[El-errata] New updates available via Ksplice (ELSA-2016-3570)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Wed Jun 15 07:13:36 PDT 2016


Synopsis: ELSA-2016-3570 can now be patched using Ksplice
CVEs: CVE-2016-4565

The recently released Oracle Linux 6, ELSA-2016-3570, does not fix any
security problems relevant to already running systems. You do not need
to take any action to update your systems.


DESCRIPTION

* CVE-2016-4565: Privilege escalation in Infiniband ioctl.

The Infiniband ioctl interface does not correctly validate parameters
from userspace which can allow local users to corrupt kernel memory and
escalate privileges.

SUPPORT

Ksplice support is available at ksplice-support_ww at oracle.com.





More information about the El-errata mailing list