[El-errata] ELSA-2016-1847 Important: Oracle Linux 7 kernel security, bug fix, and enhancement update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Sep 14 15:17:48 PDT 2016
Oracle Linux Security Advisory ELSA-2016-1847
http://linux.oracle.com/errata/ELSA-2016-1847.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-3.10.0-327.36.1.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-327.36.1.el7.noarch.rpm
kernel-debug-3.10.0-327.36.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-327.36.1.el7.x86_64.rpm
kernel-devel-3.10.0-327.36.1.el7.x86_64.rpm
kernel-doc-3.10.0-327.36.1.el7.noarch.rpm
kernel-headers-3.10.0-327.36.1.el7.x86_64.rpm
kernel-tools-3.10.0-327.36.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-327.36.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-327.36.1.el7.x86_64.rpm
perf-3.10.0-327.36.1.el7.x86_64.rpm
python-perf-3.10.0-327.36.1.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-327.36.1.el7.src.rpm
Description of changes:
- [3.10.0-327.36.1.el7.OL7]
- Oracle Linux certificates (Alexey Petrenko)
[3.10.0-327.36.1.el7]
- [x86] Use pte_none() to test for empty PTE (Larry Woodman) [1363860
1347159]
- [x86] Disallow running with 32-bit PTEs to work around erratum (Larry
Woodman) [1363860 1347159]
- [x86] Ignore A/D bits in pte/pmd/pud_none() (Alexander Gordeev)
[1363860 1347159]
- [x86] Move swap offset/type up in PTE to work around erratum
(Alexander Gordeev) [1363860 1347159]
- [x86] cpu/intel: Introduce macros for Intel family numbers (Steve
Best) [1364074 1273778]
[3.10.0-327.35.1.el7]
- Revert: [x86] cpu/intel: Introduce macros for Intel family numbers
(Steve Best) [1364074 1273778]
- Revert: [x86] Move swap offset/type up in PTE to work around erratum
(Larry Woodman) [1363860 1347159]
- Revert: [x86] Ignore A/D bits in pte/pmd/pud_none() (Larry Woodman)
[1363860 1347159]
- Revert: [x86] Disallow running with 32-bit PTEs to work around erratum
(Larry Woodman) [1363860 1347159]
- Revert: [x86] Use pte_none() to test for empty PTE (Larry Woodman)
[1363860 1347159]
[3.10.0-327.34.1.el7]
- [x86] Use pte_none() to test for empty PTE (Larry Woodman) [1363860
1347159]
- [x86] Disallow running with 32-bit PTEs to work around erratum (Larry
Woodman) [1363860 1347159]
- [x86] Ignore A/D bits in pte/pmd/pud_none() (Larry Woodman) [1363860
1347159]
- [x86] Move swap offset/type up in PTE to work around erratum (Larry
Woodman) [1363860 1347159]
- [x86] cpu/intel: Introduce macros for Intel family numbers (Steve
Best) [1364074 1273778]
- [net] sctp: support ipv6 nonlocal bind (Xin Long) [1363847 1355769]
- [fs] xfs: fix duplicate buffer flag bits (Brian Foster) [1363677 1358817]
- [fs] sunrpc: Fix races between socket connection and destroy code
(Steve Dickson) [1363617 1278540]
- [fs] sunrpc: Add helpers to prevent socket create from racing (Steve
Dickson) [1363617 1270038]
- [acpi] battery: Accelerate battery resume callback (Jeremy McNicoll)
[1363611 1270522]
- [scsi] 3w-sas: fix command completion race (Tomas Henzl) [1362040 1294538]
- [kernel] hrtimer: Prevent remote enqueue of leftmost timers (David
Bulkow) [1361020 1323752]
- [scsi] storvsc: Size the queue depth based on the ringbuffer size
(Cathy Avery) [1360161 1287040]
- [scsi] storvsc: Increase the ring buffer size (Cathy Avery) [1360161
1287040]
- [scsi] vmbus: Support a vmbus API for efficiently sending page arrays
(Cathy Avery) [1360161 1287040]
- [fs] ovl: verify upper dentry in ovl_remove_and_whiteout() (Miklos
Szeredi) [1364384 1359829]
- [fs] ovl: verify upper dentry before unlink and rename (Miklos
Szeredi) [1360155 1341795]
- [fs] ovl: fix getcwd() failure after unsuccessful rmdir (Miklos
Szeredi) [1360155 1341795]
- [base] memory: fix kernel warning during memory hotplug on ppc64
(Laurent Vivier) [1357130 1276205]
- [fs] sunrpc: increase UNX_MAXNODENAME from 32 to __NEW_UTS_LEN bytes
(Benjamin Coddington) [1356880 1315390]
- [net] tcp: enable per-socket rate limiting of all 'challenge acks'
(Florian Westphal) [1355603 1355605] {CVE-2016-5696}
- [net] tcp: uninline tcp_oow_rate_limited() (Florian Westphal) [1355603
1355605] {CVE-2016-5696}
- [net] tcp: make challenge acks less predictable (Florian Westphal)
[1355603 1355605] {CVE-2016-5696}
- [net] netfilter: x_tables: speed up jump target validation (Florian
Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: don't reject valid target size on some
architectures (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: enforce nul-terminated table name from
getsockopt GET_ENTRIES (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: make sure e->next_offset covers remaining
blob size (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: introduce and use
xt_copy_counters_from_user (Florian Westphal) [1364809 1318693]
{CVE-2016-3134}
- [net] netfilter: x_tables: do compat validation via translate_table
(Florian Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: xt_compat_match_from_user doesn't need a
retval (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: arp_tables: simplify translate_compat_table args
(Florian Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: ip6_tables: simplify translate_compat_table args
(Florian Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: ip_tables: simplify translate_compat_table args
(Florian Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: remove unused comefrom hookmask argument (Florian
Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: validate all offsets and sizes in a rule
(Florian Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: check for bogus target offset (Florian
Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: check standard target size too (Florian
Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: add compat version of
xt_check_entry_offsets (Florian Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: assert minimum target size (Florian
Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: kill check_entry helper (Florian Westphal)
[1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: add and use xt_check_entry_offsets (Florian
Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: validate targets of jumps (Florian
Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: don't move to non-existent next rule
(Florian Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: fix unconditional helper (Florian Westphal)
[1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: validate e->target_offset early (Florian
Westphal) [1364809 1318693] {CVE-2016-3134}
- [net] netfilter: x_tables: check for size overflow (Florian Westphal)
[1364809 1318693] {CVE-2016-3134}
- [block] nvme: Add pci error handlers (David Milburn) [1350352 1288601]
- [block] nvme: protect against simultaneous shutdown invocations (David
Milburn) [1350352 1288601]
- [block] nvme: Set affinity after allocating request queues (Frank
Ramsay) [1350352 1288601]
- [block] nvme: Fix device cleanup on initialization failure (David
Milburn) [1350352 1288601]
- [block] nvme: fix kernel memory corruption with short INQUIRY buffers
(David Milburn) [1350352 1288601]
- [net] bridge: include in6.h in if_bridge.h for struct in6_addr (Jiri
Benc) [1331285 1268057]
- [net] inet: defines IPPROTO_* needed for module alias generation (Jiri
Benc) [1331285 1268057]
- [net] sync some IP headers with glibc (Jiri Benc) [1331285 1268057]
[3.10.0-327.33.1.el7]
- [powerpc] mm: don't do tlbie for updatepp request with NO HPTE fault
(Gustavo Duarte) [1361462 1287289]
