1. Home
  2. Security Advisories
  3. Oracle Linux
  4. ELSA-2014-1971

[ELSA-2014-1971] kernel security and bug fix update

Severity Important
Affected Packages 12
CVEs 18
Info Packages References Vulnerabilities

[3.10.0-123.13.1]
- Oracle Linux certificates (Alexey Petrenko)

[3.10.0-123.13.1]
- [powerpc] mm: Make sure a local_irq_disable prevent a parallel THP split (Don Zickus) [1151057 1083296]
- [powerpc] Implement __get_user_pages_fast() (Don Zickus) [1151057 1083296]
- [scsi] vmw_pvscsi: Some improvements in pvscsi driver (Ewan Milne) [1144016 1075090]
- [scsi] vmw_pvscsi: Add support for I/O requests coalescing (Ewan Milne) [1144016 1075090]
- [scsi] vmw_pvscsi: Fix pvscsi_abort() function (Ewan Milne) [1144016 1075090]

[3.10.0-123.12.1]
- [alsa] control: Make sure that id->index does not overflow (Jaroslav Kysela) [1117313 1117314] {CVE-2014-4656}
- [alsa] control: Handle numid overflow (Jaroslav Kysela) [1117313 1117314] {CVE-2014-4656}
- [alsa] control: Protect user controls against concurrent access (Jaroslav Kysela) [1117338 1117339] {CVE-2014-4652}
- [alsa] control: Fix replacing user controls (Jaroslav Kysela) [1117323 1117324] {CVE-2014-4654 CVE-2014-4655}
- [net] sctp: fix remote memory pressure from excessive queueing (Daniel Borkmann) [1155750 1152755] {CVE-2014-3688}
- [net] sctp: fix panic on duplicate ASCONF chunks (Daniel Borkmann) [1155737 1152755] {CVE-2014-3687}
- [net] sctp: fix skb_over_panic when receiving malformed ASCONF chunks (Daniel Borkmann) [1147856 1152755] {CVE-2014-3673}
- [net] sctp: handle association restarts when the socket is closed (Daniel Borkmann) [1147856 1152755] [1155737 1152755] [1155750 1152755]
- [pci] Add ACS quirk for Intel 10G NICs (Alex Williamson) [1156447 1141399]
- [pci] Add ACS quirk for Solarflare SFC9120 & SFC9140 (Alex Williamson) [1158316 1131552]
- [lib] assoc_array: Fix termination condition in assoc array garbage collection (David Howells) [1155136 1139431] {CVE-2014-3631}
- [block] cfq-iosched: Add comments on update timing of weight (Vivek Goyal) [1152874 1116126]
- [block] cfq-iosched: Fix wrong children_weight calculation (Vivek Goyal) [1152874 1116126]
- [powerpc] mm: Check paca psize is up to date for huge mappings (Gustavo Duarte) [1151927 1107337]
- [x86] perf/intel: ignore CondChgd bit to avoid false NMI handling (Don Zickus) [1146819 1110264]
- [x86] smpboot: initialize secondary CPU only if master CPU will wait for it (Phillip Lougher) [1144295 968147]
- [x86] smpboot: Log error on secondary CPU wakeup failure at ERR level (Igor Mammedov) [1144295 968147]
- [x86] smpboot: Fix list/memory corruption on CPU hotplug (Igor Mammedov) [1144295 968147]
- [acpi] processor: do not mark present at boot but not onlined CPU as onlined (Igor Mammedov) [1144295 968147]
- [fs] udf: Avoid infinite loop when processing indirect ICBs (Jacob Tanenbaum) [1142321 1142322] {CVE-2014-6410}
- [hid] picolcd: fix memory corruption via OOB write (Jacob Tanenbaum) [1141408 1141409] {CVE-2014-3186}
- [usb] serial/whiteheat: fix memory corruption flaw (Jacob Tanenbaum) [1141403 1141404] {CVE-2014-3185}
- [hid] fix off by one error in various _report_fixup routines (Jacob Tanenbaum) [1141393 1141394] {CVE-2014-3184}
- [hid] logitech-dj: fix OOB array access (Jacob Tanenbaum) [1141211 1141212] {CVE-2014-3182}
- [hid] fix OOB write in magicmouse driver (Jacob Tanenbaum) [1141176 1141177] {CVE-2014-3181}
- [acpi] Fix bug when ACPI reset register is implemented in system memory (Nigel Croxon) [1136525 1109971]
- [fs] vfs: fix ref count leak in path_mountpoint() (Ian Kent) [1122481 1122376] {CVE-2014-5045}
- [kernel] ptrace: get_dumpable() incorrect tests (Jacob Tanenbaum) [1111605 1111606] {CVE-2013-2929}
- [media] media-device: fix an information leakage (Jacob Tanenbaum) [1109776 1109777] {CVE-2014-1739}
- [target] rd: Refactor rd_build_device_space + rd_release_device_space (Denys Vlasenko) [1108754 1108755] {CVE-2014-4027}
- [block] blkcg: fix use-after-free in __blkg_release_rcu() by making blkcg_gq refcnt an atomic_t (Vivek Goyal) [1158313 1118436]
- [virt] kvm: fix PIT timer race condition (Petr Matousek) [1144879 1144880] {CVE-2014-3611}
- [virt] kvm/vmx: handle invept and invvpid vm exits gracefully (Petr Matousek) [1145449 1116936] [1144828 1144829] {CVE-2014-3645 CVE-2014-3646}

