ELSA-2017-0386
- ULN >
- Oracle Linux Errata repository >
- ELSA-2017-0386
ELSA-2017-0386 - kernel security, bug fix, and enhancement update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2017-03-02 |
Description
- [3.10.0-514.10.2.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [bug 24817676]
[3.10.0-514.10.2]
- [net] dccp: fix freeing skb too early for IPV6_RECVPKTINFO (Hannes Frederic Sowa) [1423462 1423463]
[3.10.0-514.10.1]
- [block] blk-mq: Fix NULL pointer updating nr_requests (David Milburn) [1416133 1384066]
- [scsi] cxlflash: Fix crash in cxlflash_restore_luntable() (Gustavo Duarte) [1415146 1400524]
- [scsi] cxlflash: Improve context_reset() logic (Gustavo Duarte) [1415146 1400524]
- [scsi] cxlflash: Avoid command room violation (Gustavo Duarte) [1415146 1400524]
- [x86] Mark Kaby Lake with Kaby Lake PCH as supported (David Arcari) [1415094 1391219]
- [scsi] be2iscsi: Add checks to validate completions (Maurizio Lombardi) [1414687 1324918]
- [scsi] be2iscsi: Fix bad WRB index error (Maurizio Lombardi) [1414687 1324918]
- [scsi] be2iscsi: Add lock to protect WRB alloc and free (Maurizio Lombardi) [1414687 1324918]
- [mm] meminit: initialise more memory for inode/dentry hash tables in early boot (Yasuaki Ishimatsu) [1413623 1404584]
- [s390] mem_detect: Revert 'add DAT sanity check' (Hendrik Brueckner) [1413600 1391540]
- [cpufreq] intel_pstate: Fix code ordering in intel_pstate_set_policy() (Prarit Bhargava) [1411818 1398072]
- [scsi] cxlflash: Improve EEH recovery time (Steve Best) [1402442 1397588]
- [scsi] cxlflash: Fix to avoid EEH and host reset collisions (Steve Best) [1402442 1397588]
- [scsi] cxlflash: Remove the device cleanly in the system shutdown path (Steve Best) [1402442 1397588]
- [scsi] cxlflash: Scan host only after the port is ready for I/O (Steve Best) [1402442 1397588]
- [x86] kvm: x86: Check memopp before dereference (Mateusz Guzik) [1395805 1395806] {CVE-2016-8630}
- [vfio] pci: Fix integer overflows, bitmask check (Mateusz Guzik) [1394627 1394991 1394628 1394992] {CVE-2016-9083 CVE-2016-9084}
- [acpi] acpi / scan: use platform bus type by default for _HID enumeration (Tony Camuso) [1393727 1383505]
- [acpi] acpi / scan: introduce platform_id device PNP type flag (Tony Camuso) [1393727 1383505]
- [char] ipmi: Convert the IPMI SI ACPI handling to a platform device (Tony Camuso) [1393727 1383505]
- [acpi] acpi / ipmi: Cleanup coding styles (David Arcari) [1393725 1373703]
- [acpi] acpi / ipmi: Cleanup some inclusion codes (David Arcari) [1393725 1373703]
- [acpi] acpi / ipmi: Cleanup some initialization codes (David Arcari) [1393725 1373703]
- [acpi] acpi / ipmi: Cleanup several acpi_ipmi_device members (David Arcari) [1393725 1373703]
- [acpi] acpi / ipmi: Add reference counting for ACPI IPMI transfers (David Arcari) [1393725 1373703]
- [acpi] acpi / ipmi: Use global IPMI operation region handler (David Arcari) [1393725 1373703]
- [acpi] acpi / ipmi: Fix race caused by the unprotected ACPI IPMI user (David Arcari) [1393725 1373703]
- [acpi] acpi / ipmi: Fix race caused by the timed out ACPI IPMI transfers (David Arcari) [1393725 1373703]
- [acpi] acpi / ipmi: Fix race caused by the unprotected ACPI IPMI transfers (David Arcari) [1393725 1373703]
- [acpi] acpi / ipmi: Fix potential response buffer overflow (David Arcari) [1393725 1373703]
[3.10.0-514.9.1]
- [drm] i915/kbl: Remove preliminary_hw_support protection from KBL. (Rob Clark) [1413092 1305702]
- [netdrv] slip: Fix deadlock in write_wakeup (Steve Best) [1412225 1403497]
- [netdrv] slip: fix spinlock variant (Steve Best) [1412225 1403497]
- [kernel] kmod: use system_unbound_wq instead of khelper (Luiz Capitulino) [1411816 1395860]
- [nvme] switch abort to blk_execute_rq_nowait (David Milburn) [1411669 1392923]
- [netdrv] ibmveth: calculate gso_segs for large packets (Gustavo Duarte) [1411382 1361958]
- [netdrv] ibmveth: set correct gso_size and gso_type (Gustavo Duarte) [1411382 1361958]
- [netdrv] allow macvlans to move to net namespace (Jarod Wilson) [1409829 1368830]
- [pci] Set Read Completion Boundary to 128 iff Root Port supports it (_HPX) (Myron Stowe) [1406290 1387674]
- [pci] Export pcie_find_root_port() (Myron Stowe) [1406290 1387674]
- [rtc] cmos: Initialize hpet timer before irq is registered (Pratyush Anand) [1404184 1299001]
- [x86] amd: Fix cpu_llc_id for AMD Fam17h systems (Suravee Suthikulpanit) [1402444 1395399]
- [powerpc] powernv: Fix stale PE primary bus (Steve Best) [1402440 1395275]
- [misc] cxl: Fix coredump generation when cxl_get_fd() is used (Gustavo Duarte) [1402439 1397943]
- [pci] cxl: use pcibios_free_controller_deferred() when removing vPHBs (Gustavo Duarte) [1402438 1395323]
- [scsi] qla2xxx: do not abort all commands in the adapter during EEH recovery (Gustavo Duarte) [1402436 1393254]
- [scsi] qla2xxx: fix invalid DMA access after command aborts in PCI device remove (Gustavo Duarte) [1402436 1393254]
- [scsi] qla2xxx: do not queue commands when unloading (Gustavo Duarte) [1402436 1393254]
- [net] packet: fix race condition in packet_set_ring (Hangbin Liu) [1401852 1401853] {CVE-2016-8655}
[3.10.0-514.8.1]
- [netdrv] i40e: Fix corruption when transferring large files (Stefan Assmann) [1413101 1404060]
[3.10.0-514.7.1]
- [kernel] printk: avoid livelock if another CPU printks continuously (Denys Vlasenko) [1402314 1294066]
Related CVEs
| CVE-2016-8655 |
| CVE-2016-8630 |
| CVE-2016-9083 |
| CVE-2016-9084 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (x86_64) | kernel-3.10.0-514.10.2.el7.src.rpm | 9eae057ec11d0b6a8d626233adc050dd | ELBA-2021-1397-1 |
| kernel-3.10.0-514.10.2.el7.x86_64.rpm | 3b6cf97e2d2cf9e8576757f00f306a22 | ELBA-2021-1397-1 | |
| kernel-abi-whitelists-3.10.0-514.10.2.el7.noarch.rpm | 83d1f269843ebe923177f2c381d177c5 | ELBA-2021-1397-1 | |
| kernel-debug-3.10.0-514.10.2.el7.x86_64.rpm | 49cac08f4b987c644013bc5c1864bfde | ELBA-2021-1397-1 | |
| kernel-debug-devel-3.10.0-514.10.2.el7.x86_64.rpm | a18d69952bb68daa77cd7d27aeb492aa | ELBA-2021-1397-1 | |
| kernel-devel-3.10.0-514.10.2.el7.x86_64.rpm | c055612b53500767296268a98e5cfda1 | ELBA-2021-1397-1 | |
| kernel-doc-3.10.0-514.10.2.el7.noarch.rpm | ba1aae7b98e051a06f89d42a984b8aec | ELBA-2021-1397-1 | |
| kernel-headers-3.10.0-514.10.2.el7.x86_64.rpm | c411d7826371b0e6d7c139d7b16a5ac9 | ELBA-2021-1397-1 | |
| kernel-tools-3.10.0-514.10.2.el7.x86_64.rpm | 8c4a7d9748cc9ad9b228bc6a3ce488ed | ELBA-2021-1397-1 | |
| kernel-tools-libs-3.10.0-514.10.2.el7.x86_64.rpm | 612660e9291411f71d835520200fdd2d | ELBA-2021-1397-1 | |
| kernel-tools-libs-devel-3.10.0-514.10.2.el7.x86_64.rpm | 014b99bd754924a8fe909c677b66a794 | ELBA-2021-1397-1 | |
| perf-3.10.0-514.10.2.el7.x86_64.rpm | 17b82b20bfa004ee26d5e6619e34c40a | ELSA-2021-9220 | |
| python-perf-3.10.0-514.10.2.el7.x86_64.rpm | 00a812ea2106f759f9eba8557bac18b6 | ELSA-2021-9220 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
