OVMSA-2017-0167 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2017-11-03 |
Description
[4.1.12-103.9.2]
- Revert 'drivers/char/mem.c: deny access in open operation when securelevel is set' (Brian Maly) [Orabug: 27037811]
[4.1.12-103.9.1]
- xfs: use dedicated log worker wq to avoid deadlock with cil wq (Brian Foster) [Orabug: 27013241]
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't parse nlmsg properly (Xin Long) [Orabug: 26988633] {CVE-2017-14489}
- nvme: honor RTD3 Entry Latency for shutdowns (Martin K. Petersen) [Orabug: 26999097]
- ipv6: avoid overflow of offset in ip6_find_1stfragopt (Sabrina Dubroca) [Orabug: 27013220] {CVE-2017-7542}
- udp: consistently apply ufo or fragmentation (Willem de Bruijn) [Orabug: 27013227] {CVE-2017-1000112}
- drivers/char/mem.c: deny access in open operation when securelevel is set (Ethan Zhao) [Orabug: 26943884]
[4.1.12-103.8.1]
- tcp: fix tcp_mark_head_lost to check skb len before fragmenting (Neal Cardwell) [Orabug: 26923675]
- timerfd: Protect the might cancel mechanism proper (Thomas Gleixner) [Orabug: 26899775] {CVE-2017-10661}
- kvm: nVMX: Don't allow L2 to access the hardware CR8 (Jim Mattson) {CVE-2017-12154} {CVE-2017-12154}
- brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx() (Tim Tianyang Chen) [Orabug: 26880590] {CVE-2017-7541}
- crypto: ahash - Fix EINPROGRESS notification callback (Herbert Xu) [Orabug: 26916575] {CVE-2017-7618}
- ovl: use O_LARGEFILE in ovl_copy_up() (David Howells) [Orabug: 25953280]
- rxrpc: Fix several cases where a padded len isn't checked in ticket decode (David Howells) [Orabug: 26880508] {CVE-2017-7482} {CVE-2017-7482}
- tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Wei Wang) [Orabug: 26813385] {CVE-2017-14106}
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle VM 3.4 (x86_64) | kernel-uek-4.1.12-103.9.2.el6uek.src.rpm | e21a5687d871e6da670bd2f7ed725e78 | OVMSA-2021-0016 |
| kernel-uek-4.1.12-103.9.2.el6uek.x86_64.rpm | 91b99d790bef427257c4a79757f1d419 | OVMSA-2021-0016 |
| kernel-uek-firmware-4.1.12-103.9.2.el6uek.noarch.rpm | 84eb9e7eba1e3510abd91b6fc32383bf | OVMSA-2021-0016 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
