[ELSA-2013-1051] kernel security and bug fix update

Severity Moderate

Affected Packages 9

CVEs 11

[2.6.32-358.14.1]
- [x86] apic: Add probe() for apic_flat (Prarit Bhargava) [975086 953342]

[2.6.32-358.13.1]
- [wireless] b43: stop format string leaking into error msgs (John Linville) [971387 971389] {CVE-2013-2852}
- [pci] make sriov work with hotplug remove (Takahiro MUNEDA) [973555 965002]
- [net] rtnl: fix info leak on RTM_GETLINK request for VF devices (Flavio Leitner) [923657 923659] {CVE-2013-2634 CVE-2013-2635}
- [net] dcbnl: fix various netlink info leaks (Flavio Leitner) [923657 923659] {CVE-2013-2634 CVE-2013-2635}
- [net] bonding: fix enslaving in alb mode when link down (Veaceslav Falico) [969306 965132]
- [net] tcp: Fix oops from tcp_collapse() when using splice() (Nikola Pajkovsky) [968871 863512] {CVE-2013-2128}
- [usb] uhci: fix IRQ race during initialization (Dave Young) [968557 915834]
- [netdrv] e1000e: enable VLAN RX/TX in PROMISC mode (Stefan Assmann) [963564 886420]
- [netdrv] bnx2x: strip VLAN header in PROMISC mode (Stefan Assmann) [963564 886420]
- [net] vlan: handle packets with empty vlan_group via VLAN code (Stefan Assmann) [963564 886420]
- [fs] namei.c: Dont allow to create hardlink for deleted file (Brian Foster) [956296 908158]
- [fs] gfs2: Reinstate withdraw ack system (Robert S Peterson) [927308 908093]
- [fs] nfs: open a file descriptor for fsync in nfs4 recovery (J. Bruce Fields) [964046 915479]
- [net] macvlan: remove bogus check in macvlan_handle_frame() (Jiri Pirko) [962370 952785]
- [net] macvlan: fix passthru mode race between dev removal and rx path (Jiri Pirko) [962370 952785]
- [kernel] rcu: Replace list_first_entry_rcu() with list_first_or_null_rcu() (Jiri Pirko) [962370 952785]
- [net] bluetooth/rfcomm: Fix missing msg_namelen update in rfcomm_sock_recvmsg() (Weiping Pan) [955653 955654] {CVE-2013-3225}
- [net] bluetooth: fix possible info leak in bt_sock_recvmsg() (Radomir Vrbovsky) [955603 955604] {CVE-2013-3224}
- [fs] gfs2: Issue discards in 512b sectors (Robert S Peterson) [927317 922779]
- [fs] udf: avoid info leak on export (Nikola Pajkovsky) [922354 922355] {CVE-2012-6548}
- [scsi] lpfc: Fixed deadlock between hbalock and nlp_lock use (Rob Evers) [962368 960717]
- [kernel] tracing: Fix possible NULL pointer dereferences (Weiping Pan) [952212 952213] {CVE-2013-3301}
- [kernel] tracing: Fix panic when lseek() called on 'trace' opened for writing (Weiping Pan) [952212 952213] {CVE-2013-3301}
- [net] atm: update msg_namelen in vcc_recvmsg() (Nikola Pajkovsky) [955224 955225] {CVE-2013-3222}
- [x86] apic: Work around boot failure on HP ProLiant DL980 G7 Server systems (Prarit Bhargava) [969326 912963]
- [x86] apic: Use probe routines to simplify apic selection (Prarit Bhargava) [969326 912963]
- [x86] x2apic: Simplify apic init in SMP and UP builds (Prarit Bhargava) [969326 912963]
- [kvm] vmx: provide the vmclear function and a bitmap to support VMCLEAR in kdump (Andrew Jones) [962372 908608]
- [x86] kexec: VMCLEAR VMCSs loaded on all cpus if necessary (Andrew Jones) [962372 908608]
- [fs] ext3: Fix format string issues (Nikola Pajkovsky) [920784 920785] {CVE-2013-1848}
- [kernel] signal: always clear sa_restorer on execve (Nikola Pajkovsky) [920505 920506] {CVE-2013-0914}

[2.6.32-358.12.1]
- [fs] Panic in gfs2_inplace_reserve after fix from BZ#875753 (Robert S Peterson) [924847 922999]
- [nfs] sunrpc: Prevent an rpc_task wakeup race (Dave Wysochanski) [956979 840860]
- [nfs] sunrpc: clarify comments on rpc_make_runnable (Dave Wysochanski) [956979 840860]
- [x86] acpi: Avoid SRAT table checks for Fujitsu Primequest systems (Prarit Bhargava) [973198 966853]
- [x86] oprofile: Fix crash when unloading module in nmi timer mode (Don Zickus) [972586 828936]
- [block] propagate proper return codes from blk_get_request callers (Jeff Moyer) [958684 927918]
- [block] Check the return value from blk_get_request (Jeff Moyer) [958684 927918]
- [virt] kvm/mmu: fix hashing for TDP and non-paging modes (Marcelo Tosatti) [966432 908751]
- [virt] kvm/mmu: Fix free memory accounting race in mmu_alloc_roots() (Marcelo Tosatti) [966432 908751]
- [virt] kvm/mmu: Don't flush shadow when enabling dirty tracking (Marcelo Tosatti) [966432 908751]

Package	Affected Version
pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-6	< 2.6.32-358.14.1.el6
pkg:rpm/oraclelinux/perf?distro=oraclelinux-6	< 2.6.32-358.14.1.el6
pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6	< 2.6.32-358.14.1.el6
pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6	< 2.6.32-358.14.1.el6
pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6	< 2.6.32-358.14.1.el6
pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6	< 2.6.32-358.14.1.el6
pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6	< 2.6.32-358.14.1.el6
pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6	< 2.6.32-358.14.1.el6
pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6	< 2.6.32-358.14.1.el6

ID

ELSA-2013-1051

Severity

moderate

URL

https://linux.oracle.com/errata/ELSA-2013-1051.html

Published

2013-07-16T00:00:00
(11 years ago)

Modified

2013-07-16T00:00:00
(11 years ago)

Rights

Other Advisories

Source	# ID	URL
elsa	ELSA-2013-1051	http://linux.oracle.com/errata/ELSA-2013-1051.html
CVE	CVE-2013-1848	http://linux.oracle.com/cve/CVE-2013-1848
CVE	CVE-2013-0914	http://linux.oracle.com/cve/CVE-2013-0914
CVE	CVE-2013-3222	http://linux.oracle.com/cve/CVE-2013-3222
CVE	CVE-2013-3224	http://linux.oracle.com/cve/CVE-2013-3224
CVE	CVE-2012-6548	http://linux.oracle.com/cve/CVE-2012-6548
CVE	CVE-2013-2128	http://linux.oracle.com/cve/CVE-2013-2128
CVE	CVE-2013-2634	http://linux.oracle.com/cve/CVE-2013-2634
CVE	CVE-2013-2635	http://linux.oracle.com/cve/CVE-2013-2635
CVE	CVE-2013-2852	http://linux.oracle.com/cve/CVE-2013-2852
CVE	CVE-2013-3225	http://linux.oracle.com/cve/CVE-2013-3225
CVE	CVE-2013-3301	http://linux.oracle.com/cve/CVE-2013-3301

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-6	oraclelinux	python-perf	< 2.6.32-358.14.1.el6	oraclelinux-6
Affected	pkg:rpm/oraclelinux/perf?distro=oraclelinux-6	oraclelinux	perf	< 2.6.32-358.14.1.el6	oraclelinux-6
Affected	pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6	oraclelinux	kernel	< 2.6.32-358.14.1.el6	oraclelinux-6
Affected	pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6	oraclelinux	kernel-headers	< 2.6.32-358.14.1.el6	oraclelinux-6
Affected	pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6	oraclelinux	kernel-firmware	< 2.6.32-358.14.1.el6	oraclelinux-6
Affected	pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6	oraclelinux	kernel-doc	< 2.6.32-358.14.1.el6	oraclelinux-6
Affected	pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6	oraclelinux	kernel-devel	< 2.6.32-358.14.1.el6	oraclelinux-6
Affected	pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6	oraclelinux	kernel-debug	< 2.6.32-358.14.1.el6	oraclelinux-6
Affected	pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6	oraclelinux	kernel-debug-devel	< 2.6.32-358.14.1.el6	oraclelinux-6

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date