Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
oraclelinuxOracleLinuxELSA-2016-1847
HistorySep 14, 2016 - 12:00 a.m.

kernel security, bug fix, and enhancement update

2016-09-1400:00:00
linux.oracle.com
43

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

72.1%

JSON
  • [3.10.0-327.36.1.OL7]
  • Oracle Linux certificates (Alexey Petrenko)
    [3.10.0-327.36.1]
  • [x86] Use pte_none() to test for empty PTE (Larry Woodman) [1363860 1347159]
  • [x86] Disallow running with 32-bit PTEs to work around erratum (Larry Woodman) [1363860 1347159]
  • [x86] Ignore A/D bits in pte/pmd/pud_none() (Alexander Gordeev) [1363860 1347159]
  • [x86] Move swap offset/type up in PTE to work around erratum (Alexander Gordeev) [1363860 1347159]
  • [x86] cpu/intel: Introduce macros for Intel family numbers (Steve Best) [1364074 1273778]
    [3.10.0-327.35.1]
  • Revert: [x86] cpu/intel: Introduce macros for Intel family numbers (Steve Best) [1364074 1273778]
  • Revert: [x86] Move swap offset/type up in PTE to work around erratum (Larry Woodman) [1363860 1347159]
  • Revert: [x86] Ignore A/D bits in pte/pmd/pud_none() (Larry Woodman) [1363860 1347159]
  • Revert: [x86] Disallow running with 32-bit PTEs to work around erratum (Larry Woodman) [1363860 1347159]
  • Revert: [x86] Use pte_none() to test for empty PTE (Larry Woodman) [1363860 1347159]
    [3.10.0-327.34.1]
  • [x86] Use pte_none() to test for empty PTE (Larry Woodman) [1363860 1347159]
  • [x86] Disallow running with 32-bit PTEs to work around erratum (Larry Woodman) [1363860 1347159]
  • [x86] Ignore A/D bits in pte/pmd/pud_none() (Larry Woodman) [1363860 1347159]
  • [x86] Move swap offset/type up in PTE to work around erratum (Larry Woodman) [1363860 1347159]
  • [x86] cpu/intel: Introduce macros for Intel family numbers (Steve Best) [1364074 1273778]
  • [net] sctp: support ipv6 nonlocal bind (Xin Long) [1363847 1355769]
  • [fs] xfs: fix duplicate buffer flag bits (Brian Foster) [1363677 1358817]
  • [fs] sunrpc: Fix races between socket connection and destroy code (Steve Dickson) [1363617 1278540]
  • [fs] sunrpc: Add helpers to prevent socket create from racing (Steve Dickson) [1363617 1270038]
  • [acpi] battery: Accelerate battery resume callback (Jeremy McNicoll) [1363611 1270522]
  • [scsi] 3w-sas: fix command completion race (Tomas Henzl) [1362040 1294538]
  • [kernel] hrtimer: Prevent remote enqueue of leftmost timers (David Bulkow) [1361020 1323752]
  • [scsi] storvsc: Size the queue depth based on the ringbuffer size (Cathy Avery) [1360161 1287040]
  • [scsi] storvsc: Increase the ring buffer size (Cathy Avery) [1360161 1287040]
  • [scsi] vmbus: Support a vmbus API for efficiently sending page arrays (Cathy Avery) [1360161 1287040]
  • [fs] ovl: verify upper dentry in ovl_remove_and_whiteout() (Miklos Szeredi) [1364384 1359829]
  • [fs] ovl: verify upper dentry before unlink and rename (Miklos Szeredi) [1360155 1341795]
  • [fs] ovl: fix getcwd() failure after unsuccessful rmdir (Miklos Szeredi) [1360155 1341795]
  • [base] memory: fix kernel warning during memory hotplug on ppc64 (Laurent Vivier) [1357130 1276205]
  • [fs] sunrpc: increase UNX_MAXNODENAME from 32 to __NEW_UTS_LEN bytes (Benjamin Coddington) [1356880 1315390]
  • [net] tcp: enable per-socket rate limiting of all ‘challenge acks’ (Florian Westphal) [1355603 1355605] {CVE-2016-5696}
  • [net] tcp: uninline tcp_oow_rate_limited() (Florian Westphal) [1355603 1355605] {CVE-2016-5696}
  • [net] tcp: make challenge acks less predictable (Florian Westphal) [1355603 1355605] {CVE-2016-5696}
