[El-errata] ELSA-2017-3637 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update

Thu Nov 2 15:23:34 PDT 2017

Oracle Linux Security Advisory ELSA-2017-3637

http://linux.oracle.com/errata/ELSA-2017-3637.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
kernel-uek-2.6.39-400.297.12.el6uek.i686.rpm
kernel-uek-debug-2.6.39-400.297.12.el6uek.i686.rpm
kernel-uek-debug-devel-2.6.39-400.297.12.el6uek.i686.rpm
kernel-uek-devel-2.6.39-400.297.12.el6uek.i686.rpm
kernel-uek-doc-2.6.39-400.297.12.el6uek.noarch.rpm
kernel-uek-firmware-2.6.39-400.297.12.el6uek.noarch.rpm

x86_64:
kernel-uek-firmware-2.6.39-400.297.12.el6uek.noarch.rpm
kernel-uek-doc-2.6.39-400.297.12.el6uek.noarch.rpm
kernel-uek-2.6.39-400.297.12.el6uek.x86_64.rpm
kernel-uek-devel-2.6.39-400.297.12.el6uek.x86_64.rpm
kernel-uek-debug-devel-2.6.39-400.297.12.el6uek.x86_64.rpm
kernel-uek-debug-2.6.39-400.297.12.el6uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-2.6.39-400.297.12.el6uek.src.rpm

Description of changes:

[2.6.39-400.297.12.el6uek]
- xsigo: [backport] Fix race in freeing aged Forwarding tables (Pradeep 
Gopanapalli)  [Orabug: 24823234]
- ocfs2: fix deadlock issue when taking inode lock at vfs entry points 
(Eric Ren)  [Orabug: 25671723]
- ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock 
(Eric Ren)  [Orabug: 25671723]
- net/packet: fix overflow in check for tp_reserve (Andrey Konovalov) 
[Orabug: 26143563]  {CVE-2017-7308}
- net/packet: fix overflow in check for tp_frame_nr (Andrey Konovalov) 
[Orabug: 26143563]  {CVE-2017-7308}
- char: lp: fix possible integer overflow in lp_setup() (Willy Tarreau) 
[Orabug: 26403941]  {CVE-2017-1000363}
- ALSA: timer: Fix missing queue indices reset at 
SNDRV_TIMER_IOCTL_SELECT (Takashi Iwai)  [Orabug: 26403958] 
{CVE-2017-1000380}
- ALSA: timer: Fix race between read and ioctl (Takashi Iwai)  [Orabug: 
26403958]  {CVE-2017-1000380}
- ALSA: timer: fix NULL pointer dereference in read()/ioctl() race 
(Vegard Nossum)  [Orabug: 26403958]  {CVE-2017-1000380}
- ALSA: timer: Fix negative queue usage by racy accesses (Takashi Iwai) 
[Orabug: 26403958]  {CVE-2017-1000380}
- ALSA: timer: Fix race at concurrent reads (Takashi Iwai)  [Orabug: 
26403958]  {CVE-2017-1000380}
- ALSA: timer: Fix race among timer ioctls (Takashi Iwai)  [Orabug: 
26403958]  {CVE-2017-1000380}
- ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() (Ben 
Hutchings)  [Orabug: 26403974]  {CVE-2017-9074}
- ipv6: Check ip6_find_1stfragopt() return value properly. (David S. 
Miller)  [Orabug: 26403974]  {CVE-2017-9074}
- ipv6: Prevent overrun when parsing v6 header options (Craig Gallek) 
[Orabug: 26403974]  {CVE-2017-9074}
- ipv6/dccp: do not inherit ipv6_mc_list from parent (WANG Cong) 
[Orabug: 26404007]  {CVE-2017-9077}
- aio: mark AIO pseudo-fs noexec (Jann Horn)  [Orabug: 26643601] 
{CVE-2016-10044}
- vfs: Commit to never having exectuables on proc and sysfs. (Eric W. 
Biederman)  [Orabug: 26643601]  {CVE-2016-10044}
- vfs, writeback: replace FS_CGROUP_WRITEBACK with SB_I_CGROUPWB (Tejun 
Heo)  [Orabug: 26643601]  {CVE-2016-10044}
- x86/acpi: Prevent out of bound access caused by broken ACPI tables 
(Seunghun Han)  [Orabug: 26643652]  {CVE-2017-11473}
- sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (Eric Dumazet) 
[Orabug: 26650889]  {CVE-2017-9075}
- saa7164: fix double fetch PCIe access condition (Steven Toth) 
[Orabug: 26675148]  {CVE-2017-8831}
- saa7164: fix sparse warnings (Hans Verkuil)  [Orabug: 26675148] 
{CVE-2017-8831}
- saa7164: get rid of warning: no previous prototype (Mauro Carvalho 
Chehab)  [Orabug: 26675148]  {CVE-2017-8831}
- [scsi] lpfc 8.3.44: Fix kernel panics from corrupted ndlp (James 
Smart)  [Orabug: 26765341]
- timerfd: Protect the might cancel mechanism proper (Thomas Gleixner) 
[Orabug: 26899791]  {CVE-2017-10661}
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't 
parse nlmsg properly (Xin Long)  [Orabug: 26988628]  {CVE-2017-14489}