OVMSA-2017-0161

OVMSA-2017-0161 - Unbreakable Enterprise kernel security update

Type:SECURITY
Severity:MODERATE
Release Date:2017-10-17

Description


[4.1.12-103.7.3]
- brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx() (Tim Tianyang Chen) [Orabug: 26943541] {CVE-2017-7541}

[4.1.12-103.7.2]
- rebuild bumping release

[4.1.12-103.7.1]
- mm: thp: set THP defrag by default to madvise and add a stall-free defrag option (Mel Gorman) [Orabug: 26614414]
- rds: Fix incorrect statistics counting (Hakon Bugge) [Orabug: 26847814]
- rds: Fix non-atomic operation on shared flag variable (Hakon Bugge) [Orabug: 26846933]
- Documentation: add watermark_scale_factor to the list of vm systcl file (Jerome Marchand) [Orabug: 26832827]
- mm: scale kswapd watermarks in proportion to memory (Johannes Weiner) [Orabug: 26832827]
- mlx4_core: calculate log_num_mtt based on total system memory (Wei Lin Guay) [Orabug: 26867289]
- xen/x86: Add interface for querying amount of host memory (Boris Ostrovsky) [Orabug: 26867289]
- i40e: use cpumask_copy instead of direct assignment (Jacob Keller) [Orabug: 26849262]

