ELSA-2017-3315

ELSA-2017-3315 - kernel security and bug fix update

Type:SECURITY
Severity:IMPORTANT
Release Date:2017-11-30

Description


- [3.10.0-693.11.1.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [bug 24817676]

[3.10.0-693.11.1]
- [powerpc] perf: Fix book3s kernel to userspace backtraces (Gustavo Duarte) [1506143 1492669]

[3.10.0-693.10.1]
- [mm] mm, hugetlb: use pte_present() instead of pmd_present() in follow_huge_pmd() (Rafael Aquini) [1505164 1472460]
- [mm] fix invalid node in alloc_migrate_target() (Rafael Aquini) [1505164 1472460]
- [mm] add !pte_present() check on existing hugetlb_entry callbacks (Rafael Aquini) [1505164 1472460]
- [fs] ceph: avoid accessing freeing inode in ceph_check_delayed_caps() (Ilya Dryomov) [1505163 1489426]
- [fs] nfsd: Fix general protection fault in release_lock_stateid() (J. Bruce Fields) [1505160 1500815]
- [fs] cifs: Reconnect expired SMB sessions (Leif Sahlberg) [1501526 1477052]
- [fs] cifs: Separate SMB2 header structure (Leif Sahlberg) [1501526 1429710]

[3.10.0-693.9.1]
- [fs] ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff() (Bill O'Donnell) [1504115 1458728]
- [fs] ext4: fix off-by-in loop termination in ext4_find_unwritten_pgoff() (Bill O'Donnell) [1501387 1469363]
- [fs] ext4: fix SEEK_HOLE (Bill O'Donnell) [1501387 1469363]
- [fs] xfs: Move handling of missing page into one place in xfs_find_get_desired_pgoff() (Bill O'Donnell) [1498736 1460446]
- [fs] xfs: Fix off-by-in in loop termination in xfs_find_get_desired_pgoff() (Bill O'Donnell) [1498736 1460446]
- [fs] xfs: Fix missed holes in SEEK_HOLE implementation (Bill O'Donnell) [1498736 1460446]
- [fs] xfs: fix off-by-one on max nr_pages in xfs_find_get_desired_pgoff() (Eryu Guan) [1502731 1458997]
- [nvme] Test unit Ready broken for nvme drvices (David Milburn) [1502733 1478457]
- [hv] vmbus: Increase the time between retries in vmbus_post_msg() (Mohammed Gamal) [1495763 1491843]
- [hv] vmbus: Fix error code returned by vmbus_post_msg() (Mohammed Gamal) [1495763 1467258]
- [netdrv] netvsc: propagate MAC address change to VF slave (Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: delay setup of VF device (Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: make sure and unregister datapath (Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: fix rtnl deadlock on unregister of vf (Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: transparent VF management (Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] hv_netvsc: Fix the carrier state error when data path is off (Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] hv_netvsc: Fix the queue index computation in forwarding case (Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: handle select_queue when device is being removed (Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: report per-channel stats in ethtool statistics (Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: account for packets/bytes transmitted after completion (Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: group all per-channel state together (Vitaly Kuznetsov) [1500321 1477784]
- [netdrv] netvsc: enhance transmit select_queue (Vitaly Kuznetsov) [1500321 1477784]

[3.10.0-693.8.1]
- [x86] kvm: x86: Fix potential preemption when get the current kvmclock timestamp (Marcelo Tosatti) [1503459 1496522]
- [x86] kvm: x86: remove irq disablement around KVM_SET_CLOCK/KVM_GET_CLOCK (Marcelo Tosatti) [1503459 1496522]

[3.10.0-693.7.1]
- [mm] page_cgroup: Fix Kernel bug during boot with memory cgroups enabled (Larry Woodman) [1491970 1483747]
- Revert: [mm] Fix Kernel bug during boot with memory cgroups enabled (Larry Woodman) [1491970 1483747]

[3.10.0-693.6.1]
- [netdrv] mlx5: Avoid using pending command interface slots (Don Dutile) [1497604 1463367]
- [x86] amd: Limit cpu_core_id fixup to families older than F17h (Suravee Suthikulpanit) [1497603 1477397]
- [x86] cpu/amd: Fix Zen SMT topology (Suravee Suthikulpanit) [1497603 1477397]
- [x86] cpu/amd: Bring back Compute Unit ID (Suravee Suthikulpanit) [1497603 1477397]
- [x86] cpu/amd: Fix Bulldozer topology (Suravee Suthikulpanit) [1497603 1477397]
- [x86] cpu/amd: Clean up cpu_llc_id assignment per topology feature (Suravee Suthikulpanit) [1497603 1477397]
- [x86] cpu: Get rid of compute_unit_id (Suravee Suthikulpanit) [1497603 1477397]
- [x86] amd: Derive L3 shared_cpu_map from cpu_llc_shared_mask (Suravee Suthikulpanit) [1497238 1477399]
- [net] ipv6: only call ip6_route_dev_notify() once for NETDEV_UNREGISTER (Matteo Croce) [1497121 1468935]
- [fs] gfs2: Fix debugfs glocks dump (Andreas Grunbacher) [1497078 1493067]
- [fs] gfs2: Replace rhashtable_walk_init with rhashtable_walk_enter (Andreas Grunbacher) [1497078 1493067]
- [fs] gfs2: Deduplicate gfs2_{glocks,glstats}_open (Andreas Grunbacher) [1497078 1493067]
- [cpufreq] intel_pstate: Fix unsafe HWP MSR access (Steve Best) [1497058 1457552]
- [s390] af_iucv: correctly copy SKB data (add missing hunk from 04d0ec) (Hendrik Brueckner) [1494354 1459782]
- [sound] alsa: timer: Use common error handling code in alsa_timer_init() (Jaroslav Kysela) [1465998 1465999] {CVE-2017-1000380}
- [sound] alsa: timer: Adjust a condition check in snd_timer_resolution() (Jaroslav Kysela) [1465998 1465999] {CVE-2017-1000380}
- [sound] alsa: timer: Follow standard EXPORT_SYMBOL() declarations (Jaroslav Kysela) [1465998 1465999] {CVE-2017-1000380}
- [sound] alsa: timer: Wrap with spinlock for queue access (Jaroslav Kysela) [1465998 1465999] {CVE-2017-1000380}
- [sound] alsa: timer: Improve user queue reallocation (Jaroslav Kysela) [1465998 1465999] {CVE-2017-1000380}
- [sound] alsa: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT (Jaroslav Kysela) [1465998 1465999] {CVE-2017-1000380}
- [sound] alsa: timer: Fix race between read and ioctl (Jaroslav Kysela) [1465998 1465999] {CVE-2017-1000380}
- [sound] alsa: timer: Info leak in snd_timer_user_tinterrupt() (Jaroslav Kysela) [1465998 1465999] {CVE-2017-1000380}
- [sound] alsa: timer: remove some dead code (Jaroslav Kysela) [1465998 1465999] {CVE-2017-1000380}
- [sound] alsa: timer: Reject user params with too small ticks (Jaroslav Kysela) [1465998 1465999] {CVE-2017-1000380}


Related CVEs


CVE-2017-1000380

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) kernel-3.10.0-693.11.1.el7.src.rpm56f32f34d63434adefb07874cd27f95f-
kernel-3.10.0-693.11.1.el7.x86_64.rpm23f8ae5820e8d4c748d98c1df1c48de4-
kernel-abi-whitelists-3.10.0-693.11.1.el7.noarch.rpmde8d3e63ab5123399634ea413d1f063e-
kernel-debug-3.10.0-693.11.1.el7.x86_64.rpm8009d32b20ebd896bca41bf224c6f55c-
kernel-debug-devel-3.10.0-693.11.1.el7.x86_64.rpm383e12c1f765be4c304316ba1c6d0bf2-
kernel-devel-3.10.0-693.11.1.el7.x86_64.rpmd99aa62feb1bb6447f36555789e125b0-
kernel-doc-3.10.0-693.11.1.el7.noarch.rpmaf54debd5a47665f92291734774fc1a5-
kernel-headers-3.10.0-693.11.1.el7.x86_64.rpmf81b7ba41735ef2017c62c2707d61ad6-
kernel-tools-3.10.0-693.11.1.el7.x86_64.rpma9bad885a282b929faa4d695fb082508-
kernel-tools-libs-3.10.0-693.11.1.el7.x86_64.rpm6cdfbf4e6417334f6853ed52f61f4baa-
kernel-tools-libs-devel-3.10.0-693.11.1.el7.x86_64.rpm7f2bc0c6028d6daccf0eb0a24c6c6002-
perf-3.10.0-693.11.1.el7.x86_64.rpmf7e0d1e2b3169985362792b6a1a0c2a4-
python-perf-3.10.0-693.11.1.el7.x86_64.rpm53ba8e260eb4af411f18144b8a95634f-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete