[Oraclevm-errata] OVMSA-2012-0042 M: Oracle VM 3.1 kernel-uek security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Mon Oct 22 09:31:00 PDT 2012
Oracle VM Security Advisory OVMSA-2012-0042
The following updated rpms for Oracle VM 3.1 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-2.6.39-200.1.9.el5uek.x86_64.rpm
kernel-uek-firmware-2.6.39-200.1.9.el5uek.noarch.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.1/SRPMS-updates/kernel-uek-2.6.39-200.1.9.el5uek.src.rpm
Description of changes:
[2.6.39-200.1.9.el5uek]
- Fix bug number for commit "cciss: Update HPSA_BOUNDARY" (Joe Jin)
[Orabug: 14681166]
[2.6.39-200.1.8.el5uek]
- cciss: Update HPSA_BOUNDARY. (Joe Jin) [Orabug: 14319765]
[2.6.39-200.1.7.el5uek]
- KVM: introduce kvm_for_each_memslot macro (Maxim Uvarov) [Bugdb: 13966]
- dl2k: Clean up rio_ioctl (Jeff Mahoney) [Orabug: 14126896] {CVE-2012-2313}
- NFSv4: include bitmap in nfsv4 get acl data (Andy Adamson)
{CVE-2011-4131}
- KVM: Fix buffer overflow in kvm_set_irq() (Avi Kivity) [Bugdb: 13966]
{CVE-2012-2137}
- net: sock: validate data_len before allocating skb in
sock_alloc_send_pskb()
(Jason Wang) [Bugdb: 13966] {CVE-2012-2136}
- mm: pmd_read_atomic: fix 32bit PAE pmd walk vs pmd_populate SMP race
condition (Andrea Arcangeli) [Bugdb: 13966] {CVE-2012-2373}
- KVM: lock slots_lock around device assignment (Alex Williamson) [Bugdb:
13966] {CVE-2012-2121}
- KVM: unmap pages from the iommu when slots are removed (Maxim Uvarov)
[Bugdb:
13966] {CVE-2012-2121}
- fcaps: clear the same personality flags as suid when fcaps are used (Eric
Paris) [Bugdb: 13966] {CVE-2012-2123}
- tilegx: enable SYSCALL_WRAPPERS support (Chris Metcalf) {CVE-2009-0029}
- drm/i915: fix integer overflow in i915_gem_do_execbuffer() (Xi Wang)
[Orabug:
14107456] {CVE-2012-2384}
- drm/i915: fix integer overflow in i915_gem_execbuffer2() (Xi Wang)
[Orabug:
14107445] {CVE-2012-2383}
- [dm] do not forward ioctls from logical volumes to the underlying
device (Joe
Jin) {CVE-2011-4127}
- [block] fail SCSI passthrough ioctls on partition devices (Joe Jin)
{CVE-2011-4127}
- [block] add and use scsi_blk_cmd_ioctl (Joe Jin) [Orabug: 14056755]
{CVE-2011-4127}
- KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (Avi
Kivity) [Bugdb: 13871] {CVE-2012-1601}
- regset: Return -EFAULT, not -EIO, on host-side memory fault (H. Peter
Anvin)
{CVE-2012-1097}
- regset: Prevent null pointer reference on readonly regsets (H. Peter
Anvin)
{CVE-2012-1097}
- cifs: fix dentry refcount leak when opening a FIFO on lookup (Jeff Layton)
{CVE-2012-1090}
- mm: thp: fix pmd_bad() triggering in code paths holding mmap_sem read mode
(Andrea Arcangeli) {CVE-2012-1179}
- ext4: fix undefined behavior in ext4_fill_flex_info() (Xi Wang)
{CVE-2009-4307}
[2.6.39-200.1.6.el5uek]
- ocfs2: clear unaligned io flag when dio fails (Junxiao Bi) [Orabug:
14063941]
- aio: make kiocb->private NUll in init_sync_kiocb() (Junxiao Bi) [Orabug:
14063941]
- igb: Fix for Alt MAC Address feature on 82580 and later devices (Carolyn
Wyborny) [Orabug: 14258706]
- igb: Alternate MAC Address Updates for Func2&3 (Akeem G. Abodunrin)
[Orabug:
14258706]
- igb: Alternate MAC Address EEPROM Updates (Akeem G. Abodunrin) [Orabug:
14258706]
- cciss: only enable cciss_allow_hpsa when for ol5 (Joe Jin) [Orabug:
14106006]
- Revert "cciss: remove controllers supported by hpsa" (Joe Jin) [Orabug:
14106006]
- [scsi] hpsa: add all support devices for ol5 (Joe Jin) [Orabug: 14106006]
- Disable VLAN 0 tagging for none VLAN traffic (Adnan Misherfi) [Orabug:
14406424]
- x86: Add Xen kexec control code size check to linker script (Daniel Kiper)
- drivers/xen: Export vmcoreinfo through sysfs (Daniel Kiper)
- x86/xen/enlighten: Add init and crash kexec/kdump hooks (Maxim Uvarov)
- x86/xen: Add kexec/kdump makefile rules (Daniel Kiper)
- x86/xen: Add x86_64 kexec/kdump implementation (Daniel Kiper)
- x86/xen: Add placeholder for i386 kexec/kdump implementation (Daniel
Kiper)
- x86/xen: Register resources required by kexec-tools (Daniel Kiper)
- x86/xen: Introduce architecture dependent data for kexec/kdump (Daniel
Kiper)
- xen: Introduce architecture independent data for kexec/kdump (Daniel
Kiper)
- x86/kexec: Add extra pointers to transition page table PGD, PUD, PMD
and PTE
(Daniel Kiper)
- kexec: introduce kexec_ops struct (Daniel Kiper)
[2.6.39-200.1.5.el5uek]
- SPEC: replace DEFAULTKERNEL from kernel-ovs to kernel-uek
More information about the Oraclevm-errata
mailing list