ClickCease OracleLinux 6 ELS: kernel v. 2.6.32-754.35.2 released - TuxCare

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

OracleLinux 6 ELS: kernel v. 2.6.32-754.35.2 released

August 16, 2021 - TuxCare PR Team

A new updated OracleLinus 6 kernel v.2.6.32-754.35.2 within OracleLinux 6 ELS is now available for download from our production repository.

CHANGELOG

kernel-2.6.32-754.35.2

  • ELS-138: netfilter: x_tables: add missing tables zeroing
  • ELS-138: CVE-2021-33909: seq_file: disallow extremely large seq buffer allocation
  • ELS-138: CVE-2021-22555: netfilter: x_tables: fix compact match/target pad out-of-bound write
  • ELS-138: CVE-2020-29661: tty: Fix ->pgrp locking in tiocspgrp()
  • ELS-138: CVE-2020-25656: vt: keyboard, extend func_buf_lock to readers
  • ELS-138: CVE-2020-25656: tty/vt: fix write/write race in ioctl(KDSKBSENT) handler
  • ELS-138: CVE-2020-25656: vt: keyboard, simplify vt_kdgkbsent
  • ELS-138: CVE-2020-25211: netfilter: ctnetlink: add a range check for l3/l4 protonum
  • ELS-138: CKSIX-276: CVE-2019-19532: HID: Fix assumption that devices have inputs
  • ELS-138: CVE-2021-27365: scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
  • ELS-138: CVE-2021-27365: scsi: iscsi: Verify lengths on passthrough PDUs
  • ELS-138: CVE-2021-27363: CVE-2021-27364: scsi: iscsi: Restrict sessions and handles to admin capabilities
  • ELS-138: sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
  • ELS-138: USB: hso: Fix OOB memory access in hso_probe/hso_get_config_data
  • ELS-138: CVE-2019-14615: drm/i915/gen9: Clear residual context state on context switch
  • ELS-138: CVE-2020-8647, CVE-2020-8649: vgacon: Fix a UAF in vgacon_invert_region
  • ELS-138: CVE-2020-14331: vgacon: Fix for missing check in scrollback handling
  • ELS-138: CVE-2021-3347: futex: Handle faults correctly for PI futexes
  • ELS-138: CVE-2021-3347: futex: Provide and use pi_state_update_owner()
  • ELS-138: KEYS: allow reaching the keys quotas exactly
  • ELS-138: KEYS: reaching the keys quotas correctly
  • ELS-138: fix -ENOMEM result with invalid user space pointer in sendto() syscall
  • ELS-138: CVE-2017-18344: posix-timer: Properly check sigevent->sigev_notify
  • ELS-138: CVE-2018-6927: futex: Prevent overflow by strengthen input validation
  • ELS-138: CVE-2017-6951: KEYS: Change the name of the dead type to “.dead” to prevent user access
  • ELS-138: CVE-2017-15299: KEYS: don’t let add_key() update an uninstantiated key
  • ELS-138: fix CVE-2016-9604
  • ELS-138: KEYS: add missing permission check for request_key() destination
  • ELS-138: CVE-2017-10661: timerfd: Protect the might cancel mechanism proper
  • ELS-138: fix CVE-2017-7472
  • ELS-138: fix CVE-2017-15274

UPDATE COMMAND

yum update kernel-*

 

 

 

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Related Articles

Strategies for Managing End-of-Life Operating...

End-of-life software is just a fact of our fast-paced technology...

January 30, 2023

Think You Can’t Afford Consistent...

Look, everyone knows that it’s a tough act. Thousands of...

January 17, 2023

Common Government Cybersecurity Standards –...

The public sector, including state and federal agencies, are at...

January 16, 2023

Which Linux Distro is Best...

If your organization deploys IoT solutions, you know that development...

December 1, 2022

The Bugs Behind the Vulnerabilities...

We continue to look at the code issues that cause...

November 14, 2022

Cybersecurity insurance and fine print:...

Catastrophic risks such as natural disasters and indeed cyberattacks require...

June 29, 2022