- [mm] slub: do not drop slab_mutex for sysfs_slab_add (Larry Woodman)
[1361019 1282934]
[3.10.0-327.32.1.el7]
- [fs] xfs: give all workqueues rescuer threads (Brian Foster) [1359630
1298684]
- [fs] xfs: cancel eofblocks background trimming on remount read-only
(Brian Foster) [1358777 1339414]
- [netdrv] bonding: Prevent IPv6 link local address on enslaved devices
(Jarod Wilson) [1357868 1297931]
- [kernel] ptrace: make wait_on_bit(JOBCTL_TRAPPING_BIT) in
ptrace_attach() killable (Jiri Olsa) [1354285 1334503]
[3.10.0-327.31.1.el7]
- [kernel] ptrace: task_clear_jobctl_trapping()->wake_up_bit() needs
mb() (Daniel Bristot de Oliveira) [1354313 1350624]
- [net] sctp: label accepted/peeled off sockets (Marcelo Leitner)
[1354302 1247756]
- [char] ipmi: Remove smi_msg from waiting_rcv_msgs list before
handle_one_recv_msg() (David Arcari) [1353947 1348013]
- [netdrv] bnx2x: don't wait for Tx completion on recovery (Michal
Schmidt) [1351972 1320748]
- [pci] aer: Clear error status registers during enumeration and restore
(Prarit Bhargava) [1350304 1347459]
[3.10.0-327.30.1.el7]
- [net] netfilter: bridge: Use __in6_dev_get rather than in6_dev_get in
br_validate_ipv6 (Paolo Abeni) [1343640 1265259]
- [net] netfilter: bridge: don't leak skb in error paths (Paolo Abeni)
[1343640 1265259]
- [net] netfilter: bridge: forward IPv6 fragmented packets (Paolo Abeni)
[1343640 1265259]
- [net] netfilter: bridge: re-order check_hbh_len() (Paolo Abeni)
[1343640 1265259]
- [net] netfilter: bridge: refactor frag_max_size (Paolo Abeni) [1343640
1265259]
- [net] netfilter: bridge: really save frag_max_size between PRE and
POST_ROUTING (Paolo Abeni) [1343640 1265259]
- [net] bridge: Save frag_max_size between PRE_ROUTING and POST_ROUTING
(Paolo Abeni) [1343640 1265259]
[3.10.0-327.29.1.el7]
- [fs] fanotify: fix double free of pending permission events (Richard
Guy Briggs) [1352939 1339092]
- [fs] fsnotify: rename event handling functions (Richard Guy Briggs)
[1352939 1339092]
- [fs] fanotify: convert access_mutex to spinlock (Richard Guy Briggs)
[1352939 1339092]
- [fs] fanotify: use fanotify event structure for permission response
processing (Richard Guy Briggs) [1352939 1339092]
- [fs] fanotify: remove useless bypass_perm check (Richard Guy Briggs)
[1352939 1339092]
- [fs] fanotify: fix notification of groups with inode & mount marks
(Miklos Szeredi) [1348828 1308393]
- [fs] fsnotify: Allocate overflow events with proper type (Richard Guy
Briggs) [1345774 1135562]
- [fs] fanotify: Handle overflow in case of permission events (Richard
Guy Briggs) [1345774 1135562]
- [fs] fsnotify: Fix detection whether overflow event is queued (Richard
Guy Briggs) [1345774 1135562]
- [fs] inotify: Fix reporting of cookies for inotify events (Richard Guy
Briggs) [1345774 1135562]
- [fs] fanotify: Fix use after free for permission events (Richard Guy
Briggs) [1345774 1135562]
- [fs] fsnotify: Do not return merged event from
fsnotify_add_notify_event() (Richard Guy Briggs) [1345774 1135562]
- [fs] fanotify: Fix use after free in mask checking (Richard Guy
Briggs) [1345774 1135562]
- [fs] fsnotify: remove pointless NULL initializers (Richard Guy Briggs)
[1345774 1135562]
- [fs] fsnotify: remove .should_send_event callback (Richard Guy Briggs)
[1345774 1135562]
- [fs] fsnotify: do not share events between notification groups
(Richard Guy Briggs) [1345774 1135562]
- [fs] inotify: provide function for name length rounding (Richard Guy
Briggs) [1345774 1135562]
- [fs] revert "inotify: don't add consecutive overflow events to the
queue" (Richard Guy Briggs) [1345774 1135562]
- Revert: [fs] fanotify: fix notification of groups with inode & mount
marks (Miklos Szeredi) [1348828 1308393]
More information about the El-errata
mailing list