ALT-PU-2017-1810-1
Package kernel-image-un-def updated to version 4.9.35-alt0.M80P.1 for branch p8 in task 184983.
Closed vulnerabilities
BDU:2017-01480
Уязвимость реализации механизма Stack Guard-Page ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2019-00227
Уязвимость реализации протокола Keberos v5 ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2017-1000365
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.
Modified: 2024-11-21
CVE-2017-7482
In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.
- [oss-security] 20170626 CVE-2017-7482 Linux kernel: krb5 ticket decode len check.
- [oss-security] 20170626 CVE-2017-7482 Linux kernel: krb5 ticket decode len check.
- 99299
- 99299
- 1038787
- 1038787
- RHSA-2019:0641
- RHSA-2019:0641
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7482
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7482
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f2f97656ada8d811d3c1bef503ced266fcd53a0
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f2f97656ada8d811d3c1bef503ced266fcd53a0
- DSA-3927
- DSA-3927
- DSA-3945
- DSA-3945