OVMSA-2016-0005

OVMSA-2016-0005 - kernel-uek security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2016-01-20

Description


[3.8.13-118.2.5]
- KEYS: Fix keyring ref leak in join_session_keyring() (Yevgeny Pats) [Orabug: 22563965] {CVE-2016-0728}

[3.8.13-118.2.4]
- KEYS: Don't permit request_key() to construct a new keyring (David Howells) [Orabug: 22373442] {CVE-2015-7872}

[3.8.13-118.2.3]
- dcache: Handle escaped paths in prepend_path (Eric W. Biederman) [Orabug: 22373283]
- vfs: Test for and handle paths that are unreachable from their mnt_root (Eric W. Biederman) [Orabug: 22249875]
- KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring (David Howells) [Orabug: 22373442] {CVE-2015-7872}
- KEYS: Fix race between key destruction and finding a keyring by name (David Howells) [Orabug: 22373442]


Related CVEs


CVE-2015-2925
CVE-2015-7872
CVE-2016-0728

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle VM 3.3 (x86_64) kernel-uek-3.8.13-118.2.5.el6uek.src.rpm322a45c33865bfb616ee9713059d2a5bOVMSA-2021-0016
kernel-uek-3.8.13-118.2.5.el6uek.x86_64.rpm72e01c73c84dc0dbc0c9ea38d7e4f5c9OVMSA-2021-0016
kernel-uek-firmware-3.8.13-118.2.5.el6uek.noarch.rpm80c030e8252a6764d5e97cfa09cb7795OVMSA-2021-0016



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete