[Oraclevm-errata] OVMSA-2016-0181 Important: Oracle VM 3.2 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Wed Dec 21 18:43:03 PST 2016

Oracle VM Security Advisory OVMSA-2016-0181

The following updated rpms for Oracle VM 3.2 have been uploaded to the 
Unbreakable Linux Network:



Description of changes:

- x86/iopl/64: properly context-switch IOPL on Xen PV (Andy Lutomirski)  
[Orabug: 25269184]  {CVE-2016-3157}
- net: Fix use after free in the recvmmsg exit path (Arnaldo Carvalho de 
Melo)  [Orabug: 25298618]  {CVE-2016-7117}

- logging errors that get masked to EIO inside drivers/block/loop.c 
(Manjunath Patil)  [Orabug: 21962821]
- sched/core: Clear the root_domain cpumasks in init_rootdomain() 
(Xunlei Pang)  [Orabug: 23518650]
- bio allocation failure due to bio_get_nr_vecs() (Darrick J. Wong) 
[Orabug: 23852442]
- mlx4: avoid ABBA deadlock (Wengang Wang)  [Orabug: 23538548]
- mlx4: avoid multiple free on id_map_ent (Wengang Wang)  [Orabug: 25022815]
- sctp: validate chunk len before actually using it (Marcelo Ricardo 
Leitner)  [Orabug: 25142906]  {CVE-2016-9555}

- NVMe: reduce queue depth as workaround for Samsung EPIC SQ errata 
(Ashok Vairavan)  [Orabug: 25138146]

- RDS: Drop the connection as part of cancel to avoid hangs (Avinash 
Repaka)  [Orabug: 24951873]
- aacraid: Check size values after double-fetch from user (Dave 
Carroll)  [Orabug: 25060055]  {CVE-2016-6480} {CVE-2016-6480}
- audit: fix a double fetch in audit_log_single_execve_arg() (Paul 
Moore)  [Orabug: 25059962]  {CVE-2016-6136}
- ecryptfs: don't allow mmap when the lower fs doesn't support it (Jeff 
Mahoney)  [Orabug: 24971918]  {CVE-2016-1583} {CVE-2016-1583}
- ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt (Kangjie 
Lu)  [Orabug: 25059900]  {CVE-2016-4578}
- ALSA: timer: Fix leak in events via snd_timer_user_ccallback (Kangjie 
Lu)  [Orabug: 25059900]  {CVE-2016-4578}
- ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS (Kangjie Lu) 
[Orabug: 25059755]  {CVE-2016-4569}
- Bluetooth: Fix potential NULL dereference in RFCOMM bind callback 
(Jaganath Kanakkassery)  [Orabug: 25058905]  {CVE-2015-8956}
- mm: migrate dirty page without clear_page_dirty_for_io etc (Hugh 
Dickins)  [Orabug: 25059195]  {CVE-2016-3070

More information about the Oraclevm-errata mailing list