  • [net] netfilter: x_tables: speed up jump target validation (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: don’t reject valid target size on some architectures (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: enforce nul-terminated table name from getsockopt GET_ENTRIES (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: make sure e->next_offset covers remaining blob size (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: introduce and use xt_copy_counters_from_user (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: do compat validation via translate_table (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: xt_compat_match_from_user doesn’t need a retval (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: arp_tables: simplify translate_compat_table args (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: ip6_tables: simplify translate_compat_table args (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: ip_tables: simplify translate_compat_table args (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: remove unused comefrom hookmask argument (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: validate all offsets and sizes in a rule (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: check for bogus target offset (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: check standard target size too (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: add compat version of xt_check_entry_offsets (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: assert minimum target size (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: kill check_entry helper (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: add and use xt_check_entry_offsets (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: validate targets of jumps (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: don’t move to non-existent next rule (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: fix unconditional helper (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: validate e->target_offset early (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [net] netfilter: x_tables: check for size overflow (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
  • [block] nvme: Add pci error handlers (David Milburn) [1350352 1288601]
  • [block] nvme: protect against simultaneous shutdown invocations (David Milburn) [1350352 1288601]
  • [block] nvme: Set affinity after allocating request queues (Frank Ramsay) [1350352 1288601]
  • [block] nvme: Fix device cleanup on initialization failure (David Milburn) [1350352 1288601]
  • [block] nvme: fix kernel memory corruption with short INQUIRY buffers (David Milburn) [1350352 1288601]
  • [net] bridge: include in6.h in if_bridge.h for struct in6_addr (Jiri Benc) [1331285 1268057]
  • [net] inet: defines IPPROTO_* needed for module alias generation (Jiri Benc) [1331285 1268057]
  • [net] sync some IP headers with glibc (Jiri Benc) [1331285 1268057]
    [3.10.0-327.33.1]
  • [powerpc] mm: don’t do tlbie for updatepp request with NO HPTE fault (Gustavo Duarte) [1361462 1287289]
  • [mm] slub: do not drop slab_mutex for sysfs_slab_add (Larry Woodman) [1361019 1282934]
    [3.10.0-327.32.1]
  • [fs] xfs: give all workqueues rescuer threads (Brian Foster) [1359630 1298684]
  • [fs] xfs: cancel eofblocks background trimming on remount read-only (Brian Foster) [1358777 1339414]
  • [netdrv] bonding: Prevent IPv6 link local address on enslaved devices (Jarod Wilson) [1357868 1297931]
  • [kernel] ptrace: make wait_on_bit(JOBCTL_TRAPPING_BIT) in ptrace_attach() killable (Jiri Olsa) [1354285 1334503]
    [3.10.0-327.31.1]
  • [kernel] ptrace: task_clear_jobctl_trapping()->wake_up_bit() needs mb() (Daniel Bristot de Oliveira) [1354313 1350624]
  • [net] sctp: label accepted/peeled off sockets (Marcelo Leitner) [1354302 1247756]
  • [char] ipmi: Remove smi_msg from waiting_rcv_msgs list before handle_one_recv_msg() (David Arcari) [1353947 1348013]
  • [netdrv] bnx2x: don’t wait for Tx completion on recovery (Michal Schmidt) [1351972 1320748]
