Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2019-4577)
High Nessus Plugin ID 122805
Synopsis
The remote Oracle Linux host is missing one or more security updates.
Description
Description of changes:
[2.6.39-400.307.1.el6uek]
- proc: restrict kernel stack dumps to root (John Donnelly) [Orabug: 29114880] {CVE-2018-17972}
- alarmtimer: Prevent overflow for relative nanosleep (Thomas Gleixner) [Orabug: 29269182] {CVE-2018-13053}
- ext4: only look at the bg_flags field if it is valid (Theodore Ts'o) [Orabug: 29409428] {CVE-2018-10876} {CVE-2018-10876}
- vfs: Add sb_rdonly(sb) to query the MS_RDONLY flag on s_flags (David Howells) [Orabug: 29409428] {CVE-2018-10876}
- net: Set sk_prot_creator when cloning sockets to the right proto (Christoph Paasch) [Orabug: 29422741] {CVE-2018-9568}
Solution
Update the affected unbreakable enterprise kernel packages.