ALT-PU-2016-2300-1
Package kernel-image-un-def updated to version 4.8.8-alt1 for branch sisyphus in task 172273.
Closed vulnerabilities
BDU:2017-01280
Уязвимость функции sctp_sf_ootb ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или оказать другое воздействие
Modified: 2024-11-21
CVE-2016-7039
The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a related issue to CVE-2016-8666.
- RHSA-2016:2047
- RHSA-2016:2047
- RHSA-2016:2107
- RHSA-2016:2107
- RHSA-2016:2110
- RHSA-2016:2110
- [oss-security] 20161010 CVE-2016-7039 Kernel: net: unbounded recursion in the vlan GRO processing
- [oss-security] 20161010 CVE-2016-7039 Kernel: net: unbounded recursion in the vlan GRO processing
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
- 93476
- 93476
- RHSA-2017:0372
- RHSA-2017:0372
- https://bto.bluecoat.com/security-advisory/sa134
- https://bto.bluecoat.com/security-advisory/sa134
- https://bugzilla.redhat.com/show_bug.cgi?id=1375944
- https://bugzilla.redhat.com/show_bug.cgi?id=1375944
- https://patchwork.ozlabs.org/patch/680412/
- https://patchwork.ozlabs.org/patch/680412/
Modified: 2024-11-21
CVE-2016-9555
The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bf911e985d6bbaa328c20c3e05f4eb03de11fdd6
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bf911e985d6bbaa328c20c3e05f4eb03de11fdd6
- SUSE-SU-2016:3096
- SUSE-SU-2016:3096
- SUSE-SU-2016:3113
- SUSE-SU-2016:3113
- SUSE-SU-2016:3116
- SUSE-SU-2016:3116
- SUSE-SU-2016:3117
- SUSE-SU-2016:3117
- SUSE-SU-2016:3169
- SUSE-SU-2016:3169
- SUSE-SU-2016:3183
- SUSE-SU-2016:3183
- SUSE-SU-2016:3197
- SUSE-SU-2016:3197
- SUSE-SU-2016:3205
- SUSE-SU-2016:3205
- SUSE-SU-2016:3206
- SUSE-SU-2016:3206
- SUSE-SU-2016:3247
- SUSE-SU-2016:3247
- RHSA-2017:0086
- RHSA-2017:0086
- RHSA-2017:0091
- RHSA-2017:0091
- RHSA-2017:0113
- RHSA-2017:0113
- RHSA-2017:0307
- RHSA-2017:0307
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.8
- http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.8
- [oss-security] 20161122 CVE Request: Linux: net/sctp: slab-out-of-bounds in sctp_sf_ootb
- [oss-security] 20161122 CVE Request: Linux: net/sctp: slab-out-of-bounds in sctp_sf_ootb
- 94479
- 94479
- 1037339
- 1037339
- https://bto.bluecoat.com/security-advisory/sa134
- https://bto.bluecoat.com/security-advisory/sa134
- https://bugzilla.redhat.com/show_bug.cgi?id=1397930
- https://bugzilla.redhat.com/show_bug.cgi?id=1397930
- https://github.com/torvalds/linux/commit/bf911e985d6bbaa328c20c3e05f4eb03de11fdd6
- https://github.com/torvalds/linux/commit/bf911e985d6bbaa328c20c3e05f4eb03de11fdd6
- https://groups.google.com/forum/#%21topic/syzkaller/pAUcHsUJbjk
- https://groups.google.com/forum/#%21topic/syzkaller/pAUcHsUJbjk