ELSA-2017-3658

ULN >
Oracle Linux Errata repository >
ELSA-2017-3658

ELSA-2017-3658 - Unbreakable Enterprise kernel security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2017-12-08

Description

[2.6.39-400.298.1]
- ocfs2/dlm: ignore cleaning the migration mle that is inuse (xuejiufei) [Orabug: 23320090]
- tty: Fix race in pty_write() leading to NULL deref (Todd Vierling) [Orabug: 24337879]
- xen-netfront: cast grant table reference first to type int (Dongli Zhang) [Orabug: 25102637]
- xen-netfront: do not cast grant table reference to signed short (Dongli Zhang) [Orabug: 25102637]
- RDS: Print failed rdma op details if failure is remote access error (Rama Nichanamatlu) [Orabug: 25440316]
- ping: implement proper locking (Eric Dumazet) [Orabug: 26540288] {CVE-2017-2671}
- KEYS: fix dereferencing NULL payload with nonzero length (Eric Biggers) [Orabug: 26592013]
- oracleasm: Copy the integrity descriptor (Martin K. Petersen) [Orabug: 26650039]
- mm: Tighten x86 /dev/mem with zeroing reads (Kees Cook) [Orabug: 26675934] {CVE-2017-7889}
- fs: __generic_file_splice_read retry lookup on AOP_TRUNCATED_PAGE (Abhi Das) [Orabug: 26797307]
- xscore: add dma address check (Zhu Yanjun) [Orabug: 27058559]
- more bio_map_user_iov() leak fixes (Al Viro) [Orabug: 27069045] {CVE-2017-12190}
- fix unbalanced page refcounting in bio_map_user_iov (Vitaly Mayatskikh) [Orabug: 27069045] {CVE-2017-12190}
- xsigo: [backport] Fix race in freeing aged Forwarding tables (Pradeep Gopanapalli) [Orabug: 24823234]
- ocfs2: fix deadlock issue when taking inode lock at vfs entry points (Eric Ren) [Orabug: 25671723]
- ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock (Eric Ren) [Orabug: 25671723]
- net/packet: fix overflow in check for tp_reserve (Andrey Konovalov) [Orabug: 26143563] {CVE-2017-7308}
- net/packet: fix overflow in check for tp_frame_nr (Andrey Konovalov) [Orabug: 26143563] {CVE-2017-7308}
- char: lp: fix possible integer overflow in lp_setup() (Willy Tarreau) [Orabug: 26403941] {CVE-2017-1000363}
- ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT (Takashi Iwai) [Orabug: 26403958] {CVE-2017-1000380}
- ALSA: timer: Fix race between read and ioctl (Takashi Iwai) [Orabug: 26403958] {CVE-2017-1000380}
- ALSA: timer: fix NULL pointer dereference in read()/ioctl() race (Vegard Nossum) [Orabug: 26403958] {CVE-2017-1000380}
- ALSA: timer: Fix negative queue usage by racy accesses (Takashi Iwai) [Orabug: 26403958] {CVE-2017-1000380}
- ALSA: timer: Fix race at concurrent reads (Takashi Iwai) [Orabug: 26403958] {CVE-2017-1000380}
- ALSA: timer: Fix race among timer ioctls (Takashi Iwai) [Orabug: 26403958] {CVE-2017-1000380}
- ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() (Ben Hutchings) [Orabug: 26403974] {CVE-2017-9074}
- ipv6: Check ip6_find_1stfragopt() return value properly. (David S. Miller) [Orabug: 26403974] {CVE-2017-9074}
- ipv6: Prevent overrun when parsing v6 header options (Craig Gallek) [Orabug: 26403974] {CVE-2017-9074}
- ipv6/dccp: do not inherit ipv6_mc_list from parent (WANG Cong) [Orabug: 26404007] {CVE-2017-9077}
- aio: mark AIO pseudo-fs noexec (Jann Horn) [Orabug: 26643601] {CVE-2016-10044}
- vfs: Commit to never having exectuables on proc and sysfs. (Eric W. Biederman) [Orabug: 26643601] {CVE-2016-10044}
- vfs, writeback: replace FS_CGROUP_WRITEBACK with SB_I_CGROUPWB (Tejun Heo) [Orabug: 26643601] {CVE-2016-10044}
- x86/acpi: Prevent out of bound access caused by broken ACPI tables (Seunghun Han) [Orabug: 26643652] {CVE-2017-11473}
- sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (Eric Dumazet) [Orabug: 26650889] {CVE-2017-9075}
- saa7164: fix double fetch PCIe access condition (Steven Toth) [Orabug: 26675148] {CVE-2017-8831}
- saa7164: fix sparse warnings (Hans Verkuil) [Orabug: 26675148] {CVE-2017-8831}
- saa7164: get rid of warning: no previous prototype (Mauro Carvalho Chehab) [Orabug: 26675148] {CVE-2017-8831}
- [scsi] lpfc 8.3.44: Fix kernel panics from corrupted ndlp (James Smart) [Orabug: 26765341]
- timerfd: Protect the might cancel mechanism proper (Thomas Gleixner) [Orabug: 26899791] {CVE-2017-10661}
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly (Xin Long) [Orabug: 26988628] {CVE-2017-14489}
- mqueue: fix a use-after-free in sys_mq_notify() (Cong Wang) [Orabug: 26643562] {CVE-2017-11176}
- ipv6: avoid overflow of offset in ip6_find_1stfragopt (Sabrina Dubroca) [Orabug: 27011278] {CVE-2017-7542}
- packet: fix tp_reserve race in packet_set_ring (Willem de Bruijn) [Orabug: 27002453] {CVE-2017-1000111}
- mlx4_core: calculate log_mtt based on total system memory (Wei Lin Guay) [Orabug: 26867355]
- xen/x86: Add interface for querying amount of host memory (Boris Ostrovsky) [Orabug: 26867355]
- fs/binfmt_elf.c: fix bug in loading of PIE binaries (Michael Davidson) [Orabug: 26870958] {CVE-2017-1000253}
- Bluetooth: Properly check L2CAP config option output buffer length (Ben Seri) [Orabug: 26796428] {CVE-2017-1000251}
- xen: fix bio vec merging (Roger Pau Monne) [Orabug: 26645562] {CVE-2017-12134}
- fs/exec.c: account for argv/envp pointers (Kees Cook) [Orabug: 26638926] {CVE-2017-1000365} {CVE-2017-1000365}
- l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind() (Guillaume Nault) [Orabug: 26586050] {CVE-2016-10200}
- xfs: fix two memory leaks in xfs_attr_list.c error paths (Mateusz Guzik) [Orabug: 26586024] {CVE-2016-9685}
- KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings (David Howells) [Orabug: 26586002] {CVE-2016-9604}
- ipv6: fix out of bound writes in __ip6_append_data() (Eric Dumazet) [Orabug: 26578202] {CVE-2017-9242}
- selinux: quiet the filesystem labeling behavior message (Paul Moore) [Orabug: 25721485]
- RDS/IB: active bonding port state fix for intfs added late (Mukesh Kacker) [Orabug: 25875426]
- HID: hid-cypress: validate length of report (Greg Kroah-Hartman) [Orabug: 25891914] {CVE-2017-7273}
- udf: Remove repeated loads blocksize (Jan Kara) [Orabug: 25905722] {CVE-2015-4167}
- udf: Check length of extended attributes and allocation descriptors (Jan Kara) [Orabug: 25905722] {CVE-2015-4167}
- udf: Verify i_size when loading inode (Jan Kara) [Orabug: 25905722] {CVE-2015-4167}
- btrfs: drop unused parameter from btrfs_item_nr (Ross Kirk) [Orabug: 25948102] {CVE-2014-9710}
- Btrfs: cleanup of function where fixup_low_keys() is called (Tsutomu Itoh) [Orabug: 25948102] {CVE-2014-9710}
- Btrfs: remove unused argument of fixup_low_keys() (Tsutomu Itoh) [Orabug: 25948102] {CVE-2014-9710}
- Btrfs: remove unused argument of btrfs_extend_item() (Tsutomu Itoh) [Orabug: 25948102] {CVE-2014-9710}
- Btrfs: add support for asserts (Josef Bacik) [Orabug: 25948102] {CVE-2014-9710}
- Btrfs: make xattr replace operations atomic (Filipe Manana) [Orabug: 25948102] {CVE-2014-9710}
- net: validate the range we feed to iov_iter_init() in sys_sendto/sys_recvfrom (Al Viro) [Orabug: 25948149] {CVE-2015-2686}
- xsigo: Compute node crash on FC failover (Joe Jin) [Orabug: 25965445]
- PCI: Prevent VPD access for QLogic ISP2722 (Ethan Zhao) [Orabug: 25975513]
- PCI: Prevent VPD access for buggy devices (Babu Moger) [Orabug: 25975513]
- ipv4: try to cache dst_entries which would cause a redirect (Hannes Frederic Sowa) [Orabug: 26032377] {CVE-2015-1465}
- mm: larger stack guard gap, between vmas (Hugh Dickins) [Orabug: 26326145] {CVE-2017-1000364}
- nfsd: check for oversized NFSv2/v3 arguments (J. Bruce Fields) [Orabug: 26366024] {CVE-2017-7645}
- dm mpath: allow ioctls to trigger pg init (Mikulas Patocka) [Orabug: 25645229]
- xen/manage: Always freeze/thaw processes when suspend/resuming (Ross Lagerwall) [Orabug: 25795530]
- lpfc cannot establish connection with targets that send PRLI under P2P mode (Joe Jin) [Orabug: 25955028]

Related CVEs

CVE-2017-2671

CVE-2017-7889

CVE-2017-12190

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 5 (i386)	kernel-uek-2.6.39-400.298.1.el5uek.src.rpm	ada038d16a0115be54aaaf0da4e6f589a8341da253dc9ea2a0807c38e4f49ac0	ELSA-2020-5936	ol5_i386_UEK_ELS
	kernel-uek-2.6.39-400.298.1.el5uek.i686.rpm	03c5b258231c84687f60a7affd4ba5ca989eec1dfc5b052b78cf859dbe3ea95f	ELSA-2020-5936	ol5_i386_UEK_ELS
	kernel-uek-debug-2.6.39-400.298.1.el5uek.i686.rpm	a36eefdb507cab3254e013dc36fc811216fbeff47c65599a4d894d76a6d9c0ca	ELSA-2020-5936	ol5_i386_UEK_ELS
	kernel-uek-debug-devel-2.6.39-400.298.1.el5uek.i686.rpm	6ab04a45f1b5d3d3ff2db3c0e6224615f0a593fd0814b2bc4ec27005371589cc	ELSA-2020-5936	ol5_i386_UEK_ELS
	kernel-uek-devel-2.6.39-400.298.1.el5uek.i686.rpm	7ac04a38c0ab6f06b14266f04efd6b8c3656c6fcaa99173b6c5eb2a3663d1310	ELSA-2020-5936	ol5_i386_UEK_ELS
	kernel-uek-doc-2.6.39-400.298.1.el5uek.noarch.rpm	98de373e815aea6a4bbfe5c7e5d4f5bafb96b9f97aeaf3ffec616e0fd93132b2	ELSA-2020-5936	ol5_i386_UEK_ELS
	kernel-uek-firmware-2.6.39-400.298.1.el5uek.noarch.rpm	9f16f86add12607513fe55e016ac7522ce75d91093faed93553a6c2a30a7bde1	ELSA-2020-5936	ol5_i386_UEK_ELS

Oracle Linux 5 (x86_64)	kernel-uek-2.6.39-400.298.1.el5uek.src.rpm	ada038d16a0115be54aaaf0da4e6f589a8341da253dc9ea2a0807c38e4f49ac0	ELSA-2020-5936	ol5_x86_64_UEK_ELS
	kernel-uek-2.6.39-400.298.1.el5uek.x86_64.rpm	b19ad840e9b5e8a7b542d7146971024b2a2100d3b9469a9ef69b5906a7013b47	ELSA-2020-5936	ol5_x86_64_UEK_ELS
	kernel-uek-debug-2.6.39-400.298.1.el5uek.x86_64.rpm	15db07c6a9f9822cb128ea1ccace62c856bc56c3c9f177d197d62ab8e5bc9530	ELSA-2020-5936	ol5_x86_64_UEK_ELS
	kernel-uek-debug-devel-2.6.39-400.298.1.el5uek.x86_64.rpm	ce28b148cd634aa0b6785f780fb46fae34f8ed849c26dfe92cea4d452ac81301	ELSA-2020-5936	ol5_x86_64_UEK_ELS
	kernel-uek-devel-2.6.39-400.298.1.el5uek.x86_64.rpm	b90aa7b09ffa203393d3b19368a18b023b3293bf363f3064a01a7d980aaef3d9	ELSA-2020-5936	ol5_x86_64_UEK_ELS
	kernel-uek-doc-2.6.39-400.298.1.el5uek.noarch.rpm	98de373e815aea6a4bbfe5c7e5d4f5bafb96b9f97aeaf3ffec616e0fd93132b2	ELSA-2020-5936	ol5_x86_64_UEK_ELS
	kernel-uek-firmware-2.6.39-400.298.1.el5uek.noarch.rpm	9f16f86add12607513fe55e016ac7522ce75d91093faed93553a6c2a30a7bde1	ELSA-2020-5936	ol5_x86_64_UEK_ELS

Oracle Linux 6 (i386)	kernel-uek-2.6.39-400.298.1.el6uek.src.rpm	705e8ce3bf7423c1132e2531db059344bb8dc66b0a7590712344c5f8e4dd5515	ELSA-2025-20007	ol6_i386_UEK_latest
	kernel-uek-2.6.39-400.298.1.el6uek.i686.rpm	c4a063a997f2022a5fb9cb04a957cf2f801f331c87ee66b699a4d86c777a1e26	ELSA-2025-20007	ol6_i386_UEK_latest
	kernel-uek-debug-2.6.39-400.298.1.el6uek.i686.rpm	632b43204e89c34270bd75f9bf8b4128060715c105d95243a07f610b4b6a7d75	ELSA-2025-20007	ol6_i386_UEK_latest
	kernel-uek-debug-devel-2.6.39-400.298.1.el6uek.i686.rpm	e5c5793b7fe62cdaebf2d58eb6faebfb356f646a2bb14b04373e656644671996	ELSA-2025-20007	ol6_i386_UEK_latest
	kernel-uek-devel-2.6.39-400.298.1.el6uek.i686.rpm	32bc9d8f0b22667bc5c862aec92ad70bda1d37c59ed9e256e8f5348dd486186f	ELSA-2025-20007	ol6_i386_UEK_latest
	kernel-uek-doc-2.6.39-400.298.1.el6uek.noarch.rpm	04c6ad2e107e525364f4543bddadddf770f9cff9db80ce3a9e369a5f7a0f3fe0	ELSA-2025-20007	ol6_i386_UEK_latest
	kernel-uek-firmware-2.6.39-400.298.1.el6uek.noarch.rpm	271054fa540808c9c141c83d7ff989c6e7761eeb9e1dc50e4bf7543785037d4a	ELSA-2025-20007	ol6_i386_UEK_latest

Oracle Linux 6 (x86_64)	kernel-uek-2.6.39-400.298.1.el6uek.src.rpm	705e8ce3bf7423c1132e2531db059344bb8dc66b0a7590712344c5f8e4dd5515	ELSA-2025-20007	ol6_x86_64_UEK_latest
	kernel-uek-2.6.39-400.298.1.el6uek.x86_64.rpm	b420b75537b4aaae44525fd16ef1c605b332782239b7f80a2a2337b2354dd872	ELSA-2025-20007	ol6_x86_64_UEK_latest
	kernel-uek-debug-2.6.39-400.298.1.el6uek.x86_64.rpm	d26123541bf2a8e763e000f95e392a009e9940955cac740cbec44068c8abf0c1	ELSA-2025-20007	ol6_x86_64_UEK_latest
	kernel-uek-debug-devel-2.6.39-400.298.1.el6uek.x86_64.rpm	8f054bf3f8986844bd482cc2a29f60f0cee54f87bfdf323298db6958ac234176	ELSA-2025-20007	ol6_x86_64_UEK_latest
	kernel-uek-devel-2.6.39-400.298.1.el6uek.x86_64.rpm	4200e0d728139087b44acc86548954c4a3cfc26d443d05692231c188ae08a94e	ELSA-2025-20007	ol6_x86_64_UEK_latest
	kernel-uek-doc-2.6.39-400.298.1.el6uek.noarch.rpm	04c6ad2e107e525364f4543bddadddf770f9cff9db80ce3a9e369a5f7a0f3fe0	ELSA-2025-20007	ol6_x86_64_UEK_latest
	kernel-uek-firmware-2.6.39-400.298.1.el6uek.noarch.rpm	271054fa540808c9c141c83d7ff989c6e7761eeb9e1dc50e4bf7543785037d4a	ELSA-2025-20007	ol6_x86_64_UEK_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691