ELSA-2011-0004

ELSA-2011-0004 - kernel security, bug fix, and enhancement update

Type:SECURITY
Severity:IMPORTANT
Release Date:2011-01-04

Description



[2.6.18-194.32.1.0.1.el5]
- [xen] check to see if hypervisor supports memory reservation change
(Chuck Anderson) [orabug 7556514]
- Add entropy support to igb (John Sobecki) [orabug 7607479]
- [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332]
- [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043]
[bz 7258]
- [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]
- [nfsd] fix failure of file creation from hpux client (Wen gang Wang)
[orabug 7579314]
- [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702]
- [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin)
[orabug 9504524]
- [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105]
RDS: Fix BUG_ONs to not fire when in a tasklet
ipoib: Fix lockup of the tx queue
RDS: Do not call set_page_dirty() with irqs off (Sherman Pun)
RDS: Properly unmap when getting a remote access error (Tina Yang)
RDS: Fix locking in rds_send_drop_to()
- [mm] Enhance shrink_zone patch allow full swap utilization, and also be
NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh)
[orabug 9245919]
- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)
[orabug 9107465]
- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)
[orabug 9764220]
- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]
- fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro,
Guru Anbalagane) [orabug 6124033]
- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]
- [ib] fix memory corruption (Andy Grover) [orabug 9972346]
- make xenkbd.abs_pointer=1 by default (John Haxby) [orabug 67188919]
- fix filp_close() race (Joe Jin) [orabug 10335998]

[2.6.18-194.32.1.el5]
- [fs] nfs: set lock_context field in nfs_readpage_sync (Jeff Layton) [664416 663853]

[2.6.18-194.31.1.el5]
- [fs] nfs: set lock_context field in nfs_writepage_sync (Jeff Layton) [663381 660580]
- [fs] nfs: remove problematic calls to nfs_clear_request (Jeff Layton) [663353 656492]
- [fs] nfs: handle alloc failures in nfs_create_request (Jeff Layton) [663353 656492]
- [fs] nfs: clean up nfs_create_request (Jeff Layton) [663353 656492]
- [virt] xen: fix netback hotplug regression in xenbus fix (Laszlo Ersek) [636412 635999] {CVE-2010-3699}

[2.6.18-194.30.1.el5]
- [scsi] lpfc: set heartbeat timer off by default (Rob Evers) [658079 655119]
- [misc] posix-cpu-timers: workaround for mt exec problems (Oleg Nesterov) [656265 656266] {CVE-2010-4248}
- [fs] setup_arg_pages: diagnose excessive argument size (Oleg Nesterov) [645226 645227] {CVE-2010-3858}
- [net] inet_diag: make sure we run audited bytecode (Jiri Pirko) [651266 651267] {CVE-2010-3880}
- [net] limit sendto/recvfrom/iovec total length to INT_MAX (Jiri Pirko) [645871 645872] {CVE-2010-3859}
- [bluetooth] hci_ldisc: fix missing NULL check (Jarod Wilson) [655664 655666] {CVE-2010-4242}
- [virt] xen: add bounds req-process loop in blkback/blktap (Laszlo Ersek) [656208 654546] {CVE-2010-4247}
- [virt] xen: don't leak dev refs on bad xenbus transitions (Laszlo Ersek) [636412 635999] {CVE-2010-3699}
- [scsi] lpfc: fix crashes on NULL pnode dereference (Rob Evers) [658864 649489]
- [scsi] qla2xxx: check null fcport in _queuecommands (Chad Dupuis) [657029 644863]
- [fs] gfs2: fix race in unlinked inode deallocation (Robert S Peterson) [651811 643165]
- [scsi] lpfc: fix a BUG_ON in lpfc_abort_handler (Rob Evers) [658378 639028]
- [scsi] re-enable transistions from OFFLINE to RUNNING (Mike Christie) [658934 641193]
- [scsi] scsi_dh_alua: handle transitioning state correctly (Mike Snitzer) [657028 619361]
- [misc] add round_jiffies_up and related routines (Michal Schmidt) [658520 556476]
- [fs] fix dcache accounting bug (Josef Bacik) [658857 596548]
- [usb] uhci: fix oops in uhci_scan_schedule (Pete Zaitcev) [657319 516851]
- [scsi] lpfc: fix panic in lpfc_scsi_cmd_iocb_cmpl (Rob Evers) [658379 603806]

[2.6.18-194.29.1.el5]
- [net] rds: fix rds_iovec page count overflow (Jiri Pirko) [647421 647422] {CVE-2010-3865}
- [net] fix deadlock in sock_queue_rcv_skb (Danny Feng) [652536 652537] {CVE-2010-4161}
- [net] packet: fix information leak to userland (Jiri Pirko) [649897 649898] {CVE-2010-3876}
- [ipc] sys_semctl: fix kernel stack leakage (Danny Feng) [648721 648722] {CVE-2010-4083}
- [misc] kernel: remove yield from stop_machine paths (Oleg Nesterov) [651818 634454]
- [fs] dlm: reduce cond_resched during send (David Teigland) [653335 604139]
- [fs] dlm: use TCP_NODELAY (David Teigland) [653335 604139]
- [net] sctp: do not reset packet during sctp_packet_config (Jiri Pirko) [637866 637867] {CVE-2010-3432}
- [net] bonding: no lock on copy/clear VLAN list on slave (Andy Gospodarek) [652561 627974]
- [scsi] gdth: prevent integer overflow in ioc_general (Frantisek Hrbata) [651175 651176] {CVE-2010-4157}
- [kernel] add stop_machine barrier to fix lock contention (Prarit Bhargava) [651818 634454]

[2.6.18-194.28.1.el5]
- [net] bnx2: Increase max rx ring size from 1K to 2K (Andy Gospodarek) [649255 640026]
- [net] bnx2: fixup broken NAPI accounting (Andy Gospodarek) [649255 640026]
- [pci] include DL580 G7 in bfsort whitelist (Tony Camuso) [646765 644879]
- [sound] core: prevent heap corruption in snd_ctl_new (Jerome Marchand) [638483 638484] {CVE-2010-3442}
- [net] ixgbe: add option to control interrupt mode (Andy Gospodarek) [643339 571495]
- [fs] execve: fix interactivity and response to SIGKILL (Dave Anderson) [643344 629176]
- [usb] fix test of wrong variable in create_by_name (Don Howard) [643347 594635]
- [fs] gfs2: fix stuck in inode wait, no glocks stuck (Robert S Peterson) [651805 595397]
- [net] gro: fix bogus gso_size on the first fraglist entry (Herbert Xu) [648938 588015]
- [virt] xen: fix Connected state after netback dev closed (Paolo Bonzini) [643345 591548]
- [net] tun: orphan an skb on tx (Michael S. Tsirkin) [643348 584412]

[2.6.18-194.27.1.el5]
- [net] netxen: fix set mac addr (Andy Gospodarek) [647681 562937]


Related CVEs


CVE-2010-3432
CVE-2010-3442
CVE-2010-3699
CVE-2010-3858
CVE-2010-3859
CVE-2010-3865
CVE-2010-3876
CVE-2010-3880
CVE-2010-4083
CVE-2010-4157
CVE-2010-4161
CVE-2010-4242
CVE-2010-4247
CVE-2010-4248

