[ELSA-2011-0421] kernel security and bug fix update
[2.6.32-71.24.1.el6]
- [fs] Revert '[fs] inotify: stop kernel memory leak on file creation failure' (Eric Paris) [656831 656832] {CVE-2010-4250}
[2.6.32-71.23.1.el6]
- [x86] Revert '[x86] mtrr: Assume SYS_CFG[Tom2ForceMemTypeWB] exists on all future AMD CPUs' (Frank Arnold) [683813 652208]
[2.6.32-71.22.1.el6]
- rebuild
[2.6.32-71.21.1.el6]
- [netdrv] ixgbe: limit VF access to network traffic (Frantisek Hrbata) [684129 678717]
- [netdrv] ixgbe: work around for DDP last buffer size (Frantisek Hrbata) [684129 678717]
- [net] gro: reset dev and skb_iff on skb reuse (Andy Gospodarek) [688311 681970]
- [x86] mtrr: Assume SYS_CFG[Tom2ForceMemTypeWB] exists on all future AMD CPUs (Frank Arnold) [683813 652208]
- [virt] virtio_net: Add schedule check to napi_enable call (Michael S. Tsirkin) [684268 676579]
- [s390x] mm: add devmem_is_allowed() for STRICT_DEVMEM checking (Hendrik Brueckner) [684267 647365]
- [powerpc] Don't use kernel stack with translation off (Steve Best) [684266 628951]
- [powerpc] Initialise paca->kstack before early_setup_secondary (Steve Best) [684266 628951]
[2.6.32-71.20.1.el6]
- [dvb] kernel: av7110 negative array offset (Mauro Carvalho Chehab) [672403 672404] {CVE-2011-0521}
- [fs] sunrpc: Correct a misapplied patch (J. Bruce Fields) [678094 678146] {CVE-2011-0714}
- [netdrv] orinoco: fix TKIP countermeasure behaviour (Stanislaw Gruszka) [667908 667909] {CVE-2010-4648}
- [kernel] /proc/vmcore: speed up access to vmcore file (Neil Horman) [683442 672937]
- [netdrv] cnic: Fix big endian bug (Steve Best) [678484 676640]
- [scsi] fcoe: drop FCoE LOGO in FIP mode (Mike Christie) [683814 668114]
- [s390x] remove task_show_regs (Danny Feng) [677854 677855] {CVE-2011-0710}
- [ib] cm: Bump reference count on cm_id before invoking callback (Doug Ledford) [676190 676191] {CVE-2011-0695}
- [rdma] cm: Fix crash in request handlers (Doug Ledford) [676190 676191] {CVE-2011-0695}
- [net] bridge: Fix mglist corruption that leads to memory corruption (Herbert Xu) [678172 659421] {CVE-2011-0716}
- [netdrv] r8169: use RxFIFO overflow workaround and prevent RxFIFO induced infinite loops (Ivan Vecera) [680080 630810]
- [s390x] kernel: nohz vs cpu hotplug system hang (Hendrik Brueckner) [683815 668470]
- [netdrv] cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory (Doug Ledford) [633156 633157] {CVE-2010-3296}
- [configs] redhat: added CONFIG_SECURITY_DMESG_RESTRICT option (Frantisek Hrbata) [683822 653245]
- [kernel] restrict unprivileged access to kernel syslog (Frantisek Hrbata) [683822 653245]
- [fs] cifs: allow matching of tcp sessions in CifsNew state (Jeff Layton) [683812 629085]
- [fs] cifs: fix potential double put of TCP session reference (Jeff Layton) [683812 629085]
- [fs] cifs: prevent possible memory corruption in cifs_demultiplex_thread (Jeff Layton) [683812 629085]
- [fs] cifs: eliminate some more premature cifsd exits (Jeff Layton) [683812 629085]
- [fs] cifs: prevent cifsd from exiting prematurely (Jeff Layton) [683812 629085]
- [fs] CIFS: Make cifs_convert_address() take a const src pointer and a length (Jeff Layton) [683812 629085]
- [kdump] kexec: accelerate vmcore copies by marking oldmem in /proc/vmcore as cached (Neil Horman) [683445 641315]
- [virt] KVM: VMX: Disallow NMI while blocked by STI (Avi Kivity) [683783 616296]
- [virt] kvm: write protect memory after slot swap (Michael S. Tsirkin) [683781 647367]
[2.6.32-71.19.1.el6]
- [crypto] sha-s390: Reset index after processing partial block (Herbert Xu) [678996 626515]
- [net] clear heap allocations for privileged ethtool actions (Jiri Pirko) [672434 672435] {CVE-2010-4655}
- [usb] iowarrior: don't trust report_size for buffer size (Don Zickus) [672421 672422] {CVE-2010-4656}
- [virt] virtio: console: Wake up outvq on host notifications (Amit Shah) [678558 643750]
- [fs] inotify: stop kernel memory leak on file creation failure (Eric Paris) [656831 656832] {CVE-2010-4250}
- [net] sctp: fix kernel panic resulting from mishandling of icmp dest unreachable msg (Neil Horman) [667028 667029] {CVE-2010-4526}
- [mm] install_special_mapping skips security_file_mmap check (Frantisek Hrbata) [662198 662199] {CVE-2010-4346}
- [kdump] vt-d: Handle previous faults after enabling fault handling (Takao Indoh) [678485 617137]
- [kdump] Enable the intr-remap fault handling after local apic setup (Takao Indoh) [678485 617137]
- [kdump] vt-d: Fix the vt-d fault handling irq migration in the x2apic mode (Takao Indoh) [678485 617137]
- [kdump] vt-d: Quirk for masking vtd spec errors to platform error handling logic (Takao Indoh) [678485 617137]
- [virt] virtio: console: Don't block entire guest if host doesn't read data (Amit Shah) [678562 643751]
- [virt] virtio: console: Prevent userspace from submitting NULL buffers (Amit Shah) [678559 635535]
- [virt] virtio: console: Fix poll blocking even though there is data to read (Amit Shah) [678561 634232]
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/perf?distro=oraclelinux-6 | < 2.6.32-71.24.1.el6 |
pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6 | < 2.6.32-71.24.1.el6 |
pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6 | < 2.6.32-71.24.1.el6 |
pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6 | < 2.6.32-71.24.1.el6 |
pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6 | < 2.6.32-71.24.1.el6 |
pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6 | < 2.6.32-71.24.1.el6 |
pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6 | < 2.6.32-71.24.1.el6 |
pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6 | < 2.6.32-71.24.1.el6 |
- ID
- ELSA-2011-0421
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2011-0421.html
- Published
-
2011-04-07T00:00:00
(13 years ago) - Modified
-
2011-04-07T00:00:00
(13 years ago) - Rights
- Copyright 2011 Oracle, Inc.
- Other Advisories
-
- ELSA-2011-0017
- ELSA-2011-0163
- ELSA-2011-0303
- ELSA-2011-0429
- ELSA-2011-0927
- ELSA-2011-2014
- FEDORA-2011-1138
- FEDORA-2011-2134
- FEDORA-2011-6447
- FEDORA-2011-6541
- RHSA-2011:0421
- SUSE-SU-2015:0652-1
- USN-1041-1
- USN-1072-1
- USN-1074-1
- USN-1074-2
- USN-1080-1
- USN-1080-2
- USN-1081-1
- USN-1083-1
- USN-1093-1
- USN-1105-1
- USN-1111-1
- USN-1119-1
- USN-1133-1
- USN-1141-1
- USN-1146-1
- USN-1159-1
- USN-1160-1
- USN-1162-1
- USN-1164-1
- USN-1170-1
- USN-1187-1
- USN-1202-1
- USN-1204-1
- USN-1256-1
- USN-1379-1
- USN-1387-1
- USN-1394-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2011-0421 | http://linux.oracle.com/errata/ELSA-2011-0421.html | |
CVE | CVE-2010-3296 | http://linux.oracle.com/cve/CVE-2010-3296 | |
CVE | CVE-2010-4346 | http://linux.oracle.com/cve/CVE-2010-4346 | |
CVE | CVE-2010-4526 | http://linux.oracle.com/cve/CVE-2010-4526 | |
CVE | CVE-2010-4648 | http://linux.oracle.com/cve/CVE-2010-4648 | |
CVE | CVE-2010-4655 | http://linux.oracle.com/cve/CVE-2010-4655 | |
CVE | CVE-2010-4656 | http://linux.oracle.com/cve/CVE-2010-4656 | |
CVE | CVE-2011-0521 | http://linux.oracle.com/cve/CVE-2011-0521 | |
CVE | CVE-2011-0695 | http://linux.oracle.com/cve/CVE-2011-0695 | |
CVE | CVE-2011-0710 | http://linux.oracle.com/cve/CVE-2011-0710 | |
CVE | CVE-2011-0716 | http://linux.oracle.com/cve/CVE-2011-0716 | |
CVE | CVE-2011-1478 | http://linux.oracle.com/cve/CVE-2011-1478 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-6 | oraclelinux | perf | < 2.6.32-71.24.1.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6 | oraclelinux | kernel | < 2.6.32-71.24.1.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6 | oraclelinux | kernel-headers | < 2.6.32-71.24.1.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6 | oraclelinux | kernel-firmware | < 2.6.32-71.24.1.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6 | oraclelinux | kernel-doc | < 2.6.32-71.24.1.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6 | oraclelinux | kernel-devel | < 2.6.32-71.24.1.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6 | oraclelinux | kernel-debug | < 2.6.32-71.24.1.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6 | oraclelinux | kernel-debug-devel | < 2.6.32-71.24.1.el6 | oraclelinux-6 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |