[Oraclevm-errata] OVMSA-2017-0039 Important: Oracle VM 3.4 Unbreakable Enterprise kernel security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Wed Feb 8 14:18:16 PST 2017
Oracle VM Security Advisory OVMSA-2017-0039
The following updated rpms for Oracle VM 3.4 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-4.1.12-61.1.27.el6uek.x86_64.rpm
kernel-uek-firmware-4.1.12-61.1.27.el6uek.noarch.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/kernel-uek-4.1.12-61.1.27.el6uek.src.rpm
Description of changes:
[4.1.12-61.1.27.el6uek]
- vfio/pci: Fix integer overflows, bitmask check (Vlad Tsyrklevich)
[Orabug: 25164094] {CVE-2016-9083} {CVE-2016-9084}
- Don't feed anything but regular iovec's to blk_rq_map_user_iov (Linus
Torvalds) [Orabug: 25231931] {CVE-2016-9576}
- kvm: x86: Check memopp before dereference (CVE-2016-8630) (Owen
Hofmann) [Orabug: 25417387] {CVE-2016-8630}
- crypto: algif_hash - Only export and import on sockets with data
(Herbert Xu) [Orabug: 25417799] {CVE-2016-8646}
- USB: usbfs: fix potential infoleak in devio (Kangjie Lu) [Orabug:
25462755] {CVE-2016-4482}
- net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462799] {CVE-2016-4485}
[4.1.12-61.1.26.el6uek]
- xen-netback: fix extra_info handling in xenvif_tx_err() (Paul Durrant)
[Orabug: 25445336]
- net: Documentation: Fix default value tcp_limit_output_bytes (Niklas
Cassel) [Orabug: 25458076]
- tcp: double default TSQ output bytes limit (Wei Liu) [Orabug: 25458076]
- xenbus: fix deadlock on writes to /proc/xen/xenbus (David Vrabel)
[Orabug: 25430143]
More information about the Oraclevm-errata
mailing list