

ELSA-2011-2037 -- Unbreakable Enterprise kernel security and bug fix update (moderate)

oval:org.mitre.oval:def:27916

[2.6.32-300.3.1.el6uek] - proc: fix oops on invalid /proc/<pid>/maps access (Linux Torvalds) - Revert 'capabilities: do not grant full privs for setuid w/ file caps + no effective caps' (Joe Jin) - [mm]: Use MMF_COMPAT instead ia32_compat to prevent kabi be broken (Joe Jin) - proc: enable writing to /proc/pid/mem (Stephen Wilson) - proc: make check_mem_permission() return an mm_struct on success (Stephen Wilson) - proc: hold cred_guard_mutex in check_mem_permission() (Joe Jin) - proc: disable mem_write after exec (Stephen Wilson) - mm: implement access_remote_vm (Stephen Wilson) - mm: factor out main logic of access_process_vm (Stephen Wilson) - mm: use mm_struct to resolve gate vma's in __get_user_pages (Stephen Wilson) - mm: arch: rename in_gate_area_no_task to in_gate_area_no_mm (Stephen Wilson) - mm: arch: make in_gate_area take an mm_struct instead of a task_struct (Stephen Wilson) - mm: arch: make get_gate_vma take an mm_struct instead of a task_struct (Stephen Wilson) - x86: mark associated mm when running a task in 32 bit compatibility mode (Stephen Wilson) - x86: add context tag to mark mm when running a task in 32-bit compatibility mode (Stephen Wilson) - auxv: require the target to be tracable (or yourself) (Al Viro) - close race in /proc/*/environ (Al Viro) - report errors in /proc/*/*map* sanely (Al Viro) - pagemap: close races with suid execve (Al Viro) - make sessionid permissions in /proc/*/task/* match those in /proc/* (Al Viro) - Revert 'report errors in /proc/*/*map* sanely' (Joe Jin) - Revert 'proc: fix oops on invalid /proc/<pid>/maps access' (Joe Jin)

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 5
  • Oracle Linux 6
Class:
patch
Reference(s):
  • ELSA-2011-2037
  • CVE-2011-1020
  • CVE-2011-1577
  • CVE-2011-1585
  • CVE-2011-2495
  • CVE-2011-2525
  • CVE-2011-3638
  • CVE-2011-4110
  • CVE-2011-4330
  • CVE-2011-2707
Product(s):
  • kernel-uek-doc
  • kernel-uek-debug
  • ofa
  • kernel-uek-debug-devel
  • kernel-uek-devel
  • kernel-uek-headers
  • kernel-uek-firmware
  • kernel-uek