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 5 (i386) kernel-2.6.18-194.32.1.0.1.el5.src.rpmfe200c30d5162290e5540cf5b6e42f3bELSA-2017-1482-1
ocfs2-2.6.18-194.32.1.0.1.el5-1.4.7-1.el5.src.rpmc7749b3e9a547b65cc82a8dd4ce0e265-
oracleasm-2.6.18-194.32.1.0.1.el5-2.0.5-1.el5.src.rpm599765f4920b32c6e37a377cd1ba2cf3-
kernel-2.6.18-194.32.1.0.1.el5.i686.rpmde6800a59a7d81348b6a3915f6760a21ELSA-2017-1482-1
kernel-PAE-2.6.18-194.32.1.0.1.el5.i686.rpme3307892c51bc95304d8fd1e65ff3805ELSA-2017-1482-1
kernel-PAE-devel-2.6.18-194.32.1.0.1.el5.i686.rpmbfe0cdac13146cceb480485955844776ELSA-2017-1482-1
kernel-debug-2.6.18-194.32.1.0.1.el5.i686.rpmb3b490460356b84c7408175e01670173ELSA-2017-1482-1
kernel-debug-devel-2.6.18-194.32.1.0.1.el5.i686.rpm38ba6206a89d345597cae876e25bf991ELSA-2017-1482-1
kernel-devel-2.6.18-194.32.1.0.1.el5.i686.rpmcd9a1d6412869532de76a8a9aa187454ELSA-2017-1482-1
kernel-doc-2.6.18-194.32.1.0.1.el5.noarch.rpm01d1f01c0ef4cc8a6803985ce880c5e9ELSA-2017-1482-1
kernel-headers-2.6.18-194.32.1.0.1.el5.i386.rpm8919893d560521c09262eb02349d3dd4ELSA-2017-1482-1
kernel-xen-2.6.18-194.32.1.0.1.el5.i686.rpmd1adcfa20f7f0fbd98d9384d462dc1fdELSA-2017-1482-1
kernel-xen-devel-2.6.18-194.32.1.0.1.el5.i686.rpm6ca6e8d440fd1c0e47eb7d2cef34a570ELSA-2017-1482-1
ocfs2-2.6.18-194.32.1.0.1.el5-1.4.7-1.el5.i686.rpm5df1b2869021512b6335e8d2b427f5ef-
ocfs2-2.6.18-194.32.1.0.1.el5PAE-1.4.7-1.el5.i686.rpm9a6ee8426422563608c91107a24af3cd-
ocfs2-2.6.18-194.32.1.0.1.el5debug-1.4.7-1.el5.i686.rpm13f42b03354321b714fe3603e3103b51-
ocfs2-2.6.18-194.32.1.0.1.el5xen-1.4.7-1.el5.i686.rpmeb604a217f24b850db9a5473e904d06a-
oracleasm-2.6.18-194.32.1.0.1.el5-2.0.5-1.el5.i686.rpm761a14334fc2acca7f11884215847bcb-
oracleasm-2.6.18-194.32.1.0.1.el5PAE-2.0.5-1.el5.i686.rpm49c3d45dc8fe98ef75f8efa8b0807c98-
oracleasm-2.6.18-194.32.1.0.1.el5debug-2.0.5-1.el5.i686.rpmef21fa3608d55664e3f0495420c84807-
oracleasm-2.6.18-194.32.1.0.1.el5xen-2.0.5-1.el5.i686.rpmde51314a3f71a1fc07235bd313244e49-
Oracle Linux 5 (ia64) kernel-2.6.18-194.32.1.0.1.el5.src.rpmfe200c30d5162290e5540cf5b6e42f3bELSA-2017-1482-1
ocfs2-2.6.18-194.32.1.0.1.el5-1.4.7-1.el5.src.rpmc7749b3e9a547b65cc82a8dd4ce0e265-
oracleasm-2.6.18-194.32.1.0.1.el5-2.0.5-1.el5.src.rpm599765f4920b32c6e37a377cd1ba2cf3-
kernel-2.6.18-194.32.1.0.1.el5.ia64.rpmceef8bcbb04124b0192f8d576a407219ELSA-2017-1482-1
kernel-debug-2.6.18-194.32.1.0.1.el5.ia64.rpmd646597f7a0b527371ac42dfdc3df6ecELSA-2017-1482-1
kernel-debug-devel-2.6.18-194.32.1.0.1.el5.ia64.rpmd13e449eff4a07ddb99ce7168b5df7e1ELSA-2017-1482-1
kernel-devel-2.6.18-194.32.1.0.1.el5.ia64.rpm7c70394e26b4b4a07dcd4a5448f96a7aELSA-2017-1482-1
kernel-doc-2.6.18-194.32.1.0.1.el5.noarch.rpm01d1f01c0ef4cc8a6803985ce880c5e9ELSA-2017-1482-1
kernel-headers-2.6.18-194.32.1.0.1.el5.ia64.rpm421d0272e86858332b96c9ed35c39714ELSA-2017-1482-1
kernel-xen-2.6.18-194.32.1.0.1.el5.ia64.rpm727149b453ccdb5ddb31b4df2ac94407ELSA-2017-1482-1
kernel-xen-devel-2.6.18-194.32.1.0.1.el5.ia64.rpm3988ac057e0dce6a885d761c1bef4f6bELSA-2017-1482-1
ocfs2-2.6.18-194.32.1.0.1.el5-1.4.7-1.el5.ia64.rpm7bc4aa8e23b859f07618a2da9d4f05c8-
ocfs2-2.6.18-194.32.1.0.1.el5debug-1.4.7-1.el5.ia64.rpm5c84a1b98946fd307c9738319340cefb-
ocfs2-2.6.18-194.32.1.0.1.el5xen-1.4.7-1.el5.ia64.rpm585da27cd339cf2163a75e00183f61fe-
oracleasm-2.6.18-194.32.1.0.1.el5-2.0.5-1.el5.ia64.rpmf69dac75e0f365476291ad3678f101a1-
oracleasm-2.6.18-194.32.1.0.1.el5debug-2.0.5-1.el5.ia64.rpm41b69ffdc364086091e39e55e31fecb9-
oracleasm-2.6.18-194.32.1.0.1.el5xen-2.0.5-1.el5.ia64.rpmb534627be82df68578ab210a74d63af5-
Oracle Linux 5 (x86_64) kernel-2.6.18-194.32.1.0.1.el5.src.rpmfe200c30d5162290e5540cf5b6e42f3bELSA-2017-1482-1
ocfs2-2.6.18-194.32.1.0.1.el5-1.4.7-1.el5.src.rpmc7749b3e9a547b65cc82a8dd4ce0e265-
oracleasm-2.6.18-194.32.1.0.1.el5-2.0.5-1.el5.src.rpm599765f4920b32c6e37a377cd1ba2cf3-
kernel-2.6.18-194.32.1.0.1.el5.x86_64.rpmafbf49ff8a6ce1ebb5a13ff0ed49aa94ELSA-2017-1482-1
kernel-debug-2.6.18-194.32.1.0.1.el5.x86_64.rpm37354213fccb37b386dd5fe0edf1b0e3ELSA-2017-1482-1
kernel-debug-devel-2.6.18-194.32.1.0.1.el5.x86_64.rpma89d7f7a54aef938c940a64722d9985eELSA-2017-1482-1
kernel-devel-2.6.18-194.32.1.0.1.el5.x86_64.rpm037a8738b25fc8d24c2c4e5a7a5d0d59ELSA-2017-1482-1
kernel-doc-2.6.18-194.32.1.0.1.el5.noarch.rpm01d1f01c0ef4cc8a6803985ce880c5e9ELSA-2017-1482-1
kernel-headers-2.6.18-194.32.1.0.1.el5.x86_64.rpmfb91c4999eb81cba5e31975124977742ELSA-2017-1482-1
kernel-xen-2.6.18-194.32.1.0.1.el5.x86_64.rpm6976fb441f0d08ee0ac05949396e7a96ELSA-2017-1482-1
kernel-xen-devel-2.6.18-194.32.1.0.1.el5.x86_64.rpme705a0f70914084782380b4b5d461e51ELSA-2017-1482-1
ocfs2-2.6.18-194.32.1.0.1.el5-1.4.7-1.el5.x86_64.rpm0456556d3aa6ea5faee7dfeb89e090cd-
ocfs2-2.6.18-194.32.1.0.1.el5debug-1.4.7-1.el5.x86_64.rpmc89201da9c595543ea40908243c401e8-
ocfs2-2.6.18-194.32.1.0.1.el5xen-1.4.7-1.el5.x86_64.rpmd5fd4dc4354a47c8dd7a4c0777a54bfd-
oracleasm-2.6.18-194.32.1.0.1.el5-2.0.5-1.el5.x86_64.rpmdb41b81251394fdde8c4f6d7ce3cf19b-
oracleasm-2.6.18-194.32.1.0.1.el5debug-2.0.5-1.el5.x86_64.rpma72a1182a827e17866caaa2e2e7a9107-
oracleasm-2.6.18-194.32.1.0.1.el5xen-2.0.5-1.el5.x86_64.rpmd5426fbd839022c8851dc00a5bd5bdcd-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete