readykernel-patch-15.2-2.4-1.vl7
- Kernel Update Version:
- 3.10.0-327.18.2.vz7.15.2
- Release Date:
- 2022-03-02 08:28:02
-
CVE-2016-3134
netfilter: missing bounds check in ipt_entry structure.
A security flaw was found in the Linux kernel in the mark_source_chains() function in "net/ipv4/netfilter/ip_tables.c". It is possible for a user-supplied "ipt_entry" structure to have a large "next_offset" field. This field is not bounds checked prior to writing to a counter value at the supplied offset. Patches: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54d83fc74aa9ec72794373cb47432c5f7fb1a309 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f24e230d257af1ad7476c6e81a8dc3127a74204ehttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-3134 -
CVE-2015-8953
overlayfs: Double dentry reference leak in copy-up failure.
A flaw was found in the implementation of overlayfs in the Linux kernel. An attacker can make the system leak resources by opening a large file for writing on an overlay filesystem that does not have enough space to handle writing of such amounts of data. Patch: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ab79efab0a0ba01a74df782eb7fa44b044dae8b5https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8953 -
CVE-2016-6828
Use after free in tcp_xmit_retransmit_queue.
A use after free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. Patch: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bb1fceca22492109be12640d49f5ea5a544c6bb4https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-6828 -
CVE-2016-6136
audit: Race condition vulnerability in execve argv arguments.
Race condition in the audit_log_single_execve_arg function in the Linux kernel allows local users to bypass intended character-set restrictions or disrupt audit of the system calls. Patch: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=43761473c254b45883a64441dd0bc85a42f3645chttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-6136 -
PSBM-49885
ext4: mfsync() was broken.
ext4: mfsync() was broken. -
PSBM-50864
ext4: fsync() for dirs/symlink was broken.
ext4: fsync() for dirs/symlink was broken. -
PSBM-51754
Container start and stop operations took too long when many network namespaces were created and destroyed.
Container start and stop operations took too long when many network namespaces were created and destroyed. -
PSBM-49918
Page allocator: freed memory pages could be accessed in the error paths.
Page allocator: freed memory pages could be accessed in the error paths. -
PSBM-50248
MAC filter was silently disabled for the containers in some cases.
MAC filter was silently disabled for the containers in some cases. -
CVE-2016-5696
tcp: challenge ACK counter information disclosure.
A flaw was found in the implementation of the Linux kernel's handling of networking challenge ack where an attacker is able to determine the shared counter which could be used to determine sequence numbers for TCP stream injection. Patch: https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit/?id=75ff39ccc1bd5d3c455b6822ab09e533c551f758https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-5696 -
CVE-2016-4470
Uninitialized variable in key_reject_and_link() causes a kernel crash in the error path
A flaw was found in the Linux kernel's keyring handling code. An uninitialized variable in key_reject_and_link() function could lead to a system crash or a use-after-free. Patch: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229ahttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-4470