[El-errata] ELSA-2015-3035 Important: Oracle Linux 6 Unbreakable Enterprise kernel security and bugfix update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed May 13 10:17:42 PDT 2015
Oracle Linux Security Advisory ELSA-2015-3035
http://linux.oracle.com/errata/ELSA-2015-3035.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-firmware-3.8.13-68.2.2.el6uek.noarch.rpm
kernel-uek-doc-3.8.13-68.2.2.el6uek.noarch.rpm
kernel-uek-3.8.13-68.2.2.el6uek.x86_64.rpm
kernel-uek-devel-3.8.13-68.2.2.el6uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-68.2.2.el6uek.x86_64.rpm
kernel-uek-debug-3.8.13-68.2.2.el6uek.x86_64.rpm
dtrace-modules-3.8.13-68.2.2.el6uek-0.4.3-4.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-3.8.13-68.2.2.el6uek.src.rpm
http://oss.oracle.com/ol6/SRPMS-updates/dtrace-modules-3.8.13-68.2.2.el6uek-0.4.3-4.el6.src.rpm
Description of changes:
kernel-uek
[3.8.13-68.2.2.el6uek]
- crypto: aesni - fix memory usage in GCM decryption (Stephan Mueller)
[Orabug: 21077385] {CVE-2015-3331}
[3.8.13-68.2.1.el6uek]
- xen/pciback: Don't disable PCI_COMMAND on PCI device reset. (Konrad
Rzeszutek Wilk) [Orabug: 20807438] {CVE-2015-2150}
- xen-blkfront: fix accounting of reqs when migrating (Roger Pau Monne)
[Orabug: 20860817] - Doc/cpu-hotplug: Specify race-free way to
register CPU hotplug callbacks (Srivatsa S. Bhat) [Orabug: 20917697] -
net/iucv/iucv.c: Fix CPU hotplug callback registration (Srivatsa S.
Bhat) [Orabug: 20917697] - net/core/flow.c: Fix CPU hotplug callback
registration (Srivatsa S. Bhat) [Orabug: 20917697] - mm, vmstat: Fix
CPU hotplug callback registration (Srivatsa S. Bhat) [Orabug: 20917697]
- profile: Fix CPU hotplug callback registration (Srivatsa S. Bhat)
[Orabug: 20917697] - trace, ring-buffer: Fix CPU hotplug callback
registration (Srivatsa S. Bhat) [Orabug: 20917697] - hwmon,
via-cputemp: Fix CPU hotplug callback registration (Srivatsa S. Bhat)
[Orabug: 20917697] - hwmon, coretemp: Fix CPU hotplug callback
registration (Srivatsa S. Bhat) [Orabug: 20917697] - octeon, watchdog:
Fix CPU hotplug callback registration (Srivatsa S. Bhat) [Orabug:
20917697] - oprofile, nmi-timer: Fix CPU hotplug callback registration
(Srivatsa S. Bhat) [Orabug: 20917697] - intel-idle: Fix CPU hotplug
callback registration (Srivatsa S. Bhat) [Orabug: 20917697] -
drivers/base/topology.c: Fix CPU hotplug callback registration (Srivatsa
S. Bhat) [Orabug: 20917697] - acpi-cpufreq: Fix CPU hotplug callback
registration (Srivatsa S. Bhat) [Orabug: 20917697] - scsi, fcoe: Fix
CPU hotplug callback registration (Srivatsa S. Bhat) [Orabug: 20917697]
- scsi, bnx2fc: Fix CPU hotplug callback registration (Srivatsa S. Bhat)
[Orabug: 20917697] - scsi, bnx2i: Fix CPU hotplug callback
registration (Srivatsa S. Bhat) [Orabug: 20917697] - arm64,
debug-monitors: Fix CPU hotplug callback registration (Srivatsa S. Bhat)
[Orabug: 20917697] - arm64, hw_breakpoint.c: Fix CPU hotplug callback
registration (Srivatsa S. Bhat) [Orabug: 20917697] - x86, kvm: Fix CPU
hotplug callback registration (Srivatsa S. Bhat) [Orabug: 20917697] -
x86, oprofile, nmi: Fix CPU hotplug callback registration (Srivatsa S.
Bhat) [Orabug: 20917697] - x86, pci, amd-bus: Fix CPU hotplug callback
registration (Srivatsa S. Bhat) [Orabug: 20917697] - x86, hpet: Fix CPU
hotplug callback registration (Srivatsa S. Bhat) [Orabug: 20917697] -
x86, intel, cacheinfo: Fix CPU hotplug callback registration (Srivatsa
S. Bhat) [Orabug: 20917697] - x86, amd, ibs: Fix CPU hotplug callback
registration (Srivatsa S. Bhat) [Orabug: 20917697] - x86,
therm_throt.c: Fix CPU hotplug callback registration (Srivatsa S. Bhat)
[Orabug: 20917697] - x86, mce: Fix CPU hotplug callback registration
(Srivatsa S. Bhat) [Orabug: 20917697] - x86, intel, uncore: Fix CPU
hotplug callback registration (Srivatsa S. Bhat) [Orabug: 20917697] -
x86, vsyscall: Fix CPU hotplug callback registration (Srivatsa S. Bhat)
[Orabug: 20917697] - x86, cpuid: Fix CPU hotplug callback registration
(Srivatsa S. Bhat) [Orabug: 20917697] - x86, msr: Fix CPU hotplug
callback registration (Srivatsa S. Bhat) [Orabug: 20917697] - powerpc,
sysfs: Fix CPU hotplug callback registration (Srivatsa S. Bhat)
[Orabug: 20917697] - sparc, sysfs: Fix CPU hotplug callback registration
(Srivatsa S. Bhat) [Orabug: 20917697] - s390, smp: Fix CPU hotplug
callback registration (Srivatsa S. Bhat) [Orabug: 20917697] - s390,
cacheinfo: Fix CPU hotplug callback registration (Srivatsa S. Bhat)
[Orabug: 20917697] - arm, hw-breakpoint: Fix CPU hotplug callback
registration (Srivatsa S. Bhat) [Orabug: 20917697] - ia64, err-inject:
Fix CPU hotplug callback registration (Srivatsa S. Bhat) [Orabug:
20917697] - ia64, topology: Fix CPU hotplug callback registration
(Srivatsa S. Bhat) [Orabug: 20917697] - ia64, palinfo: Fix CPU hotplug
callback registration (Srivatsa S. Bhat) [Orabug: 20917697] - CPU
hotplug, perf: Fix CPU hotplug callback registration (Srivatsa S. Bhat)
[Orabug: 20917697] - CPU hotplug: Provide lockless versions of
callback registration functions (Srivatsa S. Bhat) [Orabug: 20917697] -
isofs: Fix unchecked printing of ER records (Jan Kara) [Orabug:
20930551] {CVE-2014-9584}
- KEYS: close race between key lookup and freeing (Sasha Levin)
[Orabug: 20930548] {CVE-2014-9529} {CVE-2014-9529}
- mm: memcg: do not allow task about to OOM kill to bypass the limit
(Johannes Weiner) [Orabug: 20930539] {CVE-2014-8171}
- mm: memcg: do not declare OOM from __GFP_NOFAIL allocations (Johannes
Weiner) [Orabug: 20930539] {CVE-2014-8171}
- fs: buffer: move allocation failure loop into the allocator (Johannes
Weiner) [Orabug: 20930539] {CVE-2014-8171}
- mm: memcg: handle non-error OOM situations more gracefully (Johannes
Weiner) [Orabug: 20930539] {CVE-2014-8171}
- mm: memcg: do not trap chargers with full callstack on OOM (Johannes
Weiner) [Orabug: 20930539] {CVE-2014-8171}
- mm: memcg: rework and document OOM waiting and wakeup (Johannes
Weiner) [Orabug: 20930539] {CVE-2014-8171}
- mm: memcg: enable memcg OOM killer only for user faults (Johannes
Weiner) [Orabug: 20930539] {CVE-2014-8171}
- x86: finish user fault error path with fatal signal (Johannes Weiner)
[Orabug: 20930539] {CVE-2014-8171}
- arch: mm: pass userspace fault flag to generic fault handler (Johannes
Weiner) [Orabug: 20930539] {CVE-2014-8171}
- selinux: Permit bounded transitions under NO_NEW_PRIVS or NOSUID.
(Stephen Smalley) [Orabug: 20930501] {CVE-2014-3215}
- IB/core: Prevent integer overflow in ib_umem_get address arithmetic
(Shachar Raindel) [Orabug: 20799875] {CVE-2014-8159} {CVE-2014-8159}
More information about the El-errata
mailing list