  • [pci] aer: Clear error status registers during enumeration and restore (Prarit Bhargava) [1350304 1347459]
    [3.10.0-327.30.1]
  • [net] netfilter: bridge: Use __in6_dev_get rather than in6_dev_get in br_validate_ipv6 (Paolo Abeni) [1343640 1265259]
  • [net] netfilter: bridge: don’t leak skb in error paths (Paolo Abeni) [1343640 1265259]
  • [net] netfilter: bridge: forward IPv6 fragmented packets (Paolo Abeni) [1343640 1265259]
  • [net] netfilter: bridge: re-order check_hbh_len() (Paolo Abeni) [1343640 1265259]
  • [net] netfilter: bridge: refactor frag_max_size (Paolo Abeni) [1343640 1265259]
  • [net] netfilter: bridge: really save frag_max_size between PRE and POST_ROUTING (Paolo Abeni) [1343640 1265259]
  • [net] bridge: Save frag_max_size between PRE_ROUTING and POST_ROUTING (Paolo Abeni) [1343640 1265259]
    [3.10.0-327.29.1]
  • [fs] fanotify: fix double free of pending permission events (Richard Guy Briggs) [1352939 1339092]
  • [fs] fsnotify: rename event handling functions (Richard Guy Briggs) [1352939 1339092]
  • [fs] fanotify: convert access_mutex to spinlock (Richard Guy Briggs) [1352939 1339092]
  • [fs] fanotify: use fanotify event structure for permission response processing (Richard Guy Briggs) [1352939 1339092]
  • [fs] fanotify: remove useless bypass_perm check (Richard Guy Briggs) [1352939 1339092]
  • [fs] fanotify: fix notification of groups with inode & mount marks (Miklos Szeredi) [1348828 1308393]
  • [fs] fsnotify: Allocate overflow events with proper type (Richard Guy Briggs) [1345774 1135562]
  • [fs] fanotify: Handle overflow in case of permission events (Richard Guy Briggs) [1345774 1135562]
  • [fs] fsnotify: Fix detection whether overflow event is queued (Richard Guy Briggs) [1345774 1135562]
  • [fs] inotify: Fix reporting of cookies for inotify events (Richard Guy Briggs) [1345774 1135562]
  • [fs] fanotify: Fix use after free for permission events (Richard Guy Briggs) [1345774 1135562]
  • [fs] fsnotify: Do not return merged event from fsnotify_add_notify_event() (Richard Guy Briggs) [1345774 1135562]
  • [fs] fanotify: Fix use after free in mask checking (Richard Guy Briggs) [1345774 1135562]
  • [fs] fsnotify: remove pointless NULL initializers (Richard Guy Briggs) [1345774 1135562]
  • [fs] fsnotify: remove .should_send_event callback (Richard Guy Briggs) [1345774 1135562]
  • [fs] fsnotify: do not share events between notification groups (Richard Guy Briggs) [1345774 1135562]
  • [fs] inotify: provide function for name length rounding (Richard Guy Briggs) [1345774 1135562]
  • [fs] revert ‘inotify: don’t add consecutive overflow events to the queue’ (Richard Guy Briggs) [1345774 1135562]
  • Revert: [fs] fanotify: fix notification of groups with inode & mount marks (Miklos Szeredi) [1348828 1308393]
OSVersionArchitecturePackageVersionFilename
oracle linux7srckernel< 3.10.0-327.36.1.el7kernel-3.10.0-327.36.1.el7.src.rpm
oracle linux7x86_64kernel< 3.10.0-327.36.1.el7kernel-3.10.0-327.36.1.el7.x86_64.rpm
oracle linux7noarchkernel-abi-whitelists< 3.10.0-327.36.1.el7kernel-abi-whitelists-3.10.0-327.36.1.el7.noarch.rpm
oracle linux7x86_64kernel-debug< 3.10.0-327.36.1.el7kernel-debug-3.10.0-327.36.1.el7.x86_64.rpm
oracle linux7x86_64kernel-debug-devel< 3.10.0-327.36.1.el7kernel-debug-devel-3.10.0-327.36.1.el7.x86_64.rpm
oracle linux7x86_64kernel-devel< 3.10.0-327.36.1.el7kernel-devel-3.10.0-327.36.1.el7.x86_64.rpm
oracle linux7noarchkernel-doc< 3.10.0-327.36.1.el7kernel-doc-3.10.0-327.36.1.el7.noarch.rpm
oracle linux7x86_64kernel-headers< 3.10.0-327.36.1.el7kernel-headers-3.10.0-327.36.1.el7.x86_64.rpm
oracle linux7x86_64kernel-tools< 3.10.0-327.36.1.el7kernel-tools-3.10.0-327.36.1.el7.x86_64.rpm
oracle linux7x86_64kernel-tools-libs< 3.10.0-327.36.1.el7kernel-tools-libs-3.10.0-327.36.1.el7.x86_64.rpm
Rows per page:
1-10 of 131

