{ "Title": "ELSA-2017-3516: Unbreakable Enterprise kernel security update (IMPORTANT)", "Description": "[2.6.39-400.294.2]\n- vfs: read file_handle only once in handle_to_path (Sasha Levin) [Orabug: 25388709] {CVE-2015-1420}\n- crypto: algif_hash - Only export and import on sockets with data (Herbert Xu) [Orabug: 25417807]\n- USB: usbfs: fix potential infoleak in devio (Kangjie Lu) [Orabug: 25462763] {CVE-2016-4482}\n- net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462811] {CVE-2016-4485}\n- af_unix: Guard against other == sk in unix_dgram_sendmsg (Rainer Weikusat) [Orabug: 25464000] {CVE-2013-7446}\n- unix: avoid use-after-free in ep_remove_wait_queue (Rainer Weikusat) [Orabug: 25464000] {CVE-2013-7446}", "Platform": [ "Oracle Linux 5", "Oracle Linux 6" ], "References": [ { "Source": "elsa", "URI": "http://linux.oracle.com/errata/ELSA-2017-3516.html", "ID": "ELSA-2017-3516" }, { "Source": "CVE", "URI": "http://linux.oracle.com/cve/CVE-2016-4485.html", "ID": "CVE-2016-4485" }, { "Source": "CVE", "URI": "http://linux.oracle.com/cve/CVE-2016-8646.html", "ID": "CVE-2016-8646" }, { "Source": "CVE", "URI": "http://linux.oracle.com/cve/CVE-2016-4482.html", "ID": "CVE-2016-4482" }, { "Source": "CVE", "URI": "http://linux.oracle.com/cve/CVE-2013-7446.html", "ID": "CVE-2013-7446" }, { "Source": "CVE", "URI": "http://linux.oracle.com/cve/CVE-2015-1420.html", "ID": "CVE-2015-1420" } ], "Criteria": { "Operator": "OR", "Criterias": [ { "Operator": "AND", "Criterias": [ { "Operator": "OR", "Criterias": [ { "Operator": "AND", "Criterias": null, "Criterions": [ { "Comment": "kernel-uek-firmware is earlier than 0:2.6.39-400.294.2.el5uek" }, { "Comment": "kernel-uek-firmware is signed with the Oracle Linux 5 key" } ] }, { "Operator": "AND", "Criterias": null, "Criterions": [ { "Comment": "kernel-uek-debug is earlier than 0:2.6.39-400.294.2.el5uek" }, { "Comment": "kernel-uek-debug is signed with the Oracle Linux 5 key" } ] }, { "Operator": "AND", "Criterias": null, "Criterions": [ { "Comment": "kernel-uek-doc is earlier than 0:2.6.39-400.294.2.el5uek" }, { "Comment": "kernel-uek-doc is signed with the Oracle Linux 5 key" } ] }, { "Operator": "AND", "Criterias": null, "Criterions": [ { "Comment": "kernel-uek-debug-devel is earlier than 0:2.6.39-400.294.2.el5uek" }, { "Comment": "kernel-uek-debug-devel is signed with the Oracle Linux 5 key" } ] }, { "Operator": "AND", "Criterias": null, "Criterions": [ { "Comment": "kernel-uek-devel is earlier than 0:2.6.39-400.294.2.el5uek" }, { "Comment": "kernel-uek-devel is signed with the Oracle Linux 5 key" } ] }, { "Operator": "AND", "Criterias": null, "Criterions": [ { "Comment": "kernel-uek is earlier than 0:2.6.39-400.294.2.el5uek" }, { "Comment": "kernel-uek is signed with the Oracle Linux 5 key" } ] } ], "Criterions": null } ], "Criterions": [ { "Comment": "Oracle Linux 5 is installed" } ] }, { "Operator": "AND", "Criterias": [ { "Operator": "OR", "Criterias": [ { "Operator": "AND", "Criterias": null, "Criterions": [ { "Comment": "kernel-uek-debug-devel is earlier than 0:2.6.39-400.294.2.el6uek" }, { "Comment": "kernel-uek-debug-devel is signed with the Oracle Linux 6 key" } ] }, { "Operator": "AND", "Criterias": null, "Criterions": [ { "Comment": "kernel-uek is earlier than 0:2.6.39-400.294.2.el6uek" }, { "Comment": "kernel-uek is signed with the Oracle Linux 6 key" } ] }, { "Operator": "AND", "Criterias": null, "Criterions": [ { "Comment": "kernel-uek-firmware is earlier than 0:2.6.39-400.294.2.el6uek" }, { "Comment": "kernel-uek-firmware is signed with the Oracle Linux 6 key" } ] }, { "Operator": "AND", "Criterias": null, "Criterions": [ { "Comment": "kernel-uek-devel is earlier than 0:2.6.39-400.294.2.el6uek" }, { "Comment": "kernel-uek-devel is signed with the Oracle Linux 6 key" } ] }, { "Operator": "AND", "Criterias": null, "Criterions": [ { "Comment": "kernel-uek-doc is earlier than 0:2.6.39-400.294.2.el6uek" }, { "Comment": "kernel-uek-doc is signed with the Oracle Linux 6 key" } ] }, { "Operator": "AND", "Criterias": null, "Criterions": [ { "Comment": "kernel-uek-debug is earlier than 0:2.6.39-400.294.2.el6uek" }, { "Comment": "kernel-uek-debug is signed with the Oracle Linux 6 key" } ] } ], "Criterions": null } ], "Criterions": [ { "Comment": "Oracle Linux 6 is installed" } ] } ], "Criterions": null }, "Severity": "IMPORTANT", "Cves": [ { "Impact": "", "Href": "http://linux.oracle.com/cve/CVE-2016-4485.html", "ID": "CVE-2016-4485" }, { "Impact": "", "Href": "http://linux.oracle.com/cve/CVE-2016-8646.html", "ID": "CVE-2016-8646" }, { "Impact": "", "Href": "http://linux.oracle.com/cve/CVE-2016-4482.html", "ID": "CVE-2016-4482" }, { "Impact": "", "Href": "http://linux.oracle.com/cve/CVE-2013-7446.html", "ID": "CVE-2013-7446" }, { "Impact": "", "Href": "http://linux.oracle.com/cve/CVE-2015-1420.html", "ID": "CVE-2015-1420" } ] }