SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   OS (Linux)  >   Linux Kernel Vendors:   kernel.org
(Oracle Issues Fix for Oracle Linux) Linux Kernel UDP Processing Flaw Lets Remote Users Deny Service
SecurityTracker Alert ID:  1033576
SecurityTracker URL:  http://securitytracker.com/id/1033576
CVE Reference:   CVE-2015-5364, CVE-2015-5366   (Links to External Site)
Date:  Sep 16 2015
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Oracle Linux 7
Description:   Two vulnerabilities were reported in the Linux Kernel. A remote user can cause denial of service conditions on the target system.

A remote user can send a flood of UDP packets with specially crafted checksums to cause the target application to hang [CVE-2015-5364].

A remote user can send a flood of UDP packets with specially crafted checksums to cause the target application to stop reading packets [CVE-2015-5366].

Impact:   A remote user can cause the target application to hang.

A remote user can cause the target application to stop reading packets.

Solution:   Oracle has issued a fix.

The Oracle Linux advisory is available at:

http://linux.oracle.com/errata/ELSA-2015-1778.html

Vendor URL:  linux.oracle.com/errata/ELSA-2015-1778.html (Links to External Site)
Cause:   State error

Message History:   This archive entry is a follow-up to the message listed below.
Jul 7 2015 Linux Kernel UDP Processing Flaw Lets Remote Users Deny Service



 Source Message Contents

Subject:  [El-errata] ELSA-2015-1778 Important: Oracle Linux 7 kernel security and bug fix update

Oracle Linux Security Advisory ELSA-2015-1778

http://linux.oracle.com/errata/ELSA-2015-1778.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
kernel-3.10.0-229.14.1.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-229.14.1.el7.noarch.rpm
kernel-debug-3.10.0-229.14.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-229.14.1.el7.x86_64.rpm
kernel-devel-3.10.0-229.14.1.el7.x86_64.rpm
kernel-doc-3.10.0-229.14.1.el7.noarch.rpm
kernel-headers-3.10.0-229.14.1.el7.x86_64.rpm
kernel-tools-3.10.0-229.14.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-229.14.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-229.14.1.el7.x86_64.rpm
perf-3.10.0-229.14.1.el7.x86_64.rpm
python-perf-3.10.0-229.14.1.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-229.14.1.el7.src.rpm



Description of changes:

[3.10.0-229.14.1.el7.OL7]
- Oracle Linux certificates (Alexey Petrenko)

[3.10.0-229.14.1.el7]
- [s390] zcrypt: Fixed reset and interrupt handling of AP queues 
(Hendrik Brueckner) [1248381 1238230]

[3.10.0-229.13.1.el7]
- [dma] ioat: fix tasklet tear down (Herton R. Krzesinski) [1251523 1210093]
- [drm] radeon: Fix VGA switcheroo problem related to hotplug (missing 
hunk) (Rob Clark) [1207879 1223472]
- [security] keys: Ensure we free the assoc array edit if edit is valid 
(David Howells) [1246039 1244171] {CVE-2015-1333}
- [net] tcp: properly handle stretch acks in slow start (Florian 
Westphal) [1243903 1151756]
- [net] tcp: fix no cwnd growth after timeout (Florian Westphal) 
[1243903 1151756]
- [net] tcp: increase throughput when reordering is high (Florian 
Westphal) [1243903 1151756]
- [of] Fix sysfs_dirent cache integrity issue (Gustavo Duarte) [1249120 
1225539]
- [tty] vt: don't set font mappings on vc not supporting this (Jarod 
Wilson) [1248384 1213538]
- [scsi] fix regression in scsi_send_eh_cmnd() (Ewan Milne) [1243412 
1167454]
- [net] udp: fix behavior of wrong checksums (Denys Vlasenko) [1240760 
1240761] {CVE-2015-5364 CVE-2015-5366}
- [fs] Convert MessageID in smb2_hdr to LE (Sachin Prabhu) [1238693 1161441]
- [x86] bpf_jit: fix compilation of large bpf programs (Denys Vlasenko) 
[1236938 1236939] {CVE-2015-4700}
- [net] sctp: fix ASCONF list handling (Marcelo Leitner) [1227960 
1206474] {CVE-2015-3212}
- [fs] ext4: allocate entire range in zero range (Lukas Czerner) 
[1193909 1187071] {CVE-2015-0275}
- [x86] ASLR bruteforce possible for vdso library (Jacob Tanenbaum) 
[1184898 1184899] {CVE-2014-9585}

[3.10.0-229.12.1.el7]
- [ethernet] ixgbe: remove CIAA/D register reads from bad VF check (John 
Greene) [1245597 1205903]
- [kernel] sched: Avoid throttle_cfs_rq() racing with period_timer 
stopping (Rik van Riel) [1241078 1236413]


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC