SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   OS (Linux)  >   Linux Kernel Vendors:   kernel.org
(Oracle Issues Fix for Oracle Linux) Linux Kernel Out-of-Bounds Memory Access Error in SCTP Lets Remote Users Deny Service or Obtain Potentially Sensitive Information
SecurityTracker Alert ID:  1037902
SecurityTracker URL:  http://securitytracker.com/id/1037902
CVE Reference:   CVE-2016-9555   (Links to External Site)
Date:  Feb 24 2017
Impact:   Denial of service via network, Disclosure of system information, Disclosure of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Oracle Linux 6
Description:   A vulnerability was reported in the Linux kernel. A remote user can cause denial of service conditions on the target system. A remote user can obtain potentially sensitive information on the target system.

A remote user can send specially crafted data to trigger an out-of-bounds memory access error in sctp_sf_ootb() and obtain potentially sensitive information or cause denial of service conditions.

Andrey Konovalov reported this vulnerability.

Impact:   A remote user can cause denial of service conditions.

A remote user can obtain potentially sensitive information on the target system.

Solution:   Oracle has issued a fix.

The Oracle Linux advisory is available at:

http://linux.oracle.com/errata/ELSA-2017-0307.html

Vendor URL:  linux.oracle.com/errata/ELSA-2017-0307.html (Links to External Site)
Cause:   Access control error, Boundary error

Message History:   This archive entry is a follow-up to the message listed below.
Nov 24 2016 Linux Kernel Out-of-Bounds Memory Access Error in SCTP Lets Remote Users Deny Service or Obtain Potentially Sensitive Information



 Source Message Contents

Date:  Thu, 23 Feb 2017 19:04:57 -0800
Subject:  [El-errata] ELSA-2017-0307 Moderate: Oracle Linux 6 kernel security and bug fix update

Oracle Linux Security Advisory ELSA-2017-0307

http://linux.oracle.com/errata/ELSA-2017-0307.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
kernel-2.6.32-642.15.1.el6.i686.rpm
kernel-abi-whitelists-2.6.32-642.15.1.el6.noarch.rpm
kernel-debug-2.6.32-642.15.1.el6.i686.rpm
kernel-debug-devel-2.6.32-642.15.1.el6.i686.rpm
kernel-devel-2.6.32-642.15.1.el6.i686.rpm
kernel-doc-2.6.32-642.15.1.el6.noarch.rpm
kernel-firmware-2.6.32-642.15.1.el6.noarch.rpm
kernel-headers-2.6.32-642.15.1.el6.i686.rpm
perf-2.6.32-642.15.1.el6.i686.rpm
python-perf-2.6.32-642.15.1.el6.i686.rpm

x86_64:
kernel-2.6.32-642.15.1.el6.x86_64.rpm
kernel-abi-whitelists-2.6.32-642.15.1.el6.noarch.rpm
kernel-debug-2.6.32-642.15.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-642.15.1.el6.i686.rpm
kernel-debug-devel-2.6.32-642.15.1.el6.x86_64.rpm
kernel-devel-2.6.32-642.15.1.el6.x86_64.rpm
kernel-doc-2.6.32-642.15.1.el6.noarch.rpm
kernel-firmware-2.6.32-642.15.1.el6.noarch.rpm
kernel-headers-2.6.32-642.15.1.el6.x86_64.rpm
perf-2.6.32-642.15.1.el6.x86_64.rpm
python-perf-2.6.32-642.15.1.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-642.15.1.el6.src.rpm



Description of changes:

[2.6.32-642.15.1.el6]
- [net] dccp: fix freeing skb too early for IPV6_RECVPKTINFO (Hannes 
Frederic Sowa) [1424626 1424628] {CVE-2017-6074}

[2.6.32-642.14.1.el6]
- [net] sctp: validate chunk len before actually using it (Hangbin Liu) 
[1399456 1399457] {CVE-2016-9555}
- [netdrv] qlcnic: add wmb() call in transmit data path (Harish Patil) 
[1403143 1342659]
- [kernel] audit: fix a double fetch in audit_log_single_execve_arg() 
(Paul Moore) [1359302 1359304] {CVE-2016-6136}
- [fs] nfs: Kill fscache warnings when mounting without -ofsc (David 
Howells) [1399172 1353844]
- [fs] nfs: Fix a compile issue when CONFIG_NFS_FSCACHE was undefined 
(David Howells) [1399172 1353844]
- [fs] nfs: Don't pass mount data to nfs_fscache_get_super_cookie() 
(David Howells) [1399172 1353844]
- [fs] nfsd: handle fileid wraparound (Dave Wysochanski) [1399174 1397552]
- [scsi] hpsa: correct logical resets (Joseph Szczypek) [1399175 1083110]
- [scsi] hpsa: generate a controller NMI (Joseph Szczypek) [1399175 1083110]
- [scsi] hpsa: update driver version to 3.4.10-0-RH3 (Joseph Szczypek) 
[1399175 1083110]
- [scsi] hpsa: Check for null devices in ioaccel submission patch 
(Joseph Szczypek) [1399175 1083110]
- [scsi] hpsa: check for null device pointers (Joseph Szczypek) [1399175 
1083110]
- [scsi] hpsa: correct skipping masked peripherals (Joseph Szczypek) 
[1399175 1083110]
- [scsi] hpsa: generalize external arrays (Joseph Szczypek) [1399175 
1083110]
- [fs] ext4: fix extent tree corruption caused by hole punch (Lukas 
Czerner) [1397808 1351798]
- [hv] do not lose pending heartbeat vmbus packets (Vitaly Kuznetsov) 
[1397739 1378614]
- [powerpc] ppc64: Fix incorrect return value from __copy_tofrom_user 
(Gustavo Duarte) [1398185 1387243]


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2017, SecurityGlobal.net LLC