OVMSA-2016-0138

OVMSA-2016-0138 - Unbreakable Enterprise kernel security and bugfix update

Type:SECURITY
Severity:IMPORTANT
Release Date:2016-10-06

Description


[4.1.12-61.1.13]
- HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands (Scott Bauer) [Orabug: 24803597] {CVE-2016-5829}

[4.1.12-61.1.12]
- ocfs2: Fix start offset to ocfs2_zero_range_for_truncate() (Ashish Samant) [Orabug: 24790230]

[4.1.12-61.1.11]
- ocfs2: Fix double put of recount tree in ocfs2_lock_refcount_tree() (Ashish Samant) [Orabug: 24691860]
- megaraid_sas: Don't issue kill adapter for MFI controllers in case of PD list DCMD failure (Sumit Saxena) [Orabug: 24506797]
- netfilter: x_tables: speed up jump target validation (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: enforce nul-terminated table name from getsockopt GET_ENTRIES (Pablo Neira Ayuso) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: remove unused comefrom hookmask argument (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: introduce and use xt_copy_counters_from_user (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: do compat validation via translate_table (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: xt_compat_match_from_user doesn't need a retval (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: ip6_tables: simplify translate_compat_table args (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: ip_tables: simplify translate_compat_table args (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: arp_tables: simplify translate_compat_table args (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: don't reject valid target size on some architectures (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: validate all offsets and sizes in a rule (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: check for bogus target offset (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: check standard target size too (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: add compat version of xt_check_entry_offsets (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: assert minimum target size (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: kill check_entry helper (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: add and use xt_check_entry_offsets (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: validate targets of jumps (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: fix unconditional helper (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: validate targets of jumps (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: don't move to non-existent next rule (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: fix unconditional helper (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}
- netfilter: x_tables: check for size overflow (Florian Westphal) [Orabug: 24691226] {CVE-2016-3134}


Related CVEs


CVE-2016-3134
CVE-2016-5829

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle VM 3.4 (x86_64) kernel-uek-4.1.12-61.1.13.el6uek.src.rpmdca65f352b9804e322c4707f8181bb26OVMSA-2021-0016
kernel-uek-4.1.12-61.1.13.el6uek.x86_64.rpm38b0435d2a16d227310a51ef3dc8722aOVMSA-2021-0016
kernel-uek-firmware-4.1.12-61.1.13.el6uek.noarch.rpm481095bb2c5e51aed235aad424fffc76OVMSA-2021-0016



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete