[ELSA-2014-1997] kernel security and bug fix update
[2.6.32-504.3.3]
- [x86] traps: stop using IST for #SS (Petr Matousek) [1172810 1172811] {CVE-2014-9322}
[2.6.32-504.3.2]
- [md] dm-thin: fix pool_io_hints to avoid looking at max_hw_sectors (Mike Snitzer) [1161420 1161421 1142773 1145230]
[2.6.32-504.3.1]
- [s390] zcrypt: toleration of new crypto adapter hardware (Hendrik Brueckner) [1158311 1134984]
- [s390] zcrypt: support for extended number of ap domains (Hendrik Brueckner) [1158311 1134984]
- [md] dm-thin: fix potential for infinite loop in pool_io_hints (Mike Snitzer) [1161420 1161421 1142773 1145230]
[2.6.32-504.2.1]
- [fs] udf: Avoid infinite loop when processing indirect ICBs (Jacob Tanenbaum) [1142319 1142320] {CVE-2014-6410}
- [fs] isofs: unbound recursion when processing relocated directories (Jacob Tanenbaum) [1142268 1142269] {CVE-2014-5472 CVE-2014-5471}
- [net] ipv6: delete expired route in ip6_pmtu_deliver (Hannes Frederic Sowa) [1161418 1156137]
- [net] sctp: fix remote memory pressure from excessive queueing (Daniel Borkmann) [1155746 1154676] {CVE-2014-3688}
- [net] sctp: fix panic on duplicate ASCONF chunks (Daniel Borkmann) [1155733 1154676] {CVE-2014-3687}
- [net] sctp: fix skb_over_panic when receiving malformed ASCONF chunks (Daniel Borkmann) [1147857 1154676] {CVE-2014-3673}
- [net] sctp: handle association restarts when the socket is closed (Daniel Borkmann) [1147857 1154676]
- [md] dm-thin: refactor requeue_io to eliminate spinlock bouncing (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin: optimize retry_bios_on_resume (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin: sort the deferred cells (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin: direct dispatch when breaking sharing (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin: remap the bios in a cell immediately (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin: defer whole cells rather than individual bios (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin: factor out remap_and_issue_overwrite (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin: performance improvement to discard processing (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin: grab a virtual cell before looking up the mapping (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin: implement thin_merge (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm: improve documentation and code clarity in dm_merge_bvec (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin: adjust max_sectors_kb based on thinp blocksize (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] block: fix alignment_offset math that assumes io_min is a power-of-2 (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin: throttle incoming IO (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin: prefetch missing metadata pages (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-transaction-manager: add support for prefetching blocks of metadata (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin-metadata: change dm_thin_find_block to allow blocking, but not issuing, IO (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-bio-prison: switch to using a red black tree (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-bufio: evict buffers that are past the max age but retain some buffers (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-bufio: switch from a huge hash table to an rbtree (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-bufio: update last_accessed when relinking a buffer (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-bufio: use kzalloc when allocating dm_bufio_client (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin-metadata: do not allow the data block size to change (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin: cleanup noflush_work to use a proper completion (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [md] dm-thin: fix DMERR typo in pool_status error path (Mike Snitzer) [1161420 1161421 1142773 1145230]
- [fs] xfs: xlog_cil_force_lsn doesn't always wait correctly (Eric Sandeen) [1158325 1133304]
- [netdrv] ixgbe: allow TXDCTL.WRTHRESH to be 1 will small ITR values (John Greene) [1158326 1132267]
- [netdrv] ixgbe: Intel Change to allow itr changes without CONFIG_BQL support (John Greene) [1158326 1132267]
- [video] offb: Fix setting of the pseudo-palette for >8bpp (Gerd Hoffmann) [1158328 1142450]
- [video] offb: Add palette hack for qemu 'standard vga' framebuffer (Gerd Hoffmann) [1158328 1142450]
- [video] offb: Fix bug in calculating requested vram size (Gerd Hoffmann) [1158328 1142450]
- [net] sock_queue_err_skb() dont mess with sk_forward_alloc (Jiri Benc) [1155427 1148257]
- [net] guard tcp_set_keepalive() to tcp sockets (Florian Westphal) [1141744 1141746] {CVE-2012-6657}
- Revert: [net] revert 'bridge: Set vlan_features to allow offloads on vlans' (Vlad Yasevich) [1144442 1121991]
- [x86] kvm: fix PIT timer race condition (mguzik) [1149592 1149593] {CVE-2014-3611}
- [x86] kvm: vmx: handle invept and invvpid vm exits gracefull (mguzik) [1144826 1144837 1144827 1144838] {CVE-2014-3646 CVE-2014-3645}
| Package | Affected Version |
|---|---|
 pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-6
|
< 2.6.32-504.3.3.el6 |
|
pkg:rpm/oraclelinux/perf?distro=oraclelinux-6
|
< 2.6.32-504.3.3.el6 |
|
pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6
|
< 2.6.32-504.3.3.el6 |
|
pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6
|
< 2.6.32-504.3.3.el6 |
|
pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6
|
< 2.6.32-504.3.3.el6 |
|
pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6
|
< 2.6.32-504.3.3.el6 |
|
pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6
|
< 2.6.32-504.3.3.el6 |
|
pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6
|
< 2.6.32-504.3.3.el6 |
|
pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6
|
< 2.6.32-504.3.3.el6 |
|
pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-6
|
< 2.6.32-504.3.3.el6 |
- ID
- ELSA-2014-1997
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2014-1997.html
- Published
-
2014-12-16T00:00:00
(9 years ago) - Modified
-
2014-12-16T00:00:00
(9 years ago) - Rights
- Copyright 2014 Oracle, Inc.
- Other Advisories
-
-
ALAS-2014-455
-
DSA-3060-1
-
ELSA-2014-1971
-
ELSA-2014-2008
-
ELSA-2014-2010
-
ELSA-2014-3087
-
ELSA-2014-3088
-
ELSA-2014-3089
-
ELSA-2014-3103
-
ELSA-2014-3104
-
ELSA-2014-3105
-
ELSA-2014-3106
-
ELSA-2014-3107
-
ELSA-2014-3108
-
ELSA-2015-0102
-
FEDORA-2014-10312
-
FEDORA-2014-11008
-
FEDORA-2014-11031
-
FEDORA-2014-11097
-
FEDORA-2014-13020
-
FEDORA-2014-13045
-
FEDORA-2014-13558
-
FEDORA-2014-13773
-
FEDORA-2014-14068
-
FEDORA-2014-14126
-
FEDORA-2014-15200
-
FEDORA-2014-16632
-
FEDORA-2014-17244
-
FEDORA-2014-17283
-
FEDORA-2014-9959
-
FEDORA-2015-0515
-
FEDORA-2015-1672
-
FEDORA-2015-3594
-
FEDORA-2015-5024
-
FEDORA-2015-6294
-
FEDORA-2015-8518
-
RHSA-2014:1971
-
RHSA-2014:1997
-
RHSA-2014:2010
-
RHSA-2015:0102
-
SUSE-SU-2015:0481-1
-
SUSE-SU-2015:0529-1
-
SUSE-SU-2015:0581-1
-
SUSE-SU-2015:0652-1
-
SUSE-SU-2015:0736-1
-
SUSE-SU-2015:1174-1
-
SUSE-SU-2015:1376-1
-
SUSE-SU-2015:1489-1
-
SUSE-SU-2018:2062-1
-
SUSE-SU-2018:2177-1
-
USN-1644-1
-
USN-1645-1
-
USN-1899-1
-
USN-1900-1
-
USN-2354-1
-
USN-2355-1
-
USN-2356-1
-
USN-2357-1
-
USN-2358-1
-
USN-2359-1
-
USN-2374-1
-
USN-2375-1
-
USN-2376-1
-
USN-2377-1
-
USN-2378-1
-
USN-2379-1
-
USN-2417-1
-
USN-2418-1
-
USN-2441-1
-
USN-2442-1
-
USN-2443-1
-
USN-2445-1
-
USN-2446-1
-
USN-2447-1
-
USN-2448-1
-
USN-2462-1
-
USN-2464-1
-
USN-2491-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2014-1997 |
|
|
| CVE | CVE-2014-3687 |
|
|
| CVE | CVE-2014-3673 |
|
|
| CVE | CVE-2014-3688 |
|
|
| CVE | CVE-2014-6410 |
|
|
| CVE | CVE-2012-6657 |
|
|
| CVE | CVE-2014-5471 |
|
|
| CVE | CVE-2014-5472 |
|
|
| CVE | CVE-2014-9322 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-6 | oraclelinux |
python-perf
|
< 2.6.32-504.3.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-6 | oraclelinux |
perf
|
< 2.6.32-504.3.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6 | oraclelinux |
kernel
|
< 2.6.32-504.3.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6 | oraclelinux |
kernel-headers
|
< 2.6.32-504.3.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6 | oraclelinux |
kernel-firmware
|
< 2.6.32-504.3.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6 | oraclelinux |
kernel-doc
|
< 2.6.32-504.3.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6 | oraclelinux |
kernel-devel
|
< 2.6.32-504.3.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6 | oraclelinux |
kernel-debug
|
< 2.6.32-504.3.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6 | oraclelinux |
kernel-debug-devel
|
< 2.6.32-504.3.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-6 | oraclelinux |
kernel-abi-whitelists
|
< 2.6.32-504.3.3.el6 | oraclelinux-6 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |