OVMSA-2017-0039 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2017-02-08 |
Description
[4.1.12-61.1.27]
- vfio/pci: Fix integer overflows, bitmask check (Vlad Tsyrklevich) [Orabug: 25164094] {CVE-2016-9083} {CVE-2016-9084}
- Don't feed anything but regular iovec's to blk_rq_map_user_iov (Linus Torvalds) [Orabug: 25231931] {CVE-2016-9576}
- kvm: x86: Check memopp before dereference (CVE-2016-8630) (Owen Hofmann) [Orabug: 25417387] {CVE-2016-8630}
- crypto: algif_hash - Only export and import on sockets with data (Herbert Xu) [Orabug: 25417799] {CVE-2016-8646}
- USB: usbfs: fix potential infoleak in devio (Kangjie Lu) [Orabug: 25462755] {CVE-2016-4482}
- net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462799] {CVE-2016-4485}
[4.1.12-61.1.26]
- xen-netback: fix extra_info handling in xenvif_tx_err() (Paul Durrant) [Orabug: 25445336]
- net: Documentation: Fix default value tcp_limit_output_bytes (Niklas Cassel) [Orabug: 25458076]
- tcp: double default TSQ output bytes limit (Wei Liu) [Orabug: 25458076]
- xenbus: fix deadlock on writes to /proc/xen/xenbus (David Vrabel) [Orabug: 25430143]
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3.4 (x86_64) | kernel-uek-4.1.12-61.1.27.el6uek.src.rpm | 3113470fcd3d313057e9fedaa5d74100fe4dfecb842b6ca805adb8c62d28d991 | OVMSA-2025-0001 | ovm34_x86_64_latest |
| kernel-uek-4.1.12-61.1.27.el6uek.x86_64.rpm | f531aa553522d3bd27926473e1ae219f3958348f07631925fbedfc0972704ce4 | OVMSA-2025-0001 | ovm34_x86_64_latest |
| kernel-uek-firmware-4.1.12-61.1.27.el6uek.noarch.rpm | d4e5a1a25b0dbbc1d60191ce230e6b8cbe0df45a129f19afd3768f5ddf5f7fc4 | OVMSA-2025-0001 | ovm34_x86_64_latest |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
