ELSA-2012-0007

ELSA-2012-0007 - kernel security, bug fix, and enhancement update

Type:SECURITY
Severity:IMPORTANT
Release Date:2012-01-11

Description



[2.6.18-274.17.1.0.1.el5]
- fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan)
- [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan)
- [scsi] add additional scsi medium error handling (John Sobecki) [orabug 12904887]
- [x86] Fix lvt0 reset when hvm boot up with noapic param
- [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason)
[orabug 12342275]
- [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346]
- [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566]
- bonding: reread information about speed and duplex when interface goes up (John Haxby) [orabug 11890822]
- [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646]
- [scsi] fix scsi hotplug and rescan race [orabug 10260172]
- fix filp_close() race (Joe Jin) [orabug 10335998]
- make xenkbd.abs_pointer=1 by default [orabug 67188919]
- [xen] check to see if hypervisor supports memory reservation change
(Chuck Anderson) [orabug 7556514]
- [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki)
[orabug 10315433]
- [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258]
- [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839]
- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]
- [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105]
RDS: Fix BUG_ONs to not fire when in a tasklet
ipoib: Fix lockup of the tx queue
RDS: Do not call set_page_dirty() with irqs off (Sherman Pun)
RDS: Properly unmap when getting a remote access error (Tina Yang)
RDS: Fix locking in rds_send_drop_to()
- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)
[orabug 9107465]
- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)
[orabug 9764220]
- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]
- fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro,
Guru Anbalagane) [orabug 6124033]
- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]
- [ib] fix memory corruption (Andy Grover) [orabug 9972346]
- [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782]
- [loop] Do not call loop_unplug for not configured loop device (orabug 10314497)

[2.6.18-274.17.1.el5]
- Revert: [block] add and use scsi_blk_cmd_ioctl (Paolo Bonzini) [752385 752386] {CVE-2011-4127}
- Revert: [block] fail SCSI passthrough ioctls on partition devices (Paolo Bonzini) [752385 752386] {CVE-2011-4127}
- Revert: [dm] do not forward ioctls from logical volumes to the underlying device (Paolo Bonzini) [752385 752386] {CVE-2011-4127}
- Revert: [scsi] fix 32-on-64 block device ioctls (Paolo Bonzini) [752385 752386] {CVE-2011-4127}

[2.6.18-274.16.1.el5]
- [scsi] fix 32-on-64 block device ioctls (Paolo Bonzini) [752385 752386] {CVE-2011-4127}

[2.6.18-274.15.1.el5]
- [net] e1000e: Avoid wrong check on TX hang (Dean Nelson) [766485 746272]
- [fs] xfs: Fix memory corruption in xfs_readlink (Carlos Maiolino) [749159 749160] {CVE-2011-4077}
- [pci] intel-iommu: Default to non-coherent for unattached domains (Don Dutile) [766803 753924]
- [fs] nfs: remove BUG() from encode_share_access() (Jeff Layton) [755442 754901] {CVE-2011-4324}
- [misc] irq: Check for spurious IRQ only on disabled IRQs (Prarit Bhargava) [759387 756412]
- [fs] hfs: add sanity check for file name length (Eric Sandeen) [755432 755433] {CVE-2011-4330}
- [fs] proc: Fix select on /proc files without ->poll (David Howells) [755483 751214]
- [fs] nfs: Ensure we mark inode as dirty if early exit from commit (Jeff Layton) [755482 714020]
- [x86] apic: ack all pending irqs when crashed/on kexec (hiro muneda) [750460 742079]
- [virt] kvm: fix regression w/ 32 bit KVM clock (Rik van Riel) [747875 753789 751742 731599]
- [virt] kvm: fix lost tick accounting for 32 bit kvm-clock (Rik van Riel) [747875 731599]
- [fs] jbd/jbd2: validate sb->s_first in journal_get_superblock (Eryu Guan) [753343 706810] {CVE-2011-4132}
- [net] igb: enable link power down (Stefan Assmann) [752735 742514]
- [fs] proc: fix oops on invalid /proc//maps access (Johannes Weiner) [747851 747699] {CVE-2011-3637}
- [block] cciss: bump driver version (Tomas Henzl) [758024 714129]
- [block] cciss: need to delay after a PCI Power Management reset (Tomas Henzl) [758024 714129]
- [block] cciss: auto engage scsi susbsystem (Tomas Henzl) [758024 714129]
- [block] cciss: store pdev in hba struct (Tomas Henzl) [758024 714129]
- [block] cciss: use consistent variable names (Tomas Henzl) [758024 714129]
- [block] cciss: add a commandline switch for simple mode (Tomas Henzl) [758024 714129]
- [fs] proc: close race with exec in mem_read() (Johannes Weiner) [692041 692042] {CVE-2011-1020}
- [mm] implement access_remote_vm (Johannes Weiner) [692041 692042] {CVE-2011-1020}
- [mm] factor out main logic of access_process_vm (Johannes Weiner) [692041 692042] {CVE-2011-1020}
- [mm] use mm_struct to resolve gate vma's in __get_user_pages (Johannes Weiner) [692041 692042] {CVE-2011-1020}
- [mm] make in_gate_area take mm_struct instead of a task_struct (Johannes Weiner) [692041 692042] {CVE-2011-1020}
- [mm] make get_gate_vma take mm_struct instead of task_struct (Johannes Weiner) [692041 692042] {CVE-2011-1020}
- [x86_64] mark assoc mm when running task in 32 bit compat mode (Johannes Weiner) [692041 692042] {CVE-2011-1020}
- [misc] sched: add ctx tag to mm running task in ia32 compat mode (Johannes Weiner) [692041 692042] {CVE-2011-1020}
- [fs] proc: require the target to be tracable (or yourself) (Johannes Weiner) [692041 692042] {CVE-2011-1020}
- [fs] proc: close race in /proc/*/environ (Johannes Weiner) [692041 692042] {CVE-2011-1020}
- [fs] proc: report errors in /proc/*/*map* sanely (Johannes Weiner) [692041 692042] {CVE-2011-1020}
- [fs] proc: shift down_read(mmap_sem) to the caller (Johannes Weiner) [692041 692042] {CVE-2011-1020}
- [fs] detect exec transition phase with new mm but old creds (Johannes Weiner) [692041 692042] {CVE-2011-1020}
- [net] igb: fix i350 SR-IOV failture (Stefan Assmann) [741877 714313]
- [dm] do not forward ioctls from logical volumes to the underlying device (Paolo Bonzini) [752385 752386] {CVE-2011-4127}
- [block] fail SCSI passthrough ioctls on partition devices (Paolo Bonzini) [752385 752386] {CVE-2011-4127}
- [block] add and use scsi_blk_cmd_ioctl (Paolo Bonzini) [752385 752386] {CVE-2011-4127}
- [fs] nfs: Fix an O_DIRECT Oops (Jeff Layton) [755457 754620] {CVE-2011-4325}
- [net] sctp: Fix another race during accept/peeloff (Thomas Graf) [757146 714870] {CVE-2011-4348}
- [scsi] isci: fix 32-bit operation when CONFIG_HIGHMEM64G=n (Phillip Lougher) [750458 713904]
- [net] tg3: Only allow phy ioctls while netif_running (Phillip Lougher) [746343 683393]

[2.6.18-274.14.1.el5]
- [input] evdev: Fix spin lock context in evdev_pass_event() (Don Zickus) [744147 734900]
- [fs] dcache: Fix dentry loop detection deadlock (David Howells) [754129 717959]
- [input] evdev: disable interrupts when processing events (Don Zickus) [744147 734900]

[2.6.18-274.13.1.el5]
- [fs] dcache: Log ELOOP rather than creating a loop (David Howells) [754129 717959]
- [fs] dcache: Fix loop checks in d_materialise_unique (David Howells) [754129 717959]


Related CVEs


CVE-2011-1020
CVE-2011-3637
CVE-2011-4077
CVE-2011-4132
CVE-2011-4324
CVE-2011-4325
CVE-2011-4330
CVE-2011-4348

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 5 (i386) kernel-2.6.18-274.17.1.0.1.el5.src.rpm195407b67581b46884a8d14a4467baf3ELSA-2019-4732
ocfs2-2.6.18-274.17.1.0.1.el5-1.4.9-1.el5.src.rpme20bca4a8ef23521f041a48f70eba779-
oracleasm-2.6.18-274.17.1.0.1.el5-2.0.5-1.el5.src.rpmf25c9bfd6c7ce1d3c6247974735e59c9-
kernel-2.6.18-274.17.1.0.1.el5.i686.rpm7842a307ad15612aa107b62c16ad4613ELSA-2019-4732
kernel-PAE-2.6.18-274.17.1.0.1.el5.i686.rpm1e35617de0d9e4dfc274a92d8951ff3dELSA-2019-4732
kernel-PAE-devel-2.6.18-274.17.1.0.1.el5.i686.rpm3fcb9fc92c2623076630c48f531382a8ELSA-2019-4732
kernel-debug-2.6.18-274.17.1.0.1.el5.i686.rpm2ebc9733e7b0b07f83e18bbb3db38dcfELSA-2019-4732
kernel-debug-devel-2.6.18-274.17.1.0.1.el5.i686.rpma4ee7c74f34946d20990c2f19b6a536eELSA-2019-4732
kernel-devel-2.6.18-274.17.1.0.1.el5.i686.rpm3baf8460df2dbb7c2d7c6b1c93cac6a4ELSA-2019-4732
kernel-doc-2.6.18-274.17.1.0.1.el5.noarch.rpm08c0ecfe1bbee62eda666c2d5b700c4eELSA-2019-4732
kernel-headers-2.6.18-274.17.1.0.1.el5.i386.rpm785c091163b0ae2bfb33d58dad6a4f98ELSA-2019-4732
kernel-xen-2.6.18-274.17.1.0.1.el5.i686.rpm4b84a691bacb007ad36dae8d80e2fa67ELSA-2019-4732
kernel-xen-devel-2.6.18-274.17.1.0.1.el5.i686.rpmc3e26384010d665a248a601a9926528bELSA-2019-4732
ocfs2-2.6.18-274.17.1.0.1.el5-1.4.9-1.el5.i686.rpmb0e813ff8a34b63cc271ca025632939b-
ocfs2-2.6.18-274.17.1.0.1.el5PAE-1.4.9-1.el5.i686.rpme9f5b9ab295ff9342749dd71e39aa392-
ocfs2-2.6.18-274.17.1.0.1.el5debug-1.4.9-1.el5.i686.rpmd449bc5af6f3aa1a09f291e18e0344be-
ocfs2-2.6.18-274.17.1.0.1.el5xen-1.4.9-1.el5.i686.rpm9a1538937bb414e3db032bb494436cc9-
oracleasm-2.6.18-274.17.1.0.1.el5-2.0.5-1.el5.i686.rpm3c2cabd519bb0e976b08ea16a45ef211-
oracleasm-2.6.18-274.17.1.0.1.el5PAE-2.0.5-1.el5.i686.rpm1eb9f0049a1ff0d97af23ff4ee0ff3a7-
oracleasm-2.6.18-274.17.1.0.1.el5debug-2.0.5-1.el5.i686.rpm04f087ed8fab2b42cc10d88a37162d81-
oracleasm-2.6.18-274.17.1.0.1.el5xen-2.0.5-1.el5.i686.rpm4c1c8139fc7780d2a43d9e88c3db40b9-
Oracle Linux 5 (ia64) kernel-2.6.18-274.17.1.0.1.el5.src.rpm195407b67581b46884a8d14a4467baf3ELSA-2019-4732
ocfs2-2.6.18-274.17.1.0.1.el5-1.4.9-1.el5.src.rpme20bca4a8ef23521f041a48f70eba779-
oracleasm-2.6.18-274.17.1.0.1.el5-2.0.5-1.el5.src.rpmf25c9bfd6c7ce1d3c6247974735e59c9-
kernel-2.6.18-274.17.1.0.1.el5.ia64.rpm426a642d07e42f451db1bcbc87926766ELSA-2019-4732
kernel-debug-2.6.18-274.17.1.0.1.el5.ia64.rpm227cfdfde929e35741d658909c11229bELSA-2019-4732
kernel-debug-devel-2.6.18-274.17.1.0.1.el5.ia64.rpm2d61b621e1b9a44ff264bbce9281439eELSA-2019-4732
kernel-devel-2.6.18-274.17.1.0.1.el5.ia64.rpm8962fb72d356b152a14ebf569abfa76eELSA-2019-4732
kernel-doc-2.6.18-274.17.1.0.1.el5.noarch.rpm08c0ecfe1bbee62eda666c2d5b700c4eELSA-2019-4732
kernel-headers-2.6.18-274.17.1.0.1.el5.ia64.rpmfc338fc1a14187707f8f3f45d1fb6ff2ELSA-2019-4732
kernel-xen-2.6.18-274.17.1.0.1.el5.ia64.rpmd7306ba98001e11715b00bb01f4b84e0ELSA-2019-4732
kernel-xen-devel-2.6.18-274.17.1.0.1.el5.ia64.rpm02039e7fcea0695835f78acf9353634aELSA-2019-4732
ocfs2-2.6.18-274.17.1.0.1.el5-1.4.9-1.el5.ia64.rpm33bcbcff87082ed406c65170f82dd9bd-
ocfs2-2.6.18-274.17.1.0.1.el5debug-1.4.9-1.el5.ia64.rpmc772110adffabc612c068d0525a8f97f-
ocfs2-2.6.18-274.17.1.0.1.el5xen-1.4.9-1.el5.ia64.rpm979ae63688f50a32a7e61dbf5fab3eec-
oracleasm-2.6.18-274.17.1.0.1.el5-2.0.5-1.el5.ia64.rpm50a3ab537dd46651e9a9aba3bafb6340-
oracleasm-2.6.18-274.17.1.0.1.el5debug-2.0.5-1.el5.ia64.rpme18a0ec4b1c24eb41e14ddd58f405504-
oracleasm-2.6.18-274.17.1.0.1.el5xen-2.0.5-1.el5.ia64.rpm432083fecb294435da90137b92d61009-
Oracle Linux 5 (x86_64) kernel-2.6.18-274.17.1.0.1.el5.src.rpm195407b67581b46884a8d14a4467baf3ELSA-2019-4732
ocfs2-2.6.18-274.17.1.0.1.el5-1.4.9-1.el5.src.rpme20bca4a8ef23521f041a48f70eba779-
oracleasm-2.6.18-274.17.1.0.1.el5-2.0.5-1.el5.src.rpmf25c9bfd6c7ce1d3c6247974735e59c9-
kernel-2.6.18-274.17.1.0.1.el5.x86_64.rpmab4232dff76bf46923bbbabc626ca3dcELSA-2019-4732
kernel-debug-2.6.18-274.17.1.0.1.el5.x86_64.rpm90042e3f28ac1b2112af30214789cbc8ELSA-2019-4732
kernel-debug-devel-2.6.18-274.17.1.0.1.el5.x86_64.rpm5d00b84dfea80078a8f43573a7c1728bELSA-2019-4732
kernel-devel-2.6.18-274.17.1.0.1.el5.x86_64.rpm00cecfb1dcdc8f52cebf6bdc776f1c31ELSA-2019-4732
kernel-doc-2.6.18-274.17.1.0.1.el5.noarch.rpm08c0ecfe1bbee62eda666c2d5b700c4eELSA-2019-4732
kernel-headers-2.6.18-274.17.1.0.1.el5.x86_64.rpm3fc4a0a4559b02ba504bcab604dd6a2cELSA-2019-4732
kernel-xen-2.6.18-274.17.1.0.1.el5.x86_64.rpm442455edfa377e37dd38e1ee925cb06cELSA-2019-4732
kernel-xen-devel-2.6.18-274.17.1.0.1.el5.x86_64.rpmc95498f7ee6fa1f9705a666a04b92bc1ELSA-2019-4732
ocfs2-2.6.18-274.17.1.0.1.el5-1.4.9-1.el5.x86_64.rpm4559eff0ab1117ab8b02cf035675bc31-
ocfs2-2.6.18-274.17.1.0.1.el5debug-1.4.9-1.el5.x86_64.rpm4d199cb8db61fcccd140c70d65568ed3-
ocfs2-2.6.18-274.17.1.0.1.el5xen-1.4.9-1.el5.x86_64.rpm5e39491f764e11d424cd62ccb76f3c70-
oracleasm-2.6.18-274.17.1.0.1.el5-2.0.5-1.el5.x86_64.rpm60eed7ef306416be28e8d0e0aeea06c5-
oracleasm-2.6.18-274.17.1.0.1.el5debug-2.0.5-1.el5.x86_64.rpma9a5170a92a1f8408d0d49037e164314-
oracleasm-2.6.18-274.17.1.0.1.el5xen-2.0.5-1.el5.x86_64.rpmc50db9eda15eb46255bf6893fbd7ef9b-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete