[El-errata] ELSA-2015-3054 Moderate: Oracle Linux 6 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Sat Aug 1 18:00:57 PDT 2015


Oracle Linux Security Advisory ELSA-2015-3054

http://linux.oracle.com/errata/ELSA-2015-3054.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
kernel-uek-2.6.39-400.250.9.el6uek.i686.rpm
kernel-uek-debug-2.6.39-400.250.9.el6uek.i686.rpm
kernel-uek-debug-devel-2.6.39-400.250.9.el6uek.i686.rpm
kernel-uek-devel-2.6.39-400.250.9.el6uek.i686.rpm
kernel-uek-doc-2.6.39-400.250.9.el6uek.noarch.rpm
kernel-uek-firmware-2.6.39-400.250.9.el6uek.noarch.rpm

x86_64:
kernel-uek-firmware-2.6.39-400.250.9.el6uek.noarch.rpm
kernel-uek-doc-2.6.39-400.250.9.el6uek.noarch.rpm
kernel-uek-2.6.39-400.250.9.el6uek.x86_64.rpm
kernel-uek-devel-2.6.39-400.250.9.el6uek.x86_64.rpm
kernel-uek-debug-devel-2.6.39-400.250.9.el6uek.x86_64.rpm
kernel-uek-debug-2.6.39-400.250.9.el6uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-2.6.39-400.250.9.el6uek.src.rpm



Description of changes:

[2.6.39-400.250.9.el6uek]
- x86, tls: Interpret an all-zero struct user_desc as "no segment" (Andy 
Lutomirski)  [Orabug: 21514969] - x86, tls, ldt: Stop checking lm in 
LDT_empty (Andy Lutomirski)  [Orabug: 21514969]

[2.6.39-400.250.8.el6uek]
- KVM: x86: SYSENTER emulation is broken (Nadav Amit)  [Orabug: 
21502740]  {CVE-2015-0239} {CVE-2015-0239}
- x86/tls: Validate TLS entries to protect espfix (Andy Lutomirski) 
[Orabug: 20223777]  {CVE-2014-8133}
- fs: take i_mutex during prepare_binprm for set[ug]id executables (Jann 
Horn)  [Orabug: 21502255]  {CVE-2015-3339}
- eCryptfs: Remove buggy and unnecessary write in file name decode 
routine (Michael Halcrow)  [Orabug: 21502066]  {CVE-2014-9683}





More information about the El-errata mailing list