[Oraclevm-errata] OVMSA-2016-0060 Oracle VM 3.2 kernel-uek security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Tue Jun 21 10:06:28 PDT 2016 

Oracle VM Security Advisory OVMSA-2016-0060

The following updated rpms for Oracle VM 3.2 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
kernel-uek-2.6.39-400.279.1.el5uek.x86_64.rpm
kernel-uek-firmware-2.6.39-400.279.1.el5uek.noarch.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.2/SRPMS-updates/kernel-uek-2.6.39-400.279.1.el5uek.src.rpm



Description of changes:

[2.6.39-400.279.1.el5uek]
- IPoIB: increase send queue size to 4 times (Ajaykumar Hotchandani) 
[Orabug: 22287489]
- IB/ipoib: Change send workqueue size for CM mode (Ajaykumar 
Hotchandani)  [Orabug: 22287489]
- Avoid 60sec timeout when receiving rtpg sense code 06/00/00 (John 
Sobecki)  [Orabug: 22336257]
- stop recursive fault in print_context_stack after stack overflow (John 
Sobecki)  [Orabug: 23174777]
- IB/security: Restrict use of the write() interface (Jason Gunthorpe) 
[Orabug: 23287131]  {CVE-2016-4565}
- net: add validation for the socket syscall protocol argument (Hannes 
Frederic Sowa)  [Orabug: 23267976]  {CVE-2015-8543} {CVE-2015-8543}
- ipv6: addrconf: validate new MTU before applying it (Marcelo Leitner) 
  [Orabug: 23263251]  {CVE-2015-8215}
- ext4: avoid hang when mounting non-journal filesystems with orphan 
list (Theodore Ts'o)  [Orabug: 23262219]  {CVE-2015-7509}
- ext4: make orphan functions be no-op in no-journal mode (Anatol 
Pomozov)  [Orabug: 23262219]  {CVE-2015-7509}
- unix: properly account for FDs passed over unix sockets (willy 
tarreau)  [Orabug: 23262265]  {CVE-2013-4312} {CVE-2013-4312}
- sctp: Prevent soft lockup when sctp_accept() is called during a 
timeout event (Karl Heiss)  [Orabug: 23222773]  {CVE-2015-8767}

[2.6.39-400.278.1.el5uek]
- [SUNRPC]: avoid race between xs_reset_transport and 
xs_tcp_setup_socket (Wengang Wang)
- x86_64: expand kernel stack to 16K (Minchan Kim)  [Orabug: 20920074]
- qla2xxx: fix wrongly report "PCI EEH busy" when get_thermal_temp 
(Vaughan Cao)  [Orabug: 21108318]
- RDS/IB: VRPC DELAY / OSS RECONNECT CAUSES 5 MINUTE STALL ON PORT 
FAILURE (Venkat Venkatsubra)  [Orabug: 21465077]
- RDS: Fix the atomicity for congestion map update (Wengang Wang) 
[Orabug: 22118109]
- RDS: introduce generic {clear,set}_bit_le() (Wengang Wang)  [Orabug: 
22118109]
- cifs: allow socket to clear and app threads to set tcpStatus 
CifsNeedReconnect (John Sobecki)  [Orabug: 22203554]
- mlx4_vnic: Enable LRO for mlx4_vnic net devices. (Ashish Samant) 
[Orabug: 22317936]
- mlx4_vnic: Add correct typecasting to pointers. (Ashish Samant) 
[Orabug: 22317936]
- veth: don’t modify ip_summed; doing so treats packets with bad 
checksums as good. (Vijay Pandurangan)  [Orabug: 22804574]

More information about the Oraclevm-errata mailing list