readykernel-patch-15.2-2.1-1.vl7
- Kernel Update Version:
- 3.10.0-327.18.2.vz7.15.2
- Release Date:
- 2022-03-02 08:28:02
-
CVE-2016-5696
tcp: challenge ACK counter information disclosure.
A flaw was found in the implementation of the Linux kernel's handling of networking challenge ack where an attacker is able to determine the shared counter which could be used to determine sequence numbers for TCP stream injection. Patch: https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-5696 -
CVE-2016-4470
Uninitialized variable in key_reject_and_link() causes a kernel crash in the error path
A flaw was found in the Linux kernel's keyring handling code. An uninitialized variable in key_reject_and_link() function could lead to a system crash or a use-after-free. Patch: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229ahttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-4470