ELSA-2014-1167
- ULN >
- Oracle Linux Errata repository >
- ELSA-2014-1167
ELSA-2014-1167 - kernel security and bug fix update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2014-09-09 |
Description
[2.6.32-431.29.2]
- [kernel] futex: Fix errors in nested key ref-counting (Denys Vlasenko) [1094457 1094458] {CVE-2014-0205}
- [net] vxlan: fix NULL pointer dereference (Jiri Benc) [1114549 1096351] {CVE-2014-3535}
[2.6.32-431.29.1]
- [mm] hugetlb: ensure hugepage access is denied if hugepages are not supported (Gustavo Duarte) [1118782 1086450]
- [security] keys: Increase root_maxkeys and root_maxbytes sizes (Steve Dickson) [1115542 1113607]
- [fs] lockd: Ensure that nlmclnt_block resets block->b_status after a server reboot (Steve Dickson) [1110180 959006]
- [net] filter: add vlan tag access (Jiri Benc) [1108526 1082097]
- [net] filter: add XOR operation (Jiri Benc) [1108526 1082097]
- [net] filter: add SKF_AD_RXHASH and SKF_AD_CPU (Jiri Benc) [1108526 1082097]
- [net] filter: Socket filter ancilliary data access for skb->dev->type (Jiri Benc) [1108526 1082097]
- [net] filter: Add SKF_AD_QUEUE instruction (Jiri Benc) [1108526 1082097]
- [net] filter: ingress socket filter by mark (Jiri Benc) [1108526 1082097]
- [netdrv] bonding: look for bridge IPs in arp monitoring (Veaceslav Falico) [1102794 704190]
- [s390] af_iucv: wrong mapping of sent and confirmed skbs (Hendrik Brueckner) [1112390 1102248]
- [s390] af_iucv: recvmsg problem for SOCK_STREAM sockets (Hendrik Brueckner) [1112390 1102248]
- [s390] af_iucv: fix recvmsg by replacing skb_pull() function (Hendrik Brueckner) [1112390 1102248]
- [s390] kernel: avoid page table walk on user space access (Hendrik Brueckner) [1111194 1099146]
- [s390] qeth: postpone freeing of qdio memory (Hendrik Brueckner) [1112134 1094379]
- [s390] qeth: Fix retry logic in hardsetup (Hendrik Brueckner) [1112134 1094379]
- [s390] qeth: Recognize return codes of ccw_device_set_online (Hendrik Brueckner) [1112134 1094379]
- [s390] qdio: remove API wrappers (Hendrik Brueckner) [1112134 1094379]
- [scsi] Ensure medium access timeout counter resets (David Jeffery) [1117153 1036884]
- [scsi] Fix error handling when no ULD is attached (David Jeffery) [1117153 1036884]
- [scsi] Handle disk devices which can not process medium access commands (David Jeffery) [1117153 1036884]
- [fs] nfs: Fix calls to drop_nlink() (Steve Dickson) [1099607 1093819]
- [mm] swap: do not skip lowest_bit in scan_swap_map() scan loop (Rafael Aquini) [1099728 1060886]
- [mm] swap: fix shmem swapping when more than 8 areas (Rafael Aquini) [1099728 1060886]
- [mm] swap: fix swapon size off-by-one (Rafael Aquini) [1099728 1060886]
- [md] avoid deadlock when dirty buffers during md_stop (Jes Sorensen) [1121541 994724]
- [x86] hyperv: bypass the timer_irq_works() check (Jason Wang) [1112226 1040349]
[2.6.32-431.28.1]
- [kernel] auditsc: audit_krule mask accesses need bounds checking (Denys Vlasenko) [1102704 1102705] {CVE-2014-3917}
- [net] ipv4: fix route cache rebuilds (Jiri Pirko) [1113824 1111631]
- [fs] nfsd: notify_change needs elevated write count (Mateusz Guzik) [1110177 1105057]
- [fs] nfsv4: close needs to handle NFS4ERR_ADMIN_REVOKED (Dave Wysochanski) [1096397 1082127]
- [fs] pipe: skip file_update_time on frozen fs (Eric Sandeen) [1114405 1093077]
- [fs] nfs: Fail the truncate() if the lock/open stateid is invalid (Steve Dickson) [1090613 1075123]
- [fs] nfs: Servers should only check SETATTR stateid open mode on size change (Steve Dickson) [1090613 1075123]
- [fs] nfs: Fail data server I/O if stateid represents a lost lock (Steve Dickson) [1090613 1075123]
- [fs] nfs: Fix the return value of nfs4_select_rw_stateid (Steve Dickson) [1090613 1075123]
- [fs] nfs: Use the open stateid if the delegation has the wrong mode (Steve Dickson) [1090613 1075123]
- [fs] nfs: nfs4_stateid_is_current should return 'true' for an invalid stateid (Steve Dickson) [1090613 1075123]
- [fs] nfs: fix error return in nfs4_select_rw_stateid (Steve Dickson) [1090613 1075123]
- [fs] nfs: Document the recover_lost_locks kernel parameter (Jeff Layton) [1089359 963785]
- [fs] nfs: Don't try to recover NFSv4 locks when they are lost (Jeff Layton) [1089359 963785]
