ELBA-2015-3076
- ULN >
- Oracle Linux Errata repository >
- ELBA-2015-3076
ELBA-2015-3076 - Unbreakable Enterprise kernel bug fix update
| Type: | BUG |
| Severity: | NA |
| Release Date: | 2015-08-27 |
Description
[2.6.39-400.264.1]
- mm/hugetlb: Add locking to region_{add,change,truncate,count} when using shared files with hugepages (Mike Kravetz) [Orabug: 21561820]
[2.6.39-400.263.1]
- af_netlink: force credentials passing [CVE-2012-3520] (Eric Dumazet) [Orabug: 21591166] {CVE-2012-3520}
- xen/pciback: Don't print scary messages when unsupported by hypervisor. (Konrad Rzeszutek Wilk) [Orabug: 20642069]
- rds_rdma: setup connection before rds_cmsg_send (Wengang Wang) [Orabug: 20232581]
- megaraid_sas : Firmware crash dump feature support (Sumit.Saxena@avagotech.com) [Orabug: 21620491]
[2.6.39-400.262.1]
- udp: fix behavior of wrong checksums (Eric Dumazet) [Orabug: 21628851] {CVE-2015-5364} {CVE-2015-5366}
- scsi: don't add scsi_device if its already visible (Subhash Jadavani) [Orabug: 21611207]
- NVMe: Don't write cq doorbell on suspended queues (Keith Busch) [Orabug: 21591104]
- IB/ipoib: Potential false positive with peer support for ib-crc-as-csum (Yuval Shaia) [Orabug: 21350399]
- mlx4: indicate memory resource exhaustion (Ajaykumar Hotchandani) [Orabug: 21097014]
- rds: return EMSGSIZE for oversize requests before processing/queueing (Mukesh Kacker) [Orabug: 21079258]
[2.6.39-400.261.1]
- md: use kzalloc() when bitmap is disabled (Benjamin Randazzo) [Orabug: 21563042] {CVE-2015-5697}
- netfilter: nf_conntrack: reserve two bytes for nf_ct_ext->len (Andrey Vagin) [Orabug: 21562780] {CVE-2014-9715}
[2.6.39-400.260.1]
- block: remove artifical max_hw_sectors cap (Joe Jin) [Orabug: 21455630]
- idr: fix unexpected ID-removal when idr_remove(unallocated_id) (Lai Jiangshan) [Orabug: 21446790]
- idr: remove WARN_ON_ONCE() on negative IDs (Tejun Heo) [Orabug: 21446790]
- ipc,shm: fix shm_file deletion races (Greg Thelen) [Orabug: 21446790]
- rds: avoid call to flush_mrs() in specific condition (Ajaykumar Hotchandani) [Orabug: 21379403]
- rds: print vendor error (Wengang Wang) [Orabug: 21361643]
- Xen-netback: Fix issue caused by using gso_type wrongly (Annie Li) [Orabug: 21358903]
- xen-netback: fix fragments error handling in checksum_setup_ip() (Wei Yongjun) [Orabug: 21358903]
- xen-netback: make sure skb linear area covers checksum field (Paul Durrant) [Orabug: 21358903]
- xen-netback: reset network header before passing skb to checksum funtion (Annie Li) [Orabug: 21358903]
- xen-netback: fix fragment detection in checksum setup (Paul Durrant) [Orabug: 21358903]
- xen-netback: fix gso_prefix check (Paul Durrant) [Orabug: 21358903]
- xen-netback: include definition of csum_ipv6_magic (Andy Whitcroft) [Orabug: 21358903]
- xen-netback: enable IPv6 TCP GSO to the guest (Paul Durrant) [Orabug: 21358903]
- xen-netback: handle IPv6 TCP GSO packets from the guest (Paul Durrant) [Orabug: 21358903]
- xen-netback: Unconditionally set NETIF_F_RXCSUM (Paul Durrant) [Orabug: 21358903]
- xen-netback: add support for IPv6 checksum offload from guest (Paul Durrant) [Orabug: 21358903]
- xen-netback: switch to use skb_partial_csum_set() (Jason Wang) [Orabug: 21358903]
- xen-netback: add support for IPv6 checksum offload to guest (Paul Durrant) [Orabug: 21358903]
- vfs: allow umount to handle mountpoints without revalidating them (Jeff Layton) [Orabug: 21321002]
- rds: rds_ib_device.refcount overflow (Wengang Wang) [Orabug: 21288594]
- sched: Optimize task_sched_runtime() (Peter Zijlstra) [Orabug: 20739920]
- IPoIB: Fix ipoib_hard_header() return value (Doug Ledford) [Orabug: 18223954]
[2.6.39-400.259.0]
- x86, tls: Interpret an all-zero struct user_desc as 'no segment' (Andy Lutomirski) [Orabug: 21514969]
- x86, tls, ldt: Stop checking lm in LDT_empty (Andy Lutomirski) [Orabug: 21514969]
[2.6.39-400.258.0]
- KVM: x86: SYSENTER emulation is broken (Nadav Amit) [Orabug: 21502740] {CVE-2015-0239} {CVE-2015-0239}
- x86/tls: Validate TLS entries to protect espfix (Andy Lutomirski) [Orabug: 20223777] {CVE-2014-8133}
- fs: take i_mutex during prepare_binprm for set[ug]id executables (Jann Horn) [Orabug: 21502255] {CVE-2015-3339}
- eCryptfs: Remove buggy and unnecessary write in file name decode routine (Michael Halcrow) [Orabug: 21502066] {CVE-2014-9683}
[2.6.39-400.257.0]
- ipv6: Don't reduce hop limit for an interface (D.S. Ljungmark) [Orabug: 21444791] {CVE-2015-2922}
- ipv4: Missing sk_nulls_node_init() in ping_unhash(). (David S. Miller) [Orabug: 21444688] {CVE-2015-3636}
- x86/asm/entry/64: Remove a bogus 'ret_from_fork' optimization (Andy Lutomirski) [Orabug: 21308308] {CVE-2015-2830}
- x86, mm/ASLR: Fix stack randomization on 64-bit systems (Hector Marco-Gisbert) [Orabug: 21307918] {CVE-2015-1593} {CVE-2015-1593}
[2.6.39-400.256.0]
- NFS hangs in __ocfs2_cluster_lock due to race with ocfs2_unblock_lock (Tariq Saeed) [Orabug: 20933419]
- jbd2: fix hung processes in jbd2_journal_lock_updates() (Jan Kara)
- rds: make sure base connection is up on both sides (Ajaykumar Hotchandani) [Orabug: 20011421]
[2.6.39-400.255.0]
- x86_64, vdso: Fix the vdso address randomization algorithm (Andy Lutomirski) [Orabug: 21226730] {CVE-2014-9585}
- isofs: Fix infinite looping over CE entries (Jan Kara) [Orabug: 21225976] {CVE-2014-9420}
- x86_64, switch_to(): Load TLS descriptors before switching DS and ES (Andy Lutomirski) [Orabug: 21225938] {CVE-2014-9419}
[2.6.39-400.254.0]
- IB/ipoib: Disable TSO in connected mode (Yuval Shaia) [Orabug: 20637991]
[2.6.39-400.253.0]
- ib/rds: fixed big endianness conversion issue for dp->dp_ack_seq (Qing Huang) [Orabug: 21057517]
- ib/rds: fixed crashes caused by incoming requests with wrong destination (Qing Huang) [Orabug: 20823711]
- af_unix: dont send SCM_CREDENTIALS by default (Eric Dumazet) [Orabug: 20604916]
- scm: Capture the full credentials of the scm sender (Tim Chen) [Orabug: 20604916]
- af_unix: limit recursion level (Eric Dumazet) [Orabug: 20604916]
- af_unix: Allow credentials to work across user and pid namespaces. (Eric W. Biederman) [Orabug: 20604916]
- scm: Capture the full credentials of the scm sender. (Eric W. Biederman) [Orabug: 20604916]
- RDS: Handle RDMA_CM_EVENT_TIMEWAIT_EXIT (Venkat Venkatsubra) [Orabug: 20547505]
- mlx4_ib: Memory leak on Dom0 with SRIOV. (Venkat Venkatsubra) [Orabug: 20508779]
- BUG_ON(lockres->l_level != DLM_LOCK_EX && !checkpointed) tripped in ocfs2_ci_checkpointed (Tariq Saeed) [Orabug: 20189959]
- sched: Prevent divide by zero when cpu power calculation is 0 (Todd Vierling) [Orabug: 17936435]
- crypto: aesni - fix memory usage in GCM decryption (Stephan Mueller) [Orabug: 21077389] {CVE-2015-3331}
[2.6.39-400.252.0]
- kexec: export free_huge_page to VMCOREINFO (Atsushi Kumagai) [Orabug: 20313589]
- kexec: save PG_head_mask in VMCOREINFO (Petr Tesarik) [Orabug: 20313589]
[2.6.39-400.251.0]
- Revert 'Support checksum and gso offload of ipv6 in netback' (Annie Li) [Orabug: 20492244]
- ocfs2/cluster: Cluster up now includes network connections too (Sunil Mushran) [Orabug: 19803036]
- oracleasm: Restrict logical block size reporting (Martin K. Petersen) [Orabug: 19699681]
- oracleasm: Report logical block size (Martin K. Petersen) [Orabug: 19699681]
- ocfs2: dlm: fix lock migration crash (Junxiao Bi) [Orabug: 18317308]
- xfs: fix sgid inheritance for subdirectories inheriting default acls [V3] (Carlos Maiolino) [Orabug: 17423815]
- RDS/IP: RDS takes 10 seconds to plumb the second IP back (Mukesh Kacker) [Orabug: 20231857]
- RDS/IB: Tune failover-on-reboot scheduling (Mukesh Kacker) [Orabug: 20063740]
- RDS: mark netdev UP for intfs added post module load (Mukesh Kacker) [Orabug: 20130536]
- SUNRPC: Prevent an rpc_task wakeup race (Trond Myklebust) [Orabug: 20989265]
- sunrpc: clarify comments on rpc_make_runnable (Jeff Layton) [Orabug: 20989265]
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