[3.10.0-123.11.1]
- [net] fix UDP tunnel GSO of frag_list GRO packets (Phillip Lougher) [1149661 1119392]

[3.10.0-123.10.1]
- [pci] hotplug: Prevent NULL dereference during pciehp probe (Myron Stowe) [1142393 1133107]
- [kernel] workqueue: apply __WQ_ORDERED to create_singlethread_workqueue() (Tomas Henzl) [1151314 1131563]

Package Affected Version
pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 < 3.10.0-123.13.1.el7
pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 < 3.10.0-123.13.1.el7
pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 < 3.10.0-123.13.1.el7
pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 < 3.10.0-123.13.1.el7
pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 < 3.10.0-123.13.1.el7
pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 < 3.10.0-123.13.1.el7
pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 < 3.10.0-123.13.1.el7
pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 < 3.10.0-123.13.1.el7
pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 < 3.10.0-123.13.1.el7
pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 < 3.10.0-123.13.1.el7
pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 < 3.10.0-123.13.1.el7
pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 < 3.10.0-123.13.1.el7
ID
ELSA-2014-1971
Severity
important
URL
https://linux.oracle.com/errata/ELSA-2014-1971.html
Published
2014-12-09T00:00:00
(9 years ago)
Modified
2014-12-09T00:00:00
(9 years ago)
Rights
Copyright 2014 Oracle, Inc.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 oraclelinux python-perf < 3.10.0-123.13.1.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 oraclelinux perf < 3.10.0-123.13.1.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 oraclelinux kernel < 3.10.0-123.13.1.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 oraclelinux kernel-tools < 3.10.0-123.13.1.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 oraclelinux kernel-tools-libs < 3.10.0-123.13.1.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 oraclelinux kernel-tools-libs-devel < 3.10.0-123.13.1.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 oraclelinux kernel-headers < 3.10.0-123.13.1.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 oraclelinux kernel-doc < 3.10.0-123.13.1.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 oraclelinux kernel-devel < 3.10.0-123.13.1.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 oraclelinux kernel-debug < 3.10.0-123.13.1.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 oraclelinux kernel-debug-devel < 3.10.0-123.13.1.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 oraclelinux kernel-abi-whitelists < 3.10.0-123.13.1.el7 oraclelinux-7
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date