ELSA-2016-0185

ELSA-2016-0185 - kernel security and bug fix update

Type:SECURITY
Severity:IMPORTANT
Release Date:2016-02-16

Description


- [3.10.0-327.10.1.OL7]
- Oracle Linux certificates (Alexey Petrenko)

[3.10.0-327.10.1]
- [of] return NUMA_NO_NODE from fallback of_node_to_nid() (Thadeu Lima de Souza Cascardo) [1300614 1294398]
- [net] openvswitch: do not allocate memory from offline numa node (Thadeu Lima de Souza Cascardo) [1300614 1294398]

[3.10.0-327.9.1]
- [security] keys: Fix keyring ref leak in join_session_keyring() (David Howells) [1298931 1298036] {CVE-2016-0728}

[3.10.0-327.8.1]
- [md] dm: fix AB-BA deadlock in __dm_destroy() (Mike Snitzer) [1296566 1292481]
- [md] revert 'dm-mpath: fix stalls when handling invalid ioctls' (Mike Snitzer) [1287552 1277194]
- [cpufreq] intel_pstate: Fix limits->max_perf rounding error (Prarit Bhargava) [1296276 1279617]
- [cpufreq] intel_pstate: Fix limits->max_policy_pct rounding error (Prarit Bhargava) [1296276 1279617]
- [cpufreq] revert 'intel_pstate: fix rounding error in max_freq_pct' (Prarit Bhargava) [1296276 1279617]
- [crypto] nx: 842 - Add CRC and validation support (Gustavo Duarte) [1289451 1264905]
- [powerpc] eeh: More relaxed condition for enabled IO path (Steve Best) [1289101 1274731]
- [security] keys: Don't permit request_key() to construct a new keyring (David Howells) [1275929 1273465] {CVE-2015-7872}
- [security] keys: Fix crash when attempt to garbage collect an uninstantiated keyring (David Howells) [1275929 1273465] {CVE-2015-7872}
- [security] keys: Fix race between key destruction and finding a keyring by name (David Howells) [1275929 1273465] {CVE-2015-7872}
- [x86] paravirt: Replace the paravirt nop with a bona fide empty function (Mateusz Guzik) [1259582 1259583] {CVE-2015-5157}
- [x86] nmi: Fix a paravirt stack-clobbering bug in the NMI code (Mateusz Guzik) [1259582 1259583] {CVE-2015-5157}
- [x86] nmi: Use DF to avoid userspace RSP confusing nested NMI detection (Mateusz Guzik) [1259582 1259583] {CVE-2015-5157}
- [x86] nmi: Reorder nested NMI checks (Mateusz Guzik) [1259582 1259583] {CVE-2015-5157}
- [x86] nmi: Improve nested NMI comments (Mateusz Guzik) [1259582 1259583] {CVE-2015-5157}
- [x86] nmi: Switch stacks on userspace NMI entry (Mateusz Guzik) [1259582 1259583] {CVE-2015-5157}

[3.10.0-327.7.1]
- [scsi] scsi_sysfs: protect against double execution of __scsi_remove_device() (Vitaly Kuznetsov) [1292075 1273723]
- [powerpc] mm: Recompute hash value after a failed update (Gustavo Duarte) [1289452 1264920]
- [misc] genwqe: get rid of atomic allocations (Hendrik Brueckner) [1289450 1270244]
- [mm] use only per-device readahead limit (Eric Sandeen) [1287550 1280355]
- [net] ipv6: update ip6_rt_last_gc every time GC is run (Hannes Frederic Sowa) [1285370 1270092]
- [kernel] tick: broadcast: Prevent livelock from event handler (Prarit Bhargava) [1284043 1265283]
- [kernel] clockevents: Serialize calls to clockevents_update_freq() in the core (Prarit Bhargava) [1284043 1265283]

[3.10.0-327.6.1]
- [netdrv] bonding: propagate LRO disable to slave devices (Jarod Wilson) [1292072 1266578]

[3.10.0-327.5.1]
- [net] vsock: Fix lockdep issue (Dave Anderson) [1292372 1253971]
- [net] vsock: sock_put wasn't safe to call in interrupt context (Dave Anderson) [1292372 1253971]


Related CVEs


CVE-2015-7872
CVE-2015-5157

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) kernel-3.10.0-327.10.1.el7.src.rpm3953f0b9def9e7d2c30652410d64e94fELSA-2017-2473-1
kernel-3.10.0-327.10.1.el7.x86_64.rpm5b01e1a8c9194b1bfd2c967e08646b7eELSA-2017-2473-1
kernel-abi-whitelists-3.10.0-327.10.1.el7.noarch.rpmfded43d1865e9807b91a22b0c9a92852ELSA-2017-2473-1
kernel-debug-3.10.0-327.10.1.el7.x86_64.rpm7ee8ae93fffce1049364770a9f36efceELSA-2017-2473-1
kernel-debug-devel-3.10.0-327.10.1.el7.x86_64.rpm1db9f930845ceaf58e9dcbd345bb4336ELSA-2017-2473-1
kernel-devel-3.10.0-327.10.1.el7.x86_64.rpm07a0f4f70d23f1d5ba34a92a093209d5ELSA-2017-2473-1
kernel-doc-3.10.0-327.10.1.el7.noarch.rpme8ef43a87cfaf040f8e7eabaa4f31c22ELSA-2017-2473-1
kernel-headers-3.10.0-327.10.1.el7.x86_64.rpm582829ef539b2b0f369627f18f5e4449ELSA-2017-2473-1
kernel-tools-3.10.0-327.10.1.el7.x86_64.rpm8ec81def821ba9eccceb50f91610c390ELSA-2017-2473-1
kernel-tools-libs-3.10.0-327.10.1.el7.x86_64.rpm0e6ba7f20cfb7c925565a0bbd5974b1fELSA-2017-2473-1
kernel-tools-libs-devel-3.10.0-327.10.1.el7.x86_64.rpmaaf12928b114bafe9feac2ac5a1d4131ELSA-2017-2473-1
perf-3.10.0-327.10.1.el7.x86_64.rpmf11c671d435d732fc57050870596c79bELSA-2017-2473-1
python-perf-3.10.0-327.10.1.el7.x86_64.rpm3c9b53338b1d79f340c4d469843313f4ELSA-2017-2473-1



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete