Unbreakable Enterprise kernel security update

2016-05-20T00:00:00
ID ELSA-2016-3565
Type oraclelinux
Reporter Oracle
Modified 2016-05-20T00:00:00

Description

kernel-uek [3.8.13-118.6.2] - KEYS: Fix ASN.1 indefinite length object parsing This fixes CVE-2016-0758. (David Howells) [Orabug: 23279020] {CVE-2016-0758} - net: add validation for the socket syscall protocol argument (Hannes Frederic Sowa) [Orabug: 23267997] {CVE-2015-8543} {CVE-2015-8543} - ipv6: addrconf: validate new MTU before applying it (Marcelo Leitner) [Orabug: 23263252] {CVE-2015-8215} - unix: properly account for FDs passed over unix sockets (willy tarreau) [Orabug: 23262276] {CVE-2013-4312} {CVE-2013-4312}