- [fs] nfs: Fix handling of partially delegated locks (Jeff Layton) [1120074 959788]
- [fs] nfs: Convert the nfs4_lock_state->ls_flags to a bit field (Jeff Layton) [1120074 959788]
- [x86] Optimize switch_mm() for multi-threaded workloads (Rik van Riel) [1115821 991518]
- [netdrv] pppol2tp: fail when socket option level is not SOL_PPPOL2TP [1119461 1119462] {CVE-2014-4943}
- [kernel] utrace: force IRET path after utrace_finish_vfork() (Oleg Nesterov) [1115932 1115933] {CVE-2014-4699}
[2.6.32-431.27.1]
- [scsi] fix performance regression due to inverted blk_get_queue return (Mike Snitzer) [1117582 1098658]
- [net] openvswitch: fix use-after-free bug in netns (Flavio Leitner) [1120651 1100127]
[2.6.32-431.26.1]
- [net] gro: fix deliver of trunk packets to VLAN interfaces (Marcelo Ricardo Leitner) [1116231 1112324]
[2.6.32-431.25.1]
- [net] sctp: Fix sk_ack_backlog wrap-around problem (Daniel Borkmann) [1113969 1085932] {CVE-2014-4667}
[2.6.32-431.24.1]
- [alsa] aloop: Close races at restarting the stream (Jaroslav Kysela) [1112492 1078592]
- [alsa] aloop: Export snd_pcm_constraint_mask64() (Jaroslav Kysela) [1112492 1078592]
- [alsa] pcm: Warn when buffer preallocation fails (Jaroslav Kysela) [1112492 1078592]
- [alsa] aloop: Add SNDRV_PCM_STATE_PAUSED case in wait_for_avail function (Jaroslav Kysela) [1112492 1078592]
- [alsa] jack: Unregister input device at disconnection (Jaroslav Kysela) [1112492 1078592]
- [alsa] aloop: Optimize module name check (Jaroslav Kysela) [1112492 1078592]
- [alsa] pcm: Add fallthru comments (Jaroslav Kysela) [1112492 1078592]
- [alsa] aloop: Fix Oops while PM resume (Jaroslav Kysela) [1112492 1078592]
- [alsa] aloop: add locking to timer access (Jaroslav Kysela) [1112492 1078592]
Related CVEs
| CVE-2014-4667 |
| CVE-2014-3917 |
| CVE-2014-0205 |
| CVE-2014-3535 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 6 (i386) | kernel-2.6.32-431.29.2.el6.src.rpm | badde0c495769cb719768d17f7ad94e9 | ELSA-2021-9212 |
| kernel-2.6.32-431.29.2.el6.i686.rpm | b46d6fc47a36e37b4cef0f797a7d49f9 | ELSA-2021-9212 | |
| kernel-abi-whitelists-2.6.32-431.29.2.el6.noarch.rpm | 8dbd4fed6de95767072ee0846706791e | ELSA-2021-9212 | |
| kernel-debug-2.6.32-431.29.2.el6.i686.rpm | 907a2011b54dfeb1c372a2820bbd00f0 | ELSA-2021-9212 | |
| kernel-debug-devel-2.6.32-431.29.2.el6.i686.rpm | 232bf335dea1f333df4bc48b05cbd379 | ELSA-2021-9212 | |
| kernel-devel-2.6.32-431.29.2.el6.i686.rpm | 540c97dfc9b779866ca9fe8ba20a9664 | ELSA-2021-9212 | |
| kernel-doc-2.6.32-431.29.2.el6.noarch.rpm | 7721e03e66ac071d1a757eab0233294f | ELSA-2021-9212 | |
| kernel-firmware-2.6.32-431.29.2.el6.noarch.rpm | 28c0f63d166ea488914870e9517cb72d | ELSA-2021-9212 | |
| kernel-headers-2.6.32-431.29.2.el6.i686.rpm | 4f8cb73b39100bc314bff7d5cabf3f9e | ELSA-2021-9212 | |
| perf-2.6.32-431.29.2.el6.i686.rpm | a3eda5863254f03039e2d2bf1fbd55c0 | ELSA-2021-9212 | |
| python-perf-2.6.32-431.29.2.el6.i686.rpm | c3ca199bbecbfd4a44b5d6b4d8e34ee9 | ELSA-2021-9212 | |
| Oracle Linux 6 (x86_64) | kernel-2.6.32-431.29.2.el6.src.rpm | badde0c495769cb719768d17f7ad94e9 | ELSA-2021-9212 |
| kernel-2.6.32-431.29.2.el6.x86_64.rpm | 58c52eaaeb7920b4d40404add66387ab | ELSA-2021-9212 | |
| kernel-abi-whitelists-2.6.32-431.29.2.el6.noarch.rpm | 8dbd4fed6de95767072ee0846706791e | ELSA-2021-9212 | |
| kernel-debug-2.6.32-431.29.2.el6.x86_64.rpm | e4163fcf936965e46ece6ce1823e9a12 | ELSA-2021-9212 | |
| kernel-debug-devel-2.6.32-431.29.2.el6.x86_64.rpm | 55315619642dcaa1f213f48dbab3eba9 | ELSA-2021-9212 | |
| kernel-devel-2.6.32-431.29.2.el6.x86_64.rpm | 72abd6f8c48f7bfcdbd07f4f6beb8d46 | ELSA-2021-9212 | |
| kernel-doc-2.6.32-431.29.2.el6.noarch.rpm | 7721e03e66ac071d1a757eab0233294f | ELSA-2021-9212 | |
| kernel-firmware-2.6.32-431.29.2.el6.noarch.rpm | 28c0f63d166ea488914870e9517cb72d | ELSA-2021-9212 | |
| kernel-headers-2.6.32-431.29.2.el6.x86_64.rpm | 2d6fe767c61b6ad205315b86fbf61502 | ELSA-2021-9212 | |
| perf-2.6.32-431.29.2.el6.x86_64.rpm | c5bafe8b983ad1f34c247bbd1b572bab | ELSA-2021-9212 | |
| python-perf-2.6.32-431.29.2.el6.x86_64.rpm | 82fb46ee1783cafbb3987d95ab96e1d1 | ELSA-2021-9212 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
