[El-errata] ELBA-2015-3076 Oracle Linux 6 Unbreakable Enterprise kernel bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Aug 27 11:13:45 PDT 2015

Oracle Linux Bug Fix Advisory ELBA-2015-3076


The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:




Description of changes:

- mm/hugetlb: Add locking to region_{add,change,truncate,count} when 
using shared files with hugepages (Mike Kravetz)  [Orabug: 21561820]

- af_netlink: force credentials passing [CVE-2012-3520] (Eric Dumazet)  
[Orabug: 21591166]  {CVE-2012-3520}
- xen/pciback: Don't print scary messages when unsupported by 
hypervisor. (Konrad Rzeszutek Wilk)  [Orabug: 20642069]
- rds_rdma: setup connection before rds_cmsg_send (Wengang Wang) 
[Orabug: 20232581]
- megaraid_sas : Firmware crash dump feature support 
(Sumit.Saxena at avagotech.com) [Orabug: 21620491]

- udp: fix behavior of wrong checksums (Eric Dumazet)  [Orabug: 
21628851]  {CVE-2015-5364} {CVE-2015-5366}
- scsi: don't add scsi_device if its already visible (Subhash Jadavani)  
[Orabug: 21611207]
- NVMe: Don't write cq doorbell on suspended queues (Keith Busch) 
[Orabug: 21591104]
- IB/ipoib: Potential false positive with peer support for 
ib-crc-as-csum (Yuval Shaia)  [Orabug: 21350399]
- mlx4: indicate memory resource exhaustion (Ajaykumar Hotchandani) 
[Orabug: 21097014]
- rds: return EMSGSIZE for oversize requests before processing/queueing 
(Mukesh Kacker)  [Orabug: 21079258]

- md: use kzalloc() when bitmap is disabled (Benjamin Randazzo) [Orabug: 
21563042]  {CVE-2015-5697}
- netfilter: nf_conntrack: reserve two bytes for nf_ct_ext->len (Andrey 
Vagin)  [Orabug: 21562780]  {CVE-2014-9715}

- block: remove artifical max_hw_sectors cap (Joe Jin)  [Orabug: 21455630]
- idr: fix unexpected ID-removal when idr_remove(unallocated_id) (Lai 
Jiangshan)  [Orabug: 21446790]
- idr: remove WARN_ON_ONCE() on negative IDs (Tejun Heo)  [Orabug: 21446790]
- ipc,shm: fix shm_file deletion races (Greg Thelen)  [Orabug: 21446790]
- rds: avoid call to flush_mrs() in specific condition (Ajaykumar 
Hotchandani)  [Orabug: 21379403]
- rds: print vendor error (Wengang Wang)  [Orabug: 21361643]
- Xen-netback: Fix issue caused by using gso_type wrongly (Annie Li)  
[Orabug: 21358903]
- xen-netback: fix fragments error handling in checksum_setup_ip() (Wei 
Yongjun)  [Orabug: 21358903]
- xen-netback: make sure skb linear area covers checksum field (Paul 
Durrant)  [Orabug: 21358903]
- xen-netback: reset network header before passing skb to checksum 
funtion (Annie Li)  [Orabug: 21358903]
- xen-netback: fix fragment detection in checksum setup (Paul Durrant)  
[Orabug: 21358903]
- xen-netback: fix gso_prefix check (Paul Durrant)  [Orabug: 21358903]
- xen-netback: include definition of csum_ipv6_magic (Andy Whitcroft)  
[Orabug: 21358903]
- xen-netback: enable IPv6 TCP GSO to the guest (Paul Durrant) [Orabug: 
- xen-netback: handle IPv6 TCP GSO packets from the guest (Paul 
Durrant)  [Orabug: 21358903]
- xen-netback: Unconditionally set NETIF_F_RXCSUM (Paul Durrant) 
[Orabug: 21358903]
- xen-netback: add support for IPv6 checksum offload from guest (Paul 
Durrant)  [Orabug: 21358903]
- xen-netback: switch to use skb_partial_csum_set() (Jason Wang) 
[Orabug: 21358903]
- xen-netback: add support for IPv6 checksum offload to guest (Paul 
Durrant)  [Orabug: 21358903]
- vfs: allow umount to handle mountpoints without revalidating them 
(Jeff Layton)  [Orabug: 21321002]
- rds: rds_ib_device.refcount overflow (Wengang Wang)  [Orabug: 21288594]
- sched: Optimize task_sched_runtime() (Peter Zijlstra)  [Orabug: 20739920]
- IPoIB: Fix ipoib_hard_header() return value (Doug Ledford) [Orabug: 

- x86, tls: Interpret an all-zero struct user_desc as "no segment" (Andy 
Lutomirski)  [Orabug: 21514969]
- x86, tls, ldt: Stop checking lm in LDT_empty (Andy Lutomirski) 
[Orabug: 21514969]

- KVM: x86: SYSENTER emulation is broken (Nadav Amit)  [Orabug: 
21502740]  {CVE-2015-0239} {CVE-2015-0239}
- x86/tls: Validate TLS entries to protect espfix (Andy Lutomirski) 
[Orabug: 20223777]  {CVE-2014-8133}
- fs: take i_mutex during prepare_binprm for set[ug]id executables (Jann 
Horn)  [Orabug: 21502255]  {CVE-2015-3339}
- eCryptfs: Remove buggy and unnecessary write in file name decode 
routine (Michael Halcrow)  [Orabug: 21502066]  {CVE-2014-9683}

- ipv6: Don't reduce hop limit for an interface (D.S. Ljungmark) 
[Orabug: 21444791]  {CVE-2015-2922}
- ipv4: Missing sk_nulls_node_init() in ping_unhash(). (David S. 
Miller)  [Orabug: 21444688]  {CVE-2015-3636}
- x86/asm/entry/64: Remove a bogus 'ret_from_fork' optimization (Andy 
Lutomirski)  [Orabug: 21308308]  {CVE-2015-2830}
- x86, mm/ASLR: Fix stack randomization on 64-bit systems (Hector 
Marco-Gisbert)  [Orabug: 21307918]  {CVE-2015-1593} {CVE-2015-1593}

- NFS hangs in __ocfs2_cluster_lock due to race with ocfs2_unblock_lock 
(Tariq Saeed)  [Orabug: 20933419]
- jbd2: fix hung processes in jbd2_journal_lock_updates() (Jan Kara)
- rds: make sure base connection is up on both sides (Ajaykumar 
Hotchandani)  [Orabug: 20011421]

- x86_64, vdso: Fix the vdso address randomization algorithm (Andy 
Lutomirski)  [Orabug: 21226730]  {CVE-2014-9585}
- isofs: Fix infinite looping over CE entries (Jan Kara)  [Orabug: 
21225976]  {CVE-2014-9420}
- x86_64, switch_to(): Load TLS descriptors before switching DS and ES 
(Andy Lutomirski)  [Orabug: 21225938]  {CVE-2014-9419}

- IB/ipoib: Disable TSO in connected mode (Yuval Shaia)  [Orabug: 20637991]

- ib/rds: fixed big endianness conversion issue for dp->dp_ack_seq (Qing 
Huang)  [Orabug: 21057517]
- ib/rds: fixed crashes caused by incoming requests with wrong 
destination (Qing Huang)  [Orabug: 20823711]
- af_unix: dont send SCM_CREDENTIALS by default (Eric Dumazet) [Orabug: 
- scm: Capture the full credentials of the scm sender (Tim Chen) 
[Orabug: 20604916]
- af_unix: limit recursion level (Eric Dumazet)  [Orabug: 20604916]
- af_unix: Allow credentials to work across user and pid namespaces. 
(Eric W. Biederman)  [Orabug: 20604916]
- scm: Capture the full credentials of the scm sender. (Eric W. 
Biederman)  [Orabug: 20604916]
- RDS: Handle RDMA_CM_EVENT_TIMEWAIT_EXIT (Venkat Venkatsubra) [Orabug: 
- mlx4_ib: Memory leak on Dom0 with SRIOV. (Venkat Venkatsubra) [Orabug: 
- BUG_ON(lockres->l_level != DLM_LOCK_EX && !checkpointed) tripped in 
ocfs2_ci_checkpointed (Tariq Saeed) [Orabug: 20189959]
- sched: Prevent divide by zero when cpu power calculation is 0 (Todd 
Vierling)  [Orabug: 17936435]
- crypto: aesni - fix memory usage in GCM decryption (Stephan Mueller)  
[Orabug: 21077389]  {CVE-2015-3331}

- kexec: export free_huge_page to VMCOREINFO (Atsushi Kumagai) [Orabug: 
- kexec: save PG_head_mask in VMCOREINFO (Petr Tesarik)  [Orabug: 20313589]

- Revert "Support checksum and gso offload of ipv6 in netback" (Annie 
Li)  [Orabug: 20492244]
- ocfs2/cluster: Cluster up now includes network connections too (Sunil 
Mushran)  [Orabug: 19803036]
- oracleasm: Restrict logical block size reporting (Martin K. Petersen)  
[Orabug: 19699681]
- oracleasm: Report logical block size (Martin K. Petersen) [Orabug: 
- ocfs2: dlm: fix lock migration crash (Junxiao Bi)  [Orabug: 18317308]
- xfs: fix sgid inheritance for subdirectories inheriting default acls 
[V3] (Carlos Maiolino)  [Orabug: 17423815]
- RDS/IP: RDS takes 10 seconds to plumb the second IP back (Mukesh 
Kacker)  [Orabug: 20231857]
- RDS/IB: Tune failover-on-reboot scheduling (Mukesh Kacker) [Orabug: 
- RDS: mark netdev UP for intfs added post module load (Mukesh Kacker)  
[Orabug: 20130536]
- SUNRPC: Prevent an rpc_task wakeup race (Trond Myklebust) [Orabug: 
- sunrpc: clarify comments on rpc_make_runnable (Jeff Layton) [Orabug: 

More information about the El-errata mailing list