[4.1.12-103.6.1]
- rebuild bumping release

[4.1.12-103.5.1]
- oracleasm: Copy the integrity descriptor (Martin K. Petersen) [Orabug: 26653979]
- Remove dma_unmap_single_attrs call. (Jack Vogel) [Orabug: 26790437]
- fs: __generic_file_splice_read retry lookup on AOP_TRUNCATED_PAGE (Abhi Das) [Orabug: 26597873]
- blk-mq: add missing blk_mq_put_ctx (Ankur Arora) [Orabug: 26752467]
- blk-mq: avoid re-initialize request which is failed in direct dispatch (Shaohua Li) [Orabug: 26752467]
- NFSv4.1: Dont deadlock the state manager on the SEQUENCE status flags (Trond Myklebust)
- NFSv4.1: Defer bumping the slot sequence number until we free the slot (Trond Myklebust)
- NFSv4: Leases are renewed in sequence_done when we have sessions (Trond Myklebust)
- NFSv4.1: nfs41_sequence_done should handle sequence flag errors (Trond Myklebust)
- fuse: Dont call set_page_dirty_lock() for ITER_BVEC pages for async_dio (Ashish Samant) [Orabug: 26081486]
- xen/blkfront: always allocate grants first from per-queue persistent grants (Dongli Zhang) [Orabug: 26725334]
- rds: Reintroduce statistics counting (Hakon Bugge) [Orabug: 26717157]
- bnxt_en: Add bnxt_get_num_stats() to centrally get the number of ethtool stats. (Michael Chan) [Orabug: 26790003]
- bnxt_en: Implement ndo_bridge_{get|set}link methods. (Michael Chan) [Orabug: 26790003]
- bnxt_en: Retrieve the hardware bridge mode from the firmware. (Michael Chan) [Orabug: 26790003]
- bnxt_en: Update firmware interface spec to 1.8.0. (Michael Chan) [Orabug: 26790003]
- dtrace: Update UEK RPM specs (Tomas Jedlicka) [Orabug: 26577142]
- dtrace: work around libdtrace-ctf bug (Nick Alcock) [Orabug: 26583988]
- dtrace: dtrace.ko wont build when DT_DISABLE_CTF is set (Tomas Jedlicka) [Orabug: 26557453]
- dtrace: Integrate DTrace Modules into kernel proper (Tomas Jedlicka) [Orabug: 26577142]
- dtrace: Fix spec file for 0.6.1-3 (Tomas Jedlicka)
- dtrace: Make dynamic variable cleanup self-throtling (Tomas Jedlicka) [Orabug: 26385177]
- dtrace: Restore deadman original timing values (Tomas Jedlicka) [Orabug: 26385159]
- dtrace: DTrace state deadman must use dtrace_sync() (Tomas Jedlicka) [Orabug: 26385102]
- dtrace: FBT module support and SPARCs return probes (Tomas Jedlicka) [Orabug: 26384179] [Orabug: 26384765]
- dtrace: fix spec file for 0.6.1-2 (Kris Van Hees)
- dtrace: FBT entry probes will now use int3 (Kris Van Hees) [Orabug: 26190412] [Orabug: 26174895]
- dtrace: support x86 CPUs with SMAP (Nick Alcock) [Orabug: 26166784]
- dtrace: fix spec file for 0.6.1-1 (Kris Van Hees)
- dtrace: ensure ustackdepth returns correct value (Kris Van Hees) [Orabug: 25949692]
- dtrace: FBT return probes on x86_64 run with in_irq() true (Kris Van Hees) [Orabug: 26089286]
- dtrace: different probe trigger instruction for entry vs return (Kris Van Hees) [Orabug: 25949048]
- dtrace: support passing offset as arg0 to FBT return probes (Kris Van Hees) [Orabug: 25949086]
- dtrace: improve probe execution debugging (Kris Van Hees)
- dtrace: correct mutex_* subroutines (Kris Van Hees) [Orabug: 26044447]
- dtrace: canload() for input of *_ntop(), *_nto*() (Nick Alcock)
- dtrace: implement link_ntop() DTrace subroutine logic (Girish Moodalbail) [Orabug: 25931479]
- dtrace: update spec file for 0.6.0-4 (Kris Van Hees)
- dtrace: enforce inlining of dtrace_dif_variable (Kris Van Hees) [Orabug: 25872472]
- dtrace: NEWS and spec file for 0.6.0-3 (Kris Van Hees)
- DTrace walltime lock-free implementation (Tomas Jedlicka) [Orabug: 25715256]
- dtrace: incorrect aframes value and wrong logic messes up caller and stack (Kris Van Hees) [Orabug: 25727046]
- dtrace: ensure we pass a limit to dtrace_stacktrace for stackdepth (Kris Van Hees) [Orabug: 25559321]
- dtrace: get rid of dtrace_gethrtime() (Kris Van Hees)
- dtrace: update NEWS and spec file for 0.6.0-2 (Kris Van Hees)
- dtrace: comtinuing the FBT implementation and fixes (Kris Van Hees) [Orabug: 21220305] [Orabug: 24829326]
- dtrace: handle modular IPv6 (Nick Alcock) [Orabug: 25557554]
- dtrace: introduce and use typedef in6_addr_t (Alan Maguire) [Orabug: 25557554]
- dtrace: update NEWS and spec file (Kris Van Hees)
- dtrace: function boundary tracing (FBT) implementation (Kris Van Hees) [Orabug: 21220305] [Orabug: 24829326]
- dtrace: SDT cleanup and bring in line with kernel (Kris Van Hees)
- dtrace: fix preemption checks (Kris Van Hees)
- dtrace: when calling all modules do not forget kernel (Kris Van Hees)
- dtrace: remove cleanup_module support (Kris Van Hees)
- dtrace: is-enabled probes for SDT (Kris Van Hees) [Orabug: 25143173]
- dtrace: 0.6.0 specfile and NEWS. (Nick Alcock)
- dtrace: test the new DTRACE_PROBE() n-argument macro (Nick Alcock) [Orabug: 24678897]
- dtrace: add a test probe with an empty translation or two (Nick Alcock) [Orabug: 24661801]
- dtrace: parse sdpd_args to handle sdt_getargdesc() rather than hardwiring (Nick Alcock) [Orabug: 24661801]
- Specfile adjustments for 0.5.4 release to autobuilders. (Nick Alcock)
- SPEC: dtrace-module specfile revamp. (Nick Alcock)
- dtrace: USDT SPARC parts (Nick Alcock) [Orabug: 24455245]
- dtrace: split arch-dependent parts out of fasttrap (Nick Alcock) [Orabug: 24455245]
- Release 0.5.3-2. (Nick Alcock)
- dtrace: version 0.5.3 (Kris Van Hees)
- dtrace: migrate pdata size assertion out of generic code (Nick Alcock)
- dtrace: ensure pdata and sdt_tab handling works on module reload (Kris Van Hees) [Orabug: 23331667]
- dtrace: add the perf provider to SDT (Nick Alcock) [Orabug: 23004534]
- dtrace: version 0.5.2 (Kris Van Hees)
- dtrace: apply stack bias to user stack walks on SPARC (Nick Alcock) [Orabug: 22629102]
- dtrace: use current_user_stack_pointer() (Nick Alcock) [Orabug: 22629102]
- dtrace: use copy_from_user() when walking userspace stacks (Nick Alcock) [Orabug: 22629102]
- dtrace: do not overrun the start of the user stack (Nick Alcock) [Orabug: 22629102]
- dtrace: fix access to uregs[R_L7] (Nick Alcock) [Orabug: 22602870]
- dtrace: correct probe disable behaviour for syscalls (Kris Van Hees) [Orabug: 22352636]
- dtrace: fix typo in date field in %changelog (Kris Van Hees)
- dtrace: Updated NEWS and spec files for 0.5.1-1 (Kris Van Hees)
- dtrace: avoid installonly-related kernel upgrade failure (Nick Alcock) [Orabug: 21669543]
- dtrace: Support Linux-specific handling of envp / argv in psinfo (Kris Van Hees) [Orabug: 21984854]
- dtrace: add missing dtrace_*canload() for copyout() and copyoutstr(). (Nick Alcock)
- dtrace: ensure dt_perf does not clash with dt_test (Kris Van Hees) [Orabug: 21814949]
- dtrace: enable building on SPARC64 architecture. (Kris Van Hees)
- dtrace: provide OL6 and OL7 spec file with new features (Kris Van Hees)
- dtrace: update NEWS for new 0.5.0 version (Kris Van Hees)
- Fix spelling of %endif in specfile. (Nick Alcock)
- dtrace: only sparc64 uses sdt_tab in pdata (Kris Van Hees)
- dtrace: NEWS and spec file for 0.5.0 (Kris Van Hees)
- dtrace: apply sdt_instr_t change to asm_instr_t (Kris Van Hees)
- dtrace: fold NOPF into NOFAULT handling (Kris Van Hees)
- dtrace: improve debugging output (Kris Van Hees)
- dtrace: kernel provides SDT trampoline area on SPARC (Kris Van Hees) [Orabug: 21220344]
- dtrace: record current IP as frame 0 in ustack (Kris Van Hees)
- dtrace: validate argument pointer to d_path() (Kris Van Hees) [Orabug: 21304207]
- dtrace: update NEWS and specfile for 0.4.5 (Kris Van Hees)
- dtrace: support USDT for 32-bit applications on 64-bit hosts (Kris Van Hees) [Orabug: 21219315]
- dtrace: use the initial user namespace in suitable {from,make}_kuid() calls (Nick Alcock)
- dtrace: use the current user namespace for DIF_VAR_[UG]ID lookups (Nick Alcock)
- dtrace: support sparc64 on appropriate kernels. (Nick Alcock)
- Revise dependencies to get out of the shadow of dtrace-modules-headers. (Nick Alcock) [Orabug: 20508087]
- dtrace: no longer expose kuid_t in the userspace dtrace API (Nick Alcock)
- dtrace: percpu: move from __get_cpu_var() to this_cpu_ptr() (Nick Alcock)
- dtrace: fix dtrace_helptrace_buffer memory leak (Kris Van Hees) [Orabug: 20514336]
- dtrace: support building on UEK4 (Kris Van Hees) [Orabug: 20456825]
- dtrace: add support for DTrace on sparc64 (Kris Van Hees) [Orabug: 19005048]
- dtrace: restructuring to support DTrace on multiple architectures (Kris Van Hees) [Orabug: 20262965]
- dtrace: add .gitignore file (Kris Van Hees) [Orabug: 20266608]
- dtrace: Updated NEWS and specfile (Kris Van Hees)
- dtrace: ensure one can try to get user pages without locking or faulting (Kris Van Hees) [Orabug: 18653713]
- dtrace: Improve dtrace_getufpstack() (locks, stack detection, faults) (Nick Alcock) [Orabug: 18412802]
- dtrace: Updated NEWS and specfile (Kris Van Hees)
- dtrace: update NEWS and spec file for 0.4.3-2 (Kris Van Hees)
- Drop CPU_DTRACE_NOFAULT manipulation in progenyof(). (Nick Alcock) [Orabug: 18412802]
- Drop CPU_DTRACE_NOFAULT manipulation around ustack calls. (Nick Alcock) [Orabug: 18412802]
- Pass down the tgid to userspace in u{stack,sym,mod,addr}(). (Nick Alcock) [Orabug: 18412802]
- Fix the pid and ppid variables in multithreaded processes. (Nick Alcock) [Orabug: 18412802]
- dtrace: NEWS and specfile update for 0.4.3 (Kris Van Hees)
- dtrace: add support for profile-* probes (Kris Van Hees) [Orabug: 18323513]
- Updated specfile for 0.4.2-3. (Nick Alcock)
- Have the new dtrace-modules-provider-headers obsolete the old. (Nick Alcock) [Orabug: 18061595]
- Remove kernel version from name of dtrace-modules-provider-headers package. (Nick Alcock) [Orabug: 18061595]
- dtrace: updated spec file and NEWS (Kris Van Hees)
- dtrace: Fix RPM dependencies. (Kris Van Hees) [Orabug: 17804881]
- dtrace: vtimestamp implementation (Kris Van Hees) [Orabug: 17741477]
- dtrace: implement SDT in kernel modules (Kris Van Hees) [Orabug: 17851716]
- dtrace: fix conditionals for changelog composition (Kris Van Hees)
- dtrace: make the release tag dependent on the kernel version (Kris Van Hees)
- dtrace: fix changelog for 0.4.0 series (Kris Van Hees)
- dtrace: support auto-building of dtrace-module for UEK kernels (Kris Van Hees)
- dtrace: prepare spec file for errata release (3.87.13-16.2.1/0.4.1-3) (Kris Van Hees)
- dtrace: Updated NEWS and spec file (Kris Van Hees)
- dtrace: provide a corrected implementation of the 'errno' D variable (Kris Van Hees) [Orabug: 17704568]
- dtrace: Updated specfile and NEWS (Kris Van Hees)
- dtrace: fix lock ordering issues, mutex_owned(), and mutex debugging (Kris Van Hees) [Orabug: 17624236]
- dtrace: ensure userspace stack memory access cannot page fault (Kris Van Hees) [Orabug: 17591351]
- dtrace: ensure speculation buffer cleaning does not race with buffer freeing (Kris Van Hees) [Orabug: 17553446]
- dtrace: reject enabling is referencing module fails and do not count it (Kris Van Hees)
- dtrace: ensure state is freed after use (memleak fix) (Kris Van Hees)
- dtrace: align module code with new cyclics API (Kris Van Hees) [Orabug: 17553446]
- dtrace: update getufpstack implementation to be safer (Kris Van Hees) [Orabug: 17591351]
- dtrace: armour ustack() against kernel threads, !task->mm, and corrupt usersp. (Nick Alcock) [Orabug: 17591351]
- dtrace: Ensure that provider names are unique in the context of a PID (Kris Van Hees) [Orabug: 17476663]
- dtrace: ensure &tp->ftt_mtp is set to 0s for is-enabled probes also (Kris Van Hees)
- dtrace: Update NEWS (Kris Van Hees)
- dtrace: Various memory allocation fixes (leaks, footprint reduction, ...) (Kris Van Hees) [Orabug: 17488207]
- dtrace: UEK3 build -16 (Kris Van Hees)
- dtrace: prevent Oops caused by preemption issues with probes (Kris Van Hees) [Orabug: 17403196]
- dtrace: fix for psinfo allocation during execve (Kris Van Hees) [Orabug: 17407069]
- dtrace: General cleanup of debug info and fix syscall probe module name. (Kris Van Hees)
- dtrace: fixes for the module build (Kris Van Hees)
- dtrace: remove debugging code (Kris Van Hees)
- dtrace: Ensure that USDT probes are carried over correctly across fork(). (Kris Van Hees) [Orabug: 17346878]
- dtrace: Fix frame offsets for direct called probes (ERROR and syscalls). (Kris Van Hees) [Orabug: 17368166]
- dtrace: fix retrieval of arg5 through arg9 (Kris Van Hees) [Orabug: 17368166]
- Bug fix for logic to determine the (inode, offset) pair for uprobes. (Kris Van Hees)
- Ensure memory allocation results are checked throughout the code. (Kris Van Hees)
- Bug fix for fasttrap module unloading. (Kris Van Hees)
- Remove pre-alpha features for release. (Kris Van Hees)
- Bug fix for module unloading. (Kris Van Hees)
- Fix fasttrap ioctls and headers_check. (Nick Alcock)
- Re-enable DTrace ioctl()-size debugging. (Nick Alcock)
- Add RPM changelog. (Nick Alcock)
- Add a warning to be displayed when tracepoint enabling fails. Update NEWS. (Kris Van Hees)
- Fix provider header requirements. (Nick Alcock)
- SPEC: Changes for UEK merge. (Nick Alcock)
- Boost ustackframes_default. (Nick Alcock)
- Make old_rsp available to kernel modules. (Kris Van Hees)
- Remove unnecessary 32-bit code. (Kris Van Hees)
- Clean up ioctl debugging output, and remove dtrace_ioctl_sizes(). (Kris Van Hees)
- Add debugging for enablings. (Kris Van Hees)
- Ensure that the fasttrap device file can be opened. (Kris Van Hees)
- Fix format string errors in buffer storage debugging messages. (Nick Alcock)
- Drop stack debugging messages. (Nick Alcock)
- SPEC: Fix the name of the kernel development package in BuildRequires. (Nick Alcock)
- SPEC: Boost the associated kernel version to 3.8.12. (Nick Alcock)
- Ensure that arg6 through arg9 get retrieved correctly for USDT probes. (Kris Van Hees)
- Finish the implementation of is-enabled USDT probes. (Kris Van Hees)
- Fixes for tracepoint cleanup. (Kris Van Hees)
- Fixes for locking issues and cleanup workqueue handling. (Kris Van Hees)
- Update syscall tracing in view of Linux 3.8 changes. (Kris Van Hees)
- USDT implementation (phase 2). (Kris Van Hees)
- Fix to exclude stack addresses from pcstack. (Kris Van Hees)
- Revamp and split up DTrace headers. Add ioctl() debugging machinery. (Nick Alcock)
- OS/arch specific ustack implementation. (Kris Van Hees)
- Ensure PID is passed as first element for ustack. (Kris Van Hees)
- Revert 'stack() / jstack(): Send PID to userspace.' (Kris Van Hees)
- stack() / jstack(): Send PID to userspace. (Nick Alcock)
- Adding more compile time debugging for development. (Kris Van Hees)
- USDT implementation (Phase 1). (Kris Van Hees)
- Add basic development debugging framework. (Kris Van Hees)
- Update copyright statements. (Kris Van Hees)
- Disable providers that do not work. (Kris Van Hees)
- Differentiate between multi-providers and meta-providers. (Kris Van Hees)
- Adding missing build specs for dt_perf. (Kris Van Hees)
- Remove unnecessary and inconsistemt use of argument name in prototypes. (Kris Van Hees)
- Clean up a file that is no longer used. (Kris Van Hees)
- Internal performance measurement support code. (Kris Van Hees)
- Miscellaneous 3.6 porting work. (Kris Van Hees)
- DTrace-independent CTF. (Nick Alcock)
- Type and grammar fix. (Kris Van Hees)
- Fix name of lwp-create and lwp-exit probes in SDT argument mappings. (Kris Van Hees)
- Add NEWS file. (Kris Van Hees)
- SPEC: Rename the DTrace kernel to kernel-uek-dtrace-. (Nick Alcock)
- Fix depmod invocation on RPM %post-installation. (Nick Alcock)
- Add a specfile. (Nick Alcock)
- Additional action support (and bug fixes). (Kris Van Hees)
- Change the DTrace startup handling (at boot time) for SDT. (Kris Van Hees)
- Cleanup (and adding) of SDT probe points. (Kris Van Hees)
- Remove remnant of internal, for-my-use-only test code. (Kris Van Hees)
- DIF_SUBR_RW_READ_HELDs parameter should be an rwlock_t. (Nick Alcock)
- Force dtrace_ctf.ko to be loaded whenever dtrace.ko is. (Nick Alcock)
- Missing file. (Kris Van Hees)
- - sched-tick SDT probe. - FBT probe point discovery and probe creation. - Moving code around for the kernel pseudo-module handling since it gets used by both the SDT code and the FBT code. (Kris Van Hees)
- Add argument description info for SDT probes. (Kris Van Hees)
- Implement refcount handling in DTrace modules to ensure that they cannot be unloaded while probes are enabled. (Kris Van Hees)
- New DTrace option DTRACEOPT_QUIETRESIZE, and accordingly-boosted DTRACEOPT_MAX. (Nick Alcock)
- Changed from using mutex_is_locked() to a new mutex_owned(), in support of the Solaris MUTEX_HELD() macro. The former was merely testing whether the mutex was locked, whereas the real test needed here is whether the mutex is held by the current thread. (Kris Van Hees)
- Make all allocations that are allowed to fail atomic, and surpress warnings about out-of-memory conditions, since they are not harmful. Also, do not allow DTrace allocations to access the emergency pools. (Kris Van Hees)
- Fix signed division and modulo operations in DIF. Ensure that SDT probe points are patched with a NOP sequence at boot time. Remove debugging output during SDT registration. (Kris Van Hees)
- Forgot to commit the changes to the header file. (Kris Van Hees)
- The idr_empty() macro is no longer needed. (Kris Van Hees)
- Fix for incorrect handling of BUFSIZE = 0. The handling of aggregations was flawed in that even without any ECBs with aggregation, the code logic was assuming there was at least one aggregation (the sentinel in the IDR). The handling of the aggregations IDR in the DTrace state has been updated to use an explicit counter because the IDR functionality does not provide us with an API function to determine the amount of elements in the IDR. (Kris Van Hees)
- Initial values for min and max aggregate functions were incorrectly set to be UINT64 values rather than INT64 values, causing the initial minimum value to be -1, and the initial maximum value to be 0. Corrected to be INT64 values. (Kris Van Hees)
- Ensure that the trap handler is regisstered only once. Register with first use, (Kris Van Hees)
- Ensure that the die notifier hook is installed whenever DTrace is enabled, since page fault and general protection fault handling depends on it, and that is needed for safe memory access support in DTrace. (Kris Van Hees)
- Support for page fault and general protection fault detection for DTrace, to ensure that DTrace memory access faults are non-fatal. (Kris Van Hees)
- SDT implementation (core kernel support for providing a list of static probe points for the kernel pseudo-module, dtrace SDT meta-provider support, ...). Also, new script (dtrace_sdt.sh) to extract locations of SDT probe points in the core kernel. (Kris Van Hees)
- Enable processing the SDT probe point info at boot time (before SMP is actually enabled), if DTrace SDT support has been enabled (built-in or as module). For now, provide some verbose info on the probe points getting resolved. (Kris Van Hees)
- Fix resolving addresses of relocation records for SDT probe points. The addresses were being calculated based on the wrong starting point (_stext whereas it ought to be _text), and the base was not taken into account. Fixed the writing of NOPs in the location of the probe point calls, since the existing case was causing kernel paging faults. Made the add_nops() function in alternative.c non-static so it can be used in sdt_register. Use add_nops() to select the most appropriate NOP sequence for replacing the probe point call, and write the NOPs using text_poke(). (Kris Van Hees)
- Fixed the allocation of cyclics that was the cuase for some obscure crashes during the testsuite execution. Problem was that cyclics were being allocated in chunks, with a new array being allocated as (prev-size + chink-size), and then the old entries being copied over. However, because the hrtimer struct is embedded in the cyclic struct, this meant that hrtimer structs were being moved outside the hrtimer code. (Kris Van Hees)
- Handle the case where regs (during cyclic processing) is NULL. This indicates a bug but with this code change well survive that case and simply not have meaningful PC and UPC values as argument to the probe, which is better than a full scale OOPS due to NULL pointer dereference. (Kris Van Hees)
- Removed dead code (was #if 0 ... #endif). Cleaned up ;; -> ;. (Kris Van Hees)
- Implementation for tracing stub-based system calls. Due to the need for specialized code handling (mainly passing in a pt_regs structure as one of the arguments), some syscalls are called through a stub in assembly code. We duplicate the stub cdode in dtrace_stubs_x86_64.S, but instead of calling the actual syscall implementation code call our own syscall-specific handler, which ensures that entry and return probes are called as enabled, and then call the underlying implementation directly for handling the syscall. (Kris Van Hees)
- Stacktrace dumping has been moved to the GPL-licensed dtrace_os.c because it depends on a symbol that is exported as GPL-only. Functionality in dtrace_isa that requires stacktrace dumping can now use dtrace_stacktrace(). (Kris Van Hees)
- Fix porting issues from 2.6.32 to 2.6.39. Disable stub_* based syscalls (for now). (Kris Van Hees)
- Move cyclic.h into include/linux. (Nick Alcock)
- Finish GPL/CDDL splitting work. (Nick Alcock)
- Set MODULE_LICENSE to CDDL. (Nick Alcock)
- CDDL copyrights for everything needing it. (Nick Alcock)
- Initial commit of DTrace. (Nick Alcock)

[4.1.12-103.4.1]
- xfs: fix eofblocks race with file extending async dio writes (Brian Foster) [Orabug: 26128822]
- xfs: write unmount record for ro mounts (Eric Sandeen) [Orabug: 26107928]
- xfs: toggle readonly state around xfs_log_mount_finish (Eric Sandeen) [Orabug: 26107928]
- scsi: fnic: changing queue command to return result DID_IMM_RETRY when rport is init (Satish Kharat) [Orabug: 25742083]
- KEYS: fix dereferencing NULL payload with nonzero length (Eric Biggers) [Orabug: 26591994]
- rds: Make sure updates to cp_send_gen can be observed (Hakon Bugge) [Orabug: 26524551]
- netfilter: nf_tables: fix oob access (Florian Westphal) [Orabug: 25960439]
- NFSv4.1: Use seqid returned by EXCHANGE_ID after state migration (Chuck Lever) [Orabug: 26631501]
- NFSv4.1: Handle EXCHGID4_FLAG_CONFIRMED_R during NFSv4.1 migration (Chuck Lever) [Orabug: 26485630]
- kvm: x86: reduce collisions in mmu_page_hash (David Matlack) [Orabug: 26639600]
- KVM: nVMX: fix nested EPT detection (Ladi Prosek) [Orabug: 26662940]
- KVM: nVMX: introduce nested_vmx_load_cr3 and call it on vmentry (Ladi Prosek) [Orabug: 26662940]
- KVM: nVMX: propagate errors from prepare_vmcs02 (Ladi Prosek) [Orabug: 26662940]
- KVM: nVMX: fix CR3 load if L2 uses PAE paging and EPT (Ladi Prosek) [Orabug: 26662940]


Related CVEs


CVE-2017-7541

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle VM 3.4 (x86_64) kernel-uek-4.1.12-103.7.3.el6uek.src.rpmfde4ffd80447d2ac51ed6695200ae235OVMSA-2021-0016
kernel-uek-4.1.12-103.7.3.el6uek.x86_64.rpmea9ce31e9f737b335533e8b6856c61f3OVMSA-2021-0016
kernel-uek-firmware-4.1.12-103.7.3.el6uek.noarch.rpma0aaa657ea251733fe46797dc3f42eddOVMSA-2021-0016



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete