[El-errata] ELSA-2014-3049 Important: Oracle Linux 7 unbreakable enterprise kernel security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Jul 24 09:10:45 PDT 2014


Oracle Linux Security Advisory ELSA-2014-3049

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:


x86_64:
kernel-uek-firmware-3.8.13-35.3.2.el7uek.noarch.rpm
kernel-uek-doc-3.8.13-35.3.2.el7uek.noarch.rpm
kernel-uek-3.8.13-35.3.2.el7uek.x86_64.rpm
kernel-uek-devel-3.8.13-35.3.2.el7uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-35.3.2.el7uek.x86_64.rpm
kernel-uek-debug-3.8.13-35.3.2.el7uek.x86_64.rpm
dtrace-modules-3.8.13-35.3.2.el7uek-0.4.3-4.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-3.8.13-35.3.2.el7uek.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/dtrace-modules-3.8.13-35.3.2.el7uek-0.4.3-4.el7.src.rpm



Description of changes:

kernel-uek
[3.8.13-35.3.2.el7uek]
- l2tp: fix an unprivileged user to kernel privilege escalation (Sasha 
Levin)  [Orabug: 19229497]  {CVE-2014-4943} {CVE-2014-4943}
- ptrace,x86: force IRET path after a ptrace_stop() (Tejun Heo) 
[Orabug: 19230689]  {CVE-2014-4699}
- net: flow_dissector: fail on evil iph->ihl (Jason Wang)  [Orabug: 
19231234]  {CVE-2013-4348}





More information about the El-errata mailing list