Related

nessus 66
ibm 3
redhat 11
openvas 26
oraclelinux 11
suse 9
centos 3
fedora 2
amazon 1
archlinux 4
thn 2
huawei 1
symantec 1
fortinet 1
arista 1
debiancve 4
prion 5
f5 3
ubuntucve 4
redhatcve 3
paloalto 1
veracode 4
mageia 3
cve 5
android 1
zdt 3
metasploit 1
packetstorm 2
exploitpack 1
exploitdb 2
threatpost 1
ubuntu 14
nessus
nessus
RHEL 6 : MRG (RHSA-2016:1883)
2016-09-15 00:00:00
Scientific Linux Security Update : kernel on SL7.x x86_64 (20160915)
2016-09-16 00:00:00
EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1048)
2017-05-01 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM
2018-06-18 01:34:02
Security Bulletin: Vulnerability in Linux Kernel affects SAN Volume Controller, Storwize family and FlashSystem V9000 products (CVE-2016-5696)
2023-03-29 01:48:02
Security Bulletin: Vulnerability in kernel affects Power Hardware Management Console (‪CVE-2016-3134‬‬)
2021-09-23 01:31:39
redhat
redhat
(RHSA-2016:1883) Important: kernel-rt security and bug fix update
2016-09-14 14:42:27
(RHSA-2016:1875) Important: kernel-rt security and bug fix update
2016-09-14 14:34:58
(RHSA-2016:1847) Important: kernel security, bug fix, and enhancement update
2016-09-14 14:34:54
openvas
openvas
CentOS Update for kernel CESA-2016:1847 centos7
2016-09-20 00:00:00
RedHat Update for kernel RHSA-2016:1847-01
2016-09-16 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2016-1048)
2020-01-23 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2016-09-22 00:00:00
Unbreakable Enterprise kernel security update
2016-09-22 00:00:00
Unbreakable Enterprise kernel security update
2016-09-22 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2016-06-30 21:07:43
Security update for the Linux Kernel (important)
2016-06-30 21:09:07
Security update for the Linux Kernel (important)
2016-12-09 18:11:19
centos
centos
kernel, perf, python security update
2016-09-19 15:43:06
kernel, perf, python security update
2016-08-23 20:59:58
kernel, perf, python security update
2016-08-20 02:00:21
fedora
fedora
[SECURITY] Fedora 22 Update: kernel-4.4.14-200.fc22
2016-07-19 07:20:52
[SECURITY] Fedora 24 Update: kernel-4.6.3-300.fc24
2016-06-30 21:30:47
amazon
amazon
Medium: kernel
2016-06-24 22:21:00
archlinux
archlinux
linux: information disclosure
2016-08-14 00:00:00
linux-grsec: information disclosure
2016-08-14 00:00:00
linux-lts: information disclosure
2016-08-21 00:00:00
thn
thn
Linux TCP Flaw allows Hackers to Hijack Internet Traffic and Inject Malware Remotely
2016-08-10 23:18:00
Internet Traffic Hijacking Linux Flaw Affects 80% of Android Devices
2016-08-16 01:31:00
huawei
huawei
Security Advisory - TCP Connection Hijack Vulnerability
2016-09-07 00:00:00
symantec
symantec
SA131 : TCP Session Hijacking in Operating Systems Supporting RFC 5961
2016-09-14 08:00:00
fortinet
fortinet
Linux kernel - challenge ack information leak
2017-04-04 00:00:00
arista
arista
Security Advisory 0023
2016-08-15 00:00:00
debiancve
debiancve
CVE-2016-5696
2016-08-06 20:59:00
CVE-2016-4998
2016-07-03 21:59:00
CVE-2016-3134
2016-04-27 17:59:00
prion
prion
Out-of-bounds
2016-07-03 21:59:00
Memory corruption
2016-07-03 21:59:00
Design/Logic Flaw
2016-08-06 20:59:00
f5
f5
K74171196 : Linux kernel vulnerability CVE-2016-4998
2017-02-22 00:00:00
K46514822 : Linux TCP stack vulnerability CVE-2016-5696
2016-08-26 00:00:00
SOL46514822 - Linux TCP stack vulnerability CVE-2016-5696
2016-08-26 00:00:00
ubuntucve
ubuntucve
CVE-2016-4998
2016-06-24 00:00:00
CVE-2016-5696
2016-08-06 00:00:00
CVE-2016-3134
2016-03-09 00:00:00
redhatcve
redhatcve
CVE-2016-4998
2016-06-27 06:49:23
CVE-2016-5696
2016-07-12 08:48:22
CVE-2016-4997
2016-06-27 06:49:15
paloalto
paloalto
Kernel Vulnerability
2017-05-23 03:00:00
veracode
veracode
TCP Session Hijack
2019-01-15 09:12:58
Denial Of Service (DoS)
2019-01-15 09:14:51
Denial Of Service (DoS)
2019-01-15 09:13:33
mageia
mageia
Updated kernel-tmb packages fix security vulnerabilities
2016-08-31 18:32:33
Updated kernel packages fix security vulnerability
2016-07-31 23:39:13
Updated kernel-linus packages fix security vulnerabilities
2016-08-31 18:32:33
cve
cve
CVE-2016-4997
2016-07-03 21:59:00
CVE-2016-5696
2016-08-06 20:59:00
CVE-2016-4998
2016-07-03 21:59:00
android
android
CVE-2016-3134
2016-09-01 00:00:00
zdt
zdt
Linux Kernel 4.6.3 Netfilter Privilege Escalation Exploit
2016-11-24 00:00:00
Linux Kernel 4.6.3 Netfilter Privilege Escalation Vulnerability
2016-09-27 00:00:00
Linux Kernel 3.10 / 3.18 / 4.4 - Netfilter IPT_SO_SET_REPLACE Memory Corruption
2016-03-09 00:00:00
metasploit
metasploit
Linux Kernel 4.6.3 Netfilter Privilege Escalation
2016-11-18 18:52:09
packetstorm
packetstorm
Linux Kernel 4.6.3 Netfilter Privilege Escalation
2016-11-23 00:00:00
Linux Kernel 4.6.3 Netfilter Privilege Escalation
2016-09-27 00:00:00
exploitpack
exploitpack
Linux Kernel 4.6.2 (Ubuntu 16.04.1) - IP6T_SO_SET_REPLACE Local Privilege Escalation
2016-10-10 00:00:00
exploitdb
exploitdb
Linux Kernel 4.6.2 (Ubuntu 16.04.1) - &#039;IP6T_SO_SET_REPLACE&#039; Local Privilege Escalation
2016-10-10 00:00:00
Linux Kernel 4.6.3 (x86) - &#039;Netfilter&#039; Local Privilege Escalation (Metasploit)
2016-09-27 00:00:00
threatpost
threatpost
Serious TCP Bug in Linux Systems Allows Traffic Hijacking
2016-08-10 12:55:01
ubuntu
ubuntu
Linux kernel vulnerabilities
2017-06-21 00:00:00
Linux kernel regression
2017-06-29 00:00:00
Linux kernel (Raspberry Pi 2) vulnerabilities
2016-06-27 00:00:00

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

72.1%

JSON
Related for ELSA-2016-1847
nessus66ibm3redhat11openvas26oraclelinux11suse9centos3fedora2amazon1archlinux4thn2huawei1symantec1fortinet1arista1debiancve4prion5f53ubuntucve4redhatcve3paloalto1veracode4mageia3cve5android1zdt3metasploit1packetstorm2exploitpack1exploitdb2threatpost1ubuntu14