[ELSA-2014-0771] kernel security and bug fix update
[2.6.32-431.20.3]
- [kernel] futex: Make lookup_pi_state more robust (Jerome Marchand) [1104516 1104517] {CVE-2014-3153}
- [kernel] futex: Always cleanup owner tid in unlock_pi (Jerome Marchand) [1104516 1104517] {CVE-2014-3153}
- [kernel] futex: Validate atomic acquisition in futex_lock_pi_atomic() (Jerome Marchand) [1104516 1104517] {CVE-2014-3153}
- [kernel] futex: prevent requeue pi on same futex (Jerome Marchand) [1104516 1104517] {CVE-2014-3153}
- [fs] autofs4: fix device ioctl mount lookup (Ian Kent) [1069630 999708]
- [fs] vfs: introduce kern_path_mountpoint() (Ian Kent) [1069630 999708]
- [fs] vfs: rename user_path_umountat() to user_path_mountpoint_at() (Ian Kent) [1069630 999708]
- [fs] vfs: massage umount_lookup_last() a bit to reduce nesting (Ian Kent) [1069630 999708]
- [fs] vfs: allow umount to handle mountpoints without revalidating them (Ian Kent) [1069630 999708]
- Revert: [fs] vfs: allow umount to handle mountpoints without revalidating them (Ian Kent) [1069630 999708]
- Revert: [fs] vfs: massage umount_lookup_last() a bit to reduce nesting (Ian Kent) [1069630 999708]
- Revert: [fs] vfs: rename user_path_umountat() to user_path_mountpoint_at() (Ian Kent) [1069630 999708]
- Revert: [fs] vfs: introduce kern_path_mountpoint() (Ian Kent) [1069630 999708]
- Revert: [fs] autofs4: fix device ioctl mount lookup (Ian Kent) [1069630 999708]
[2.6.32-431.20.2]
- [block] floppy: don't write kernel-only members to FDRAWCMD ioctl output (Denys Vlasenko) [1094308 1094310] {CVE-2014-1738 CVE-2014-1737}
- [block] floppy: ignore kernel-only members in FDRAWCMD ioctl input (Denys Vlasenko) [1094308 1094310] {CVE-2014-1738 CVE-2014-1737}
- [fs] vfs: fix autofs/afs/etc magic mountpoint breakage (Frantisek Hrbata) [1094370 1079347] {CVE-2014-0203}
- [char] n_tty: Fix n_tty_write crash when echoing in raw mode (Aristeu Rozanski) [1094236 1094237] {CVE-2014-0196}
[2.6.32-431.20.1]
- [net] rtnetlink: Only supply IFLA_VF_PORTS information when RTEXT_FILTER_VF is set (Jiri Pirko) [1092870 1081282]
- [net] rtnetlink: Warn when interface's information won't fit in our packet (Jiri Pirko) [1092870 1081282]
- [net] bridge: Correctly receive hw-accelerated vlan traffic (Vlad Yasevich) [1096214 1067722]
- [net] vlan: Allow accelerated packets to flow through the bridge (Vlad Yasevich) [1096214 1067722]
- [infiniband] qib: Add missing serdes init sequence (Doug Ledford) [1080104 1005491]
- [infiniband] qib: Fix txselect regression (Doug Ledford) [1080104 1005491]
- [netdrv] ixgbevf: fix vlan acceleration (Nikolay Aleksandrov) [1094287 1069028]
- [security] selinux: Fix kernel BUG on empty security contexts (Paul Moore) [1062502 1064545] {CVE-2014-1874}
- [netdrv] libertas: potential oops in debugfs (Denys Vlasenko) [1034176 1034177] {CVE-2013-6378}
- [kernel] cgroup: move put_css_set() after setting CGRP_RELEASABLE bit to fix notify_on_release (Naoya Horiguchi) [1081909 1037465]
- [kernel] sched: Use exit hook to avoid use-after-free crash (Naoya Horiguchi) [1081914 1032347]
- [kernel] cgroup: replace list_del() with list_del_init() to avoid panic (Naoya Horiguchi) [1081915 1032343]
- [x86] turbostat: display C8, C9, C10 residency (Neil Horman) [1096711 1080637]
- [scsi] lpfc 8.3.44: Fix kernel panics from corrupted ndlp list (Rob Evers) [1086839 1063699]
- [s390] fix kernel crash due to linkage stack instructions (Hendrik Brueckner) [1067678 1067679] {CVE-2014-2039}
- [x86] kvm: rate-limit global clock updates (Andrew Jones) [1090750 1072373]
- [kernel] hrtimers: Move SMP function call to thread context (Mateusz Guzik) [1079869 1073129]
- [kernel] hrtimers: Support resuming with two or more CPUs online (Mateusz Guzik) [1079869 1073129]
- [fs] autofs4: fix device ioctl mount lookup (Ian Kent) [1069630 999708]
- [fs] vfs: introduce kern_path_mountpoint() (Ian Kent) [1069630 999708]
- [fs] vfs: rename user_path_umountat() to user_path_mountpoint_at() (Ian Kent) [1069630 999708]
- [fs] vfs: massage umount_lookup_last() a bit to reduce nesting (Ian Kent) [1069630 999708]
- [fs] vfs: allow umount to handle mountpoints without revalidating them (Ian Kent) [1069630 999708]
- [fs] ext4: fix WARN_ON from ext4_releasepage() (Carlos Maiolino) [1063508 1036814]
- [fs] vfs: fix getname() && do_getname() interaction (Oleg Nesterov) [1075653 1024689]
- [x86] apic: Make disabled_cpu_apicid static read_mostly, fix typos (Nigel Croxon) [1082622 980621]
- [x86] kexec: Add disable_cpu_apicid kernel parameter (Nigel Croxon) [1082622 980621]
- [kvm] x86: use kvm_read/write_guest_virt_system in task switch (Paolo Bonzini) [1070296 1018581]
- [kvm] x86: small cleanups to kvm_task_switch (Paolo Bonzini) [1070296 1018581]
- [kvm] x86: propagate error from kvm_load_segment_descriptor (Paolo Bonzini) [1070296 1018581]
- [kvm] x86: improve save_guest_segment_descriptor (Paolo Bonzini) [1070296 1018581]
- [kvm] x86: introduce kvm_write_guest_virt_system (Paolo Bonzini) [1070296 1018581]
- [kvm] x86: Fix task switch privilege checks (Paolo Bonzini) [1070296 1018581]
- [powerpc] Make function that parses RTAS error logs global (Steve Best) [1091424 1028682]
- [powerpc] pseries: Add RTAS event log v6 definition (Steve Best) [1091424 1028682]
- [powerpc] pseries: Parse and handle EPOW interrupts (Steve Best) [1091424 1028682]
- [fs] nfsd: don't try to reuse an expired DRC entry off the list (Jeff Layton) [1088779 1036972]
- [fs] nfsd: when reusing an existing repcache entry, unhash it first (Jeff Layton) [1088779 1036972]
[2.6.32-431.19.1]
- [kernel] sched: fix cpu_power initialization (Radim Krcmar) [1091826 1065304]
- [fs] gfs2: Fix uninitialized VFS inode in gfs2_create_inode (Abhijith Das) [1092002 1059808]
[2.6.32-431.18.1]
- [block] fix race between request completion and timeout handling (Jeff Moyer) [1089915 919756]
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-6 | < 2.6.32-431.20.3.el6 |
pkg:rpm/oraclelinux/perf?distro=oraclelinux-6 | < 2.6.32-431.20.3.el6 |
pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6 | < 2.6.32-431.20.3.el6 |
pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6 | < 2.6.32-431.20.3.el6 |
pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6 | < 2.6.32-431.20.3.el6 |
pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6 | < 2.6.32-431.20.3.el6 |
pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6 | < 2.6.32-431.20.3.el6 |
pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6 | < 2.6.32-431.20.3.el6 |
pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6 | < 2.6.32-431.20.3.el6 |
pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-6 | < 2.6.32-431.20.3.el6 |
- ID
- ELSA-2014-0771
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2014-0771.html
- Published
-
2014-06-19T00:00:00
(10 years ago) - Modified
-
2014-06-19T00:00:00
(10 years ago) - Rights
- Copyright 2014 Oracle, Inc.
- Other Advisories
-
- ALAS-2014-289
- ALAS-2014-363
- ALAS-2014-392
- CISA-2022:0525
- DSA-2926-1
- DSA-2949-1
- ELSA-2014-0740
- ELSA-2014-0786
- ELSA-2014-3037
- ELSA-2014-3038
- ELSA-2014-3039
- ELSA-2014-3041
- ELSA-2014-3042
- ELSA-2014-3043
- FEDORA-2013-22531
- FEDORA-2013-22669
- FEDORA-2013-22695
- FEDORA-2013-23653
- FEDORA-2014-0684
- FEDORA-2014-1072
- FEDORA-2014-11008
- FEDORA-2014-11031
- FEDORA-2014-13020
- FEDORA-2014-13045
- FEDORA-2014-13558
- FEDORA-2014-13773
- FEDORA-2014-14068
- FEDORA-2014-15200
- FEDORA-2014-16632
- FEDORA-2014-17244
- FEDORA-2014-17283
- FEDORA-2014-2576
- FEDORA-2014-2606
- FEDORA-2014-2887
- FEDORA-2014-3094
- FEDORA-2014-3442
- FEDORA-2014-3448
- FEDORA-2014-4317
- FEDORA-2014-4360
- FEDORA-2014-4675
- FEDORA-2014-4844
- FEDORA-2014-4849
- FEDORA-2014-5235
- FEDORA-2014-5609
- FEDORA-2014-6122
- FEDORA-2014-6354
- FEDORA-2014-6357
- FEDORA-2014-7033
- FEDORA-2014-7128
- FEDORA-2014-7320
- FEDORA-2014-7426
- FEDORA-2014-7430
- FEDORA-2014-7863
- FEDORA-2014-8171
- FEDORA-2014-8487
- FEDORA-2014-8519
- FEDORA-2014-9010
- FEDORA-2014-9142
- FEDORA-2014-9449
- FEDORA-2014-9466
- FEDORA-2014-9959
- FEDORA-2015-0515
- FEDORA-2015-1672
- FEDORA-2015-3594
- FEDORA-2015-5024
- FEDORA-2015-6294
- FEDORA-2015-8518
- RHSA-2014:0771
- RHSA-2014:0786
- SUSE-SU-2015:0481-1
- SUSE-SU-2015:0581-1
- SUSE-SU-2015:0652-1
- SUSE-SU-2015:0736-1
- SUSE-SU-2015:1174-1
- SUSE-SU-2015:1376-1
- USN-2064-1
- USN-2065-1
- USN-2066-1
- USN-2067-1
- USN-2070-1
- USN-2075-1
- USN-2111-1
- USN-2112-1
- USN-2114-1
- USN-2115-1
- USN-2116-1
- USN-2128-1
- USN-2129-1
- USN-2133-1
- USN-2134-1
- USN-2135-1
- USN-2136-1
- USN-2137-1
- USN-2138-1
- USN-2139-1
- USN-2140-1
- USN-2141-1
- USN-2219-1
- USN-2220-1
- USN-2221-1
- USN-2223-1
- USN-2224-1
- USN-2225-1
- USN-2226-1
- USN-2227-1
- USN-2228-1
- USN-2233-1
- USN-2234-1
- USN-2235-1
- USN-2236-1
- USN-2237-1
- USN-2238-1
- USN-2239-1
- USN-2240-1
- USN-2241-1
- USN-2260-1
- USN-2332-1
- USN-2333-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2014-0771 | http://linux.oracle.com/errata/ELSA-2014-0771.html | |
CVE | CVE-2014-3153 | http://linux.oracle.com/cve/CVE-2014-3153 | |
CVE | CVE-2014-1737 | http://linux.oracle.com/cve/CVE-2014-1737 | |
CVE | CVE-2014-1738 | http://linux.oracle.com/cve/CVE-2014-1738 | |
CVE | CVE-2013-6378 | http://linux.oracle.com/cve/CVE-2013-6378 | |
CVE | CVE-2014-0203 | http://linux.oracle.com/cve/CVE-2014-0203 | |
CVE | CVE-2014-1874 | http://linux.oracle.com/cve/CVE-2014-1874 | |
CVE | CVE-2014-2039 | http://linux.oracle.com/cve/CVE-2014-2039 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-6 | oraclelinux | python-perf | < 2.6.32-431.20.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-6 | oraclelinux | perf | < 2.6.32-431.20.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6 | oraclelinux | kernel | < 2.6.32-431.20.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6 | oraclelinux | kernel-headers | < 2.6.32-431.20.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6 | oraclelinux | kernel-firmware | < 2.6.32-431.20.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6 | oraclelinux | kernel-doc | < 2.6.32-431.20.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6 | oraclelinux | kernel-devel | < 2.6.32-431.20.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6 | oraclelinux | kernel-debug | < 2.6.32-431.20.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6 | oraclelinux | kernel-debug-devel | < 2.6.32-431.20.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-6 | oraclelinux | kernel-abi-whitelists | < 2.6.32-431.20.3.el6 | oraclelinux-6 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |