[Oraclevm-errata] OVMSA-2016-0005 Important: Oracle VM 3.3 kernel-uek security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Wed Jan 20 19:21:55 PST 2016

Oracle VM Security Advisory OVMSA-2016-0005

The following updated rpms for Oracle VM 3.3 have been uploaded to the 
Unbreakable Linux Network:



Description of changes:

- KEYS: Fix keyring ref leak in join_session_keyring() (Yevgeny Pats) 
[Orabug: 22563965]  {CVE-2016-0728}

- KEYS: Don't permit request_key() to construct a new keyring (David 
Howells)  [Orabug: 22373442]  {CVE-2015-7872}

- dcache: Handle escaped paths in prepend_path (Eric W. Biederman) 
[Orabug: 22373283]
- vfs: Test for and handle paths that are unreachable from their 
mnt_root (Eric W. Biederman)  [Orabug: 22249875]
- KEYS: Fix crash when attempt to garbage collect an uninstantiated 
keyring (David Howells)  [Orabug: 22373442]  {CVE-2015-7872}
- KEYS: Fix race between key destruction and finding a keyring by name 
(David Howells)  [Orabug: 22373442]

More information about the Oraclevm-errata mailing list