ELSA-2011-1350

ELSA-2011-1350 - kernel security, bug fix, and enhancement update

Type:SECURITY
Severity:IMPORTANT
Release Date:2011-10-05

Description



[2.6.32-131.17.1.el6]
- Revert: [net] ipv6: make fragment identifications less predictable (Jiri Pirko) [723432 723433] {CVE-2011-2699}

[2.6.32-131.16.1.el6]
- [net] br_multicast: Ensure to initialize BR_INPUT_SKB_CB(skb)->mrouters_only. (Frantisek Hrbata) [739477 738110]

[2.6.32-131.15.1.el6]
- rebuild

[2.6.32-131.14.1.el6]
- [scsi] megaraid_sas: Convert 6, 10, 12 byte CDB's for FastPath IO (Tomas Henzl) [710047 705835]
- [x86] perf, x86: Fix Intel fixed counters base initialization (Don Zickus) [719229 736284] {CVE-2011-2521}
- [net] ipv6: make fragment identifications less predictable (Jiri Pirko) [723432 723433] {CVE-2011-2699}
- [fs] Ecryptfs: Add mount option to check uid of device being mounted = expect uid (Eric Sandeen) [731175 731176] {CVE-2011-1833}
- [char] tpm: Fix uninitialized usage of data buffer (Stanislaw Gruszka) [684674 684675] {CVE-2011-1160}
- [kernel] perf: Fix software event overflow (Frantisek Hrbata) [730707 730708] {CVE-2011-2918}
- [serial] 8250_pci: ifdef for powerpc, to only add functionality to this arch (Steve Best) [732382 696695]
- [serial] 8250: Fix capabilities when changing the port type (Steve Best) [732382 696695]
- [serial] 8250_pci Add EEH support to the 8250 driver for IBM/Digi PCIe 2-port Adapter (Steve Best) [732382 696695]
- [serial] 8250_pci: Add support for the Digi/IBM PCIe 2-port Adapter (Steve Best) [732382 696695]
- [ppc] pseries/iommu: Add additional checks when changing iommu mask (Steve Best) [736065 704401]
- [ppc] pseries/iommu: Use correct return type in dupe_ddw_if_already_created (Steve Best) [736065 704401]
- [ppc] iommu: Restore iommu table pointer when restoring iommu ops (Steve Best) [736065 704401]
- [ppc] Fix kexec with dynamic dma windows (Steve Best) [736065 704401]

[2.6.32-131.13.1.el6]
- [net] af_packet: prevent information leak (Jiri Pirko) [728032 728033] {CVE-2011-2898}
- [net] gro: Only reset frag0 when skb can be pulled (Jiri Pirko) [726555 726556] {CVE-2011-2723}
- [fs] FS-Cache: Only call mark_tech_preview() when caching is actually begun (David Howells) [713463 696396]
- [fs] Fix mark_tech_preview() to not disable lock debugging (David Howells) [713463 696396]
- [fs] ext4: Rewrite ext4_page_mkwrite() to use generic helpers (Eric Sandeen) [723551 692167]
- [fs] vfs: Block mmapped writes while the fs is frozen (Eric Sandeen) [723551 692167]
- [fs] vfs: Create __block_page_mkwrite() helper passing error values back (Eric Sandeen) [723551 692167]
- [mm] avoid wrapping vm_pgoff in mremap() and stack expansion (Jerome Marchand) [716540 716541] {CVE-2011-2496}
- [pci] MSI: Restore read_msi_msg_desc(); add get_cached_msi_msg_desc() (Don Zickus) [728522 696511]
- [pci] MSI: Remove unsafe and unnecessary hardware access (Don Zickus) [728522 696511]
- [net] sock: do not change prot->obj_size (Jiri Pirko) [726626 725711]
- [virt] x86: report valid microcode update ID (Marcelo Tosatti) [727838 694747]
- [agp] fix arbitrary kernel memory writes (Jerome Marchand) [699307 699308] {CVE-2011-2022 CVE-2011-1745}
- [agp] fix OOM and buffer overflow (Jerome Marchand) [699305 699306] {CVE-2011-1746}
- [kernel] taskstats: don't allow duplicate entries in listener mode (Jerome Marchand) [715447 715448] {CVE-2011-2484}
- [netdrv] bnx2x: remove a log-spamming message (Michal Schmidt) [732379 712000]
- [scsi] ibmvscsi: Improve CRQ reset reliability (Steve Best) [727618 700165]


Related CVEs


CVE-2011-1160
CVE-2011-1745
CVE-2011-1746
CVE-2011-1833
CVE-2011-2022
CVE-2011-2484
CVE-2011-2496
CVE-2011-2521
CVE-2011-2723
CVE-2011-2898
CVE-2011-2918

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) kernel-2.6.32-131.17.1.el6.src.rpm51136e9cd7fa0997971db877a7d75ab4ELSA-2021-9212
kernel-2.6.32-131.17.1.el6.i686.rpm844e91cfd8adff8e15579268b433a262ELSA-2021-9212
kernel-debug-2.6.32-131.17.1.el6.i686.rpmb733b23bcc6f5517ad249220cea9cf1eELSA-2021-9212
kernel-debug-devel-2.6.32-131.17.1.el6.i686.rpmdd452207a151017c5ac480b3ef6aff91ELSA-2021-9212
kernel-devel-2.6.32-131.17.1.el6.i686.rpmb6f76ab9d4933871ad7f68566efae291ELSA-2021-9212
kernel-doc-2.6.32-131.17.1.el6.noarch.rpm1e52bc9d1f2e430854e141565423cc3aELSA-2021-9212
kernel-firmware-2.6.32-131.17.1.el6.noarch.rpm6789989c1691c91b97f38a903e3f3f57ELSA-2021-9212
kernel-headers-2.6.32-131.17.1.el6.i686.rpm9d3e2d861446a0b769054979d8b5a8f0ELSA-2021-9212
perf-2.6.32-131.17.1.el6.i686.rpm7e353905c3704f0059e88e266796ac69ELSA-2021-9212
Oracle Linux 6 (x86_64) kernel-2.6.32-131.17.1.el6.src.rpm51136e9cd7fa0997971db877a7d75ab4ELSA-2021-9212
kernel-2.6.32-131.17.1.el6.x86_64.rpm6b796c03214e0b92c909afac19acd883ELSA-2021-9212
kernel-debug-2.6.32-131.17.1.el6.x86_64.rpm85e0bb346362a8352b167401add329ffELSA-2021-9212
kernel-debug-devel-2.6.32-131.17.1.el6.x86_64.rpmf422d34f925b73f8f53ceebc028a8bb7ELSA-2021-9212
kernel-devel-2.6.32-131.17.1.el6.x86_64.rpmb1623dc3c321d46bba98bf3169f297d1ELSA-2021-9212
kernel-doc-2.6.32-131.17.1.el6.noarch.rpm1e52bc9d1f2e430854e141565423cc3aELSA-2021-9212
kernel-firmware-2.6.32-131.17.1.el6.noarch.rpm6789989c1691c91b97f38a903e3f3f57ELSA-2021-9212
kernel-headers-2.6.32-131.17.1.el6.x86_64.rpm642283aa695b83a1a522a02d3b705954ELSA-2021-9212
perf-2.6.32-131.17.1.el6.x86_64.rpm7785821a6831e2eeff7df0acc41919fbELSA-2021-9212



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete