[Oraclevm-errata] OVMSA-2017-0143 Important: Oracle VM 3.4 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Thu Aug 17 09:22:23 PDT 2017


Oracle VM Security Advisory OVMSA-2017-0143

The following updated rpms for Oracle VM 3.4 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
kernel-uek-4.1.12-94.5.9.el6uek.x86_64.rpm
kernel-uek-firmware-4.1.12-94.5.9.el6uek.noarch.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/kernel-uek-4.1.12-94.5.9.el6uek.src.rpm



Description of changes:

[4.1.12-94.5.9.el6uek]
- dentry name snapshots (Al Viro)  [Orabug: 26630936]  {CVE-2017-7533}

[4.1.12-94.5.8.el6uek]
- scsi: libiscsi: use kvzalloc for iscsi_pool_init (Kyle Fortin) 
[Orabug: 26621191]
- mm: introduce kv[mz]alloc helpers (Kyle Fortin)  [Orabug: 26621191]
- KEYS: Disallow keyrings beginning with '.' to be joined as session 
keyrings (David Howells)  [Orabug: 26621179]  {CVE-2016-9604} 
{CVE-2016-9604}
- l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind() (Guillaume 
Nault)  [Orabug: 26621176]  {CVE-2016-10200}
- mnt: Add a per mount namespace limit on the number of mounts (Eric W. 
Biederman)  [Orabug: 26621171]  {CVE-2016-6213} {CVE-2016-6213}
- ipv6: fix out of bound writes in __ip6_append_data() (Eric Dumazet) 
[Orabug: 26621163]  {CVE-2017-9242}




More information about the Oraclevm-errata mailing list