ELSA-2017-3657
- ULN >
- Oracle Linux Errata repository >
- ELSA-2017-3657
ELSA-2017-3657 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2017-12-07 |
Description
kernel-uek
[3.8.13-118.20.1]
- tty: Fix race in pty_write() leading to NULL deref (Todd Vierling) [Orabug: 25392692]
- ocfs2/dlm: ignore cleaning the migration mle that is inuse (xuejiufei) [Orabug: 26479780]
- KEYS: fix dereferencing NULL payload with nonzero length (Eric Biggers) [Orabug: 26592025]
- oracleasm: Copy the integrity descriptor (Martin K. Petersen) [Orabug: 26649818]
- mm: Tighten x86 /dev/mem with zeroing reads (Kees Cook) [Orabug: 26675925] {CVE-2017-7889}
- xscore: add dma address check (Zhu Yanjun) [Orabug: 27058468]
- more bio_map_user_iov() leak fixes (Al Viro) [Orabug: 27069042] {CVE-2017-12190}
- fix unbalanced page refcounting in bio_map_user_iov (Vitaly Mayatskikh) [Orabug: 27069042] {CVE-2017-12190}
- nvme: Drop nvmeq->q_lock before dma_pool_alloc(), so as to prevent hard lockups (Aruna Ramakrishna) [Orabug: 25409587]
- nvme: Handle PM1725 HIL reset (Martin K. Petersen) [Orabug: 26277600]
- char: lp: fix possible integer overflow in lp_setup() (Willy Tarreau) [Orabug: 26403940] {CVE-2017-1000363}
- ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT (Takashi Iwai) [Orabug: 26403956] {CVE-2017-1000380}
- ALSA: timer: Fix race between read and ioctl (Takashi Iwai) [Orabug: 26403956] {CVE-2017-1000380}
- ALSA: timer: fix NULL pointer dereference in read()/ioctl() race (Vegard Nossum) [Orabug: 26403956] {CVE-2017-1000380}
- ALSA: timer: Fix negative queue usage by racy accesses (Takashi Iwai) [Orabug: 26403956] {CVE-2017-1000380}
- ALSA: timer: Fix race at concurrent reads (Takashi Iwai) [Orabug: 26403956] {CVE-2017-1000380}
- ALSA: timer: Fix race among timer ioctls (Takashi Iwai) [Orabug: 26403956] {CVE-2017-1000380}
- ipv6/dccp: do not inherit ipv6_mc_list from parent (WANG Cong) [Orabug: 26404005] {CVE-2017-9077}
- ocfs2: fix deadlock issue when taking inode lock at vfs entry points (Eric Ren) [Orabug: 26427126]
- ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock (Eric Ren) [Orabug: 26427126]
- ping: implement proper locking (Eric Dumazet) [Orabug: 26540286] {CVE-2017-2671}
- aio: mark AIO pseudo-fs noexec (Jann Horn) [Orabug: 26643598] {CVE-2016-10044}
- vfs: Commit to never having exectuables on proc and sysfs. (Eric W. Biederman) [Orabug: 26643598] {CVE-2016-10044}
- vfs, writeback: replace FS_CGROUP_WRITEBACK with SB_I_CGROUPWB (Tejun Heo) [Orabug: 26643598] {CVE-2016-10044}
- x86/acpi: Prevent out of bound access caused by broken ACPI tables (Seunghun Han) [Orabug: 26643645] {CVE-2017-11473}
- sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (Eric Dumazet) [Orabug: 26650883] {CVE-2017-9075}
- [media] saa7164: fix double fetch PCIe access condition (Steven Toth) [Orabug: 26675142] {CVE-2017-8831}
- [media] saa7164: fix sparse warnings (Hans Verkuil) [Orabug: 26675142] {CVE-2017-8831}
- fs: __generic_file_splice_read retry lookup on AOP_TRUNCATED_PAGE (Abhi Das) [Orabug: 26797306]
- timerfd: Protect the might cancel mechanism proper (Thomas Gleixner) [Orabug: 26899787] {CVE-2017-10661}
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly (Xin Long) [Orabug: 26988627] {CVE-2017-14489}
- mqueue: fix a use-after-free in sys_mq_notify() (Cong Wang) [Orabug: 26643556] {CVE-2017-11176}
- ipv6: avoid overflow of offset in ip6_find_1stfragopt (Sabrina Dubroca) [Orabug: 27011273] {CVE-2017-7542}
- packet: fix tp_reserve race in packet_set_ring (Willem de Bruijn) [Orabug: 27002450] {CVE-2017-1000111}
- mlx4_core: calculate log_num_mtt based on total system memory (Wei Lin Guay) [Orabug: 26883934]
- xen/x86: Add interface for querying amount of host memory (Boris Ostrovsky) [Orabug: 26883934]
- Bluetooth: Properly check L2CAP config option output buffer length (Ben Seri) [Orabug: 26796364] {CVE-2017-1000251}
- xen: fix bio vec merging (Roger Pau Monne) [Orabug: 26645550] {CVE-2017-12134}
- fs/exec.c: account for argv/envp pointers (Kees Cook) [Orabug: 26638921] {CVE-2017-1000365} {CVE-2017-1000365}
- l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind() (Guillaume Nault) [Orabug: 26586047] {CVE-2016-10200}
- xfs: fix two memory leaks in xfs_attr_list.c error paths (Mateusz Guzik) [Orabug: 26586022] {CVE-2016-9685}
- KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings (David Howells) [Orabug: 26585994] {CVE-2016-9604}
- ipv6: fix out of bound writes in __ip6_append_data() (Eric Dumazet) [Orabug: 26578198] {CVE-2017-9242}
- posix_acl: Clear SGID bit when setting file permissions (Jan Kara) [Orabug: 25507344] {CVE-2016-7097} {CVE-2016-7097}
- nfsd: check for oversized NFSv2/v3 arguments (J. Bruce Fields) [Orabug: 26366022] {CVE-2017-7645}
Related CVEs
| CVE-2017-12190 |
| CVE-2017-7889 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 6 (x86_64) | dtrace-modules-3.8.13-118.20.1.el6uek-0.4.5-3.el6.src.rpm | 9dab3fefd06cc7ee98498c4337852f96ab738d56b68b37c8d0627124211ef903 | - | ol6_x86_64_UEKR3_latest |
| kernel-uek-3.8.13-118.20.1.el6uek.src.rpm | 4d28e1f0bd3999b4a9d5449c00b046d45b89bb83498ba89479bc5b4243a72e29 | ELSA-2025-20007 | ol6_x86_64_UEKR3_latest | |
| dtrace-modules-3.8.13-118.20.1.el6uek-0.4.5-3.el6.x86_64.rpm | 093c9fedbb44725c82e42aa9d1ae237b47d8824a3b45ba7179fa3e9348d96736 | - | ol6_x86_64_UEKR3_latest | |
| kernel-uek-3.8.13-118.20.1.el6uek.x86_64.rpm | 055444d56b9b81235b70f25473766aa7a34fdd2953e793ad4ce0b2c63078cd5f | ELSA-2025-20007 | ol6_x86_64_UEKR3_latest | |
| kernel-uek-debug-3.8.13-118.20.1.el6uek.x86_64.rpm | 459ead1195d6c3b8d0d01a7e23457d56236d4a9d0903653eb5fdcebd7bca990e | ELSA-2025-20007 | ol6_x86_64_UEKR3_latest | |
| kernel-uek-debug-devel-3.8.13-118.20.1.el6uek.x86_64.rpm | 2cbd73cdfea771e3044f0bb9398169410c75bb46ec78ddee6d470991980c1ed7 | ELSA-2025-20007 | ol6_x86_64_UEKR3_latest | |
| kernel-uek-devel-3.8.13-118.20.1.el6uek.x86_64.rpm | 126eff2419ff2413bc42915b4d4fb0449945b1e8aa2ed3472a7b6ac14ab7f637 | ELSA-2025-20007 | ol6_x86_64_UEKR3_latest | |
| kernel-uek-doc-3.8.13-118.20.1.el6uek.noarch.rpm | 2d8a1218f643065df8da709a5bbad88a0822a144b1854ef224368cb075182c0f | ELSA-2025-20007 | ol6_x86_64_UEKR3_latest | |
| kernel-uek-firmware-3.8.13-118.20.1.el6uek.noarch.rpm | 1e13a32676f1a8c18b12b23c4d29ed19b89044d356aed240c55a1d5c9ac1b986 | ELSA-2025-20007 | ol6_x86_64_UEKR3_latest | |
| Oracle Linux 7 (x86_64) | dtrace-modules-3.8.13-118.20.1.el7uek-0.4.5-3.el7.src.rpm | 2c9eee224c556bfe80cc0d46676bad48767820d0b4f232e0e9077ad037b15802 | - | ol7_x86_64_UEKR3 |
| kernel-uek-3.8.13-118.20.1.el7uek.src.rpm | cd508180335be7c1a1c3caf63da99932caf91033ba68530cf787389e7c724cc1 | ELSA-2025-20190 | ol7_x86_64_UEKR3 | |
| dtrace-modules-3.8.13-118.20.1.el7uek-0.4.5-3.el7.x86_64.rpm | f944c316257a3faa6d90014099eaf87ad96e2ed9e75633423f12ef7895548d76 | - | ol7_x86_64_UEKR3 | |
| kernel-uek-3.8.13-118.20.1.el7uek.x86_64.rpm | 3166e38e473d0d45eedd4c67aa883022697db9d1c47c87e2eb3baad1364e37ea | ELSA-2025-20190 | ol7_x86_64_UEKR3 | |
| kernel-uek-debug-3.8.13-118.20.1.el7uek.x86_64.rpm | 6e5aa6865e82f5f9695dd178999fb3f5a77ec9ab1302c912f2ead77258435d76 | ELSA-2025-20190 | ol7_x86_64_UEKR3 | |
| kernel-uek-debug-devel-3.8.13-118.20.1.el7uek.x86_64.rpm | bd9106da230d467146f48e5ce43a13ef724645c1bc94fd2cdedb7f5327098871 | ELSA-2025-20190 | ol7_x86_64_UEKR3 | |
| kernel-uek-devel-3.8.13-118.20.1.el7uek.x86_64.rpm | f769c3b41a9349e98fa6a0a275a0bc94212445d4ba5467d10298a35fa2849d28 | ELSA-2025-20190 | ol7_x86_64_UEKR3 | |
| kernel-uek-doc-3.8.13-118.20.1.el7uek.noarch.rpm | 910170c6818cae949a920eba58a91966d4cdd4a89891a292db400d198ffb00ee | ELSA-2025-20190 | ol7_x86_64_UEKR3 | |
| kernel-uek-firmware-3.8.13-118.20.1.el7uek.noarch.rpm | b31d903485fcf6619558aa9044c6acd7d36c822a9fb491d7915d4b61d5f6d033 | ELSA-2025-20007 | ol7_x86_64_UEKR3 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
