ELSA-2015-0864

ELSA-2015-0864 - kernel security and bug fix update

Type:SECURITY
Severity:IMPORTANT
Release Date:2015-04-21

Description


[2.6.32-504.16.2]
- [infiniband] core: Prevent integer overflow in ib_umem_get address arithmetic (Doug Ledford) [1181173 1179327] {CVE-2014-8159}

[2.6.32-504.16.1]
- [fs] gfs2: Move gfs2_file_splice_write outside of #ifdef (Robert S Peterson) [1198329 1193559]
- [security] keys: close race between key lookup and freeing (Radomir Vrbovsky) [1179849 1179850] {CVE-2014-9529}
- [net] sctp: fix slab corruption from use after free on INIT collisions (Daniel Borkmann) [1196587 1135425] {CVE-2015-1421}
- [fs] gfs2: Allocate reservation during splice_write (Robert S Peterson) [1198329 1193559]
- [fs] nfs: Be less aggressive about returning delegations for open files (Steve Dickson) [1196314 1145334]
- [fs] nfs: Avoid PUTROOTFH when managing leases (Benjamin Coddington) [1196313 1143013]
- [crypto] testmgr: mark rfc4106(gcm(aes)) as fips_allowed (Jarod Wilson) [1194983 1185395]
- [crypto] Extending the RFC4106 AES-GCM test vectors (Jarod Wilson) [1194983 1185395]
- [char] raw: Return short read or 0 at end of a raw device, not EIO (Jeff Moyer) [1195747 1142314]
- [scsi] hpsa: Use local workqueues instead of system workqueues - part1 (Tomas Henzl) [1193639 1134115]
- [x86] kvm: vmx: invalid host cr4 handling across vm entries (Jacob Tanenbaum) [1153326 1153327] {CVE-2014-3690}
- [fs] isofs: Fix unchecked printing of ER records (Radomir Vrbovsky) [1180481 1180492] {CVE-2014-9584}
- [fs] bio: fix argument of __bio_add_page() for max_sectors > 0xffff (Fam Zheng) [1198428 1166763]
- [media] ttusb-dec: buffer overflow in ioctl (Alexander Gordeev) [1170971 1167115] {CVE-2014-8884}
- [kernel] trace: insufficient syscall number validation in perf and ftrace subsystems (Jacob Tanenbaum) [1161567 1161568] {CVE-2014-7826 CVE-2014-7825}
- [fs] nfs: Fix a delegation callback race (Dave Wysochanski) [1187639 1149831]
- [fs] nfs: Don't use the delegation->inode in nfs_mark_return_delegation() (Dave Wysochanski) [1187639 1149831]
- [infiniband] ipoib: don't queue a work struct up twice (Doug Ledford) [1187664 1187666 1184072 1159925]
- [infiniband] ipoib: make sure we reap all our ah on shutdown (Doug Ledford) [1187664 1187666 1184072 1159925]
- [infiniband] ipoib: cleanup a couple debug messages (Doug Ledford) [1187664 1187666 1184072 1159925]
- [infiniband] ipoib: flush the ipoib_workqueue on unregister (Doug Ledford) [1187664 1187666 1184072 1159925]
- [infiniband] ipoib: fix ipoib_mcast_restart_task (Doug Ledford) [1187664 1187666 1184072 1159925]
- [infiniband] ipoib: fix race between mcast_dev_flush and mcast_join (Doug Ledford) [1187664 1187666 1184072 1159925]
- [infiniband] ipoib: remove unneeded locks (Doug Ledford) [1187664 1187666 1184072 1159925]
- [infiniband] ipoib: don't restart our thread on ENETRESET (Doug Ledford) [1187664 1187666 1184072 1159925]
- [infiniband] ipoib: Handle -ENETRESET properly in our callback (Doug Ledford) [1187664 1187666 1184072 1159925]
- [infiniband] ipoib: make delayed tasks not hold up everything (Doug Ledford) [1187664 1187666 1184072 1159925]
- [infiniband] ipoib: Add a helper to restart the multicast task (Doug Ledford) [1187664 1187666 1184072 1159925]
- [infiniband] ipoib: fix IPOIB_MCAST_RUN flag usage (Doug Ledford) [1187664 1187666 1184072 1159925]
- [infiniband] ipoib: Remove unnecessary port query (Doug Ledford) [1187664 1187666 1184072 1159925]
- [x86] kvm: Avoid pagefault in kvm_lapic_sync_to_vapic (Paolo Bonzini) [1192055 1116398]
- [s390] kernel: fix cpu target address of directed yield (Hendrik Brueckner) [1188339 1180061]
- [mm] memcg: do not allow task about to OOM kill to bypass the limit (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}
- [mm] memcg: do not declare OOM from __GFP_NOFAIL allocations (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}
- [fs] buffer: move allocation failure loop into the allocator (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}
- [mm] memcg: handle non-error OOM situations more gracefully (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}
- [mm] memcg: do not trap chargers with full callstack on OOM (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}
- [mm] memcg: rework and document OOM waiting and wakeup (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}
- [mm] memcg: enable memcg OOM killer only for user faults (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}
- [x86] mm: finish user fault error path with fatal signal (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}
- [mm] pass userspace fault flag to generic fault handler (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}
- [s390] mm: do not invoke OOM killer on kernel fault OOM (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}
- [powerpc] mm: remove obsolete init OOM protection (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}
- [powerpc] mm: invoke oom-killer from remaining unconverted page fault handlers (Johannes Weiner) [1198110 1088334] {CVE-2014-8171}
- [security] selinux: Permit bounded transitions under NO_NEW_PRIVS or NOSUID (Denys Vlasenko) [1104567 1104568] {CVE-2014-3215}
- [security] Add PR__NO_NEW_PRIVS to prevent execve from granting privs (Denys Vlasenko) [1104567 1104568] {CVE-2014-3215}

[2.6.32-504.15.1]
- [netdrv] ixgbe: remove CIAA/D register reads from bad VF check (John Greene) [1196312 1156061]
- [pci] Make FLR and AF FLR reset warning messages different (Myron Stowe) [1192365 1184540]
- [pci] Fix unaligned access in AF transaction pending test (Myron Stowe) [1192365 1184540]
- [pci] Merge multi-line quoted strings (Myron Stowe) [1192365 1184540]
- [pci] Wrong register used to check pending traffic (Myron Stowe) [1192365 1184540]
- [pci] Add pci_wait_for_pending() -- refactor pci_wait_for_pending_transaction() (Myron Stowe) [1192365 1184540]
- [pci] Use pci_wait_for_pending_transaction() instead of for loop (Myron Stowe) [1192365 1184540]
- [pci] Add pci_wait_for_pending_transaction() (Myron Stowe) [1192365 1184540]
- [pci] Wait for pending transactions to complete before 82599 FLR (Myron Stowe) [1192365 1184540]
- [scsi] storvsc: fix a bug in storvsc limits (Vitaly Kuznetsov) [1196532 1174168]

[2.6.32-504.14.1]
- [s390] crypto: kernel oops at insmod of the z90crypt device driver (Hendrik Brueckner) [1191916 1172137]
- [sound] alsa: usb-audio: Fix crash at re-preparing the PCM stream (Jerry Snitselaar) [1192105 1167059]
- [usb] ehci: bugfix: urb->hcpriv should not be NULL (Jerry Snitselaar) [1192105 1167059]
- [mm] mmap: uncached vma support with writenotify (Jerry Snitselaar) [1192105 1167059]
- [kernel] futex: Mention key referencing differences between shared and private futexes (Larry Woodman) [1192107 1167405]
- [kernel] futex: Ensure get_futex_key_refs() always implies a barrier (Larry Woodman) [1192107 1167405]

[2.6.32-504.13.1]
- [netdrv] enic: fix rx skb checksum (Stefan Assmann) [1189068 1115505]
- [scsi] Revert 'fix our current target reap infrastructure' (David Milburn) [1188941 1168072]
- [scsi] Revert 'dual scan thread bug fix' (David Milburn) [1188941 1168072]
- [net] tcp: do not copy headers in tcp_collapse() (Alexander Duyck) [1188838 1156289]
- [net] tcp: use tcp_flags in tcp_data_queue() (Alexander Duyck) [1188838 1156289]
- [net] tcp: use TCP_SKB_CB(skb)->tcp_flags in input path (Alexander Duyck) [1188838 1156289]
- [net] tcp: remove unused tcp_fin() parameters (Alexander Duyck) [1188838 1156289]
- [net] tcp: rename tcp_skb_cb flags (Alexander Duyck) [1188838 1156289]
- [net] tcp: unify tcp flag macros (Alexander Duyck) [1188838 1156289]
- [net] tcp: unalias tcp_skb_cb flags and ip_dsfield (Alexander Duyck) [1188838 1156289]


Related CVEs


CVE-2015-1421
CVE-2014-3215
CVE-2014-8171
CVE-2014-9529
CVE-2014-9584
CVE-2014-3690
CVE-2014-7825
CVE-2014-7826
CVE-2014-8884

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) kernel-2.6.32-504.16.2.el6.src.rpmb9ef0d956660bb338f4d16795b4bf649ELSA-2017-1723
kernel-2.6.32-504.16.2.el6.i686.rpm69ef316fcdb47aad5d084b8087c2f57aELSA-2017-1723
kernel-abi-whitelists-2.6.32-504.16.2.el6.noarch.rpm6fd2943eef7bd187d5189109e4af4922ELSA-2017-1723
kernel-debug-2.6.32-504.16.2.el6.i686.rpmc0ef0985ac77bdb74d37ce8b667eb780ELSA-2017-1723
kernel-debug-devel-2.6.32-504.16.2.el6.i686.rpm6ead803d166e8b017a9e9a997782b985ELSA-2017-1723
kernel-devel-2.6.32-504.16.2.el6.i686.rpmc0323d6cb6bc21d5224eb5d352b360a8ELSA-2017-1723
kernel-doc-2.6.32-504.16.2.el6.noarch.rpm3229d207b7afb62f6480380d0b84b98bELSA-2017-1723
kernel-firmware-2.6.32-504.16.2.el6.noarch.rpm8050694bf964828cf213fc7bab8b2f65ELSA-2017-1723
kernel-headers-2.6.32-504.16.2.el6.i686.rpma69e622aa0ea85ad06200bb5fd26db24ELSA-2017-1723
perf-2.6.32-504.16.2.el6.i686.rpm6db040cc90157a9887bed070d218c958ELSA-2017-1723
python-perf-2.6.32-504.16.2.el6.i686.rpm8c37c1fb16d301637630a93728f2a892ELSA-2017-1723
Oracle Linux 6 (x86_64) kernel-2.6.32-504.16.2.el6.src.rpmb9ef0d956660bb338f4d16795b4bf649ELSA-2017-1723
kernel-2.6.32-504.16.2.el6.x86_64.rpma3377cdf9eb288fb8390a5bba473720fELSA-2017-1723
kernel-abi-whitelists-2.6.32-504.16.2.el6.noarch.rpm6fd2943eef7bd187d5189109e4af4922ELSA-2017-1723
kernel-debug-2.6.32-504.16.2.el6.x86_64.rpme91651b2937af4419890a5f0981cb23bELSA-2017-1723
kernel-debug-devel-2.6.32-504.16.2.el6.x86_64.rpm3e192b7fe093d8232fe01befe0123129ELSA-2017-1723
kernel-devel-2.6.32-504.16.2.el6.x86_64.rpmf4211af38879a0fb6563fbb6930d54a8ELSA-2017-1723
kernel-doc-2.6.32-504.16.2.el6.noarch.rpm3229d207b7afb62f6480380d0b84b98bELSA-2017-1723
kernel-firmware-2.6.32-504.16.2.el6.noarch.rpm8050694bf964828cf213fc7bab8b2f65ELSA-2017-1723
kernel-headers-2.6.32-504.16.2.el6.x86_64.rpm928c4d6a5eff1fbdbfd976682b1aa909ELSA-2017-1723
perf-2.6.32-504.16.2.el6.x86_64.rpm340cb4ddd731e2970ee57bb3991ef823ELSA-2017-1723
python-perf-2.6.32-504.16.2.el6.x86_64.rpm2017c3ba4cc958236472cd8831ab8a82ELSA-2017-1723



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete