[ELSA-2016-3587] kernel-uek security update

Severity Important

Affected Packages 14

CVEs 3

kernel-uek
[4.1.12-37.6.1]
- vfs: rename: check backing inode being equal (Miklos Szeredi) [Orabug: 24010060] {CVE-2016-6198} {CVE-2016-6197}
- vfs: add vfs_select_inode() helper (Miklos Szeredi) [Orabug: 24010060] {CVE-2016-6198} {CVE-2016-6197}
- ovl: verify upper dentry before unlink and rename (Miklos Szeredi) [Orabug: 24010060] {CVE-2016-6198} {CVE-2016-6197}
- ovl: fix getcwd() failure after unsuccessful rmdir (Rui Wang) [Orabug: 24010060] {CVE-2016-6198} {CVE-2016-6197}
- xen: use same main loop for counting and remapping pages (Juergen Gross) [Orabug: 24012238]
- Revert 'ocfs2: bump up o2cb network protocol version' (Junxiao Bi) [Orabug: 23710417]
- atl2: Disable unimplemented scatter/gather feature (Ben Hutchings) [Orabug: 23704078] {CVE-2016-2117}
- Revert 'perf tools: Bump default sample freq to 4 kHz' (ashok.vairavan) [Orabug: 23634802]
- block: Initialize max_dev_sectors to 0 (Keith Busch) [Orabug: 23333444]
- sd: Fix rw_max for devices that report an optimal xfer size (Martin K. Petersen) [Orabug: 23333444]
- sd: Fix excessive capacity printing on devices with blocks bigger than 512 bytes (Martin K. Petersen) [Orabug: 23333444]
- sd: Optimal I/O size is in bytes, not sectors (Martin K. Petersen) [Orabug: 23333444]
- sd: Reject optimal transfer length smaller than page size (Martin K. Petersen) [Orabug: 23333444]
- Fix kabi issue for upstream commit ca369d51 (Joe Jin) [Orabug: 23333444]
- block/sd: Fix device-imposed transfer length limits (Joe Jin) [Orabug: 23333444]

Package	Affected Version
pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7	< 4.1.12-37.6.1.el7uek
pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6	< 4.1.12-37.6.1.el6uek
pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7	< 4.1.12-37.6.1.el7uek
pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6	< 4.1.12-37.6.1.el6uek
pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7	< 4.1.12-37.6.1.el7uek
pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6	< 4.1.12-37.6.1.el6uek
pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7	< 4.1.12-37.6.1.el7uek
pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6	< 4.1.12-37.6.1.el6uek
pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7	< 4.1.12-37.6.1.el7uek
pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6	< 4.1.12-37.6.1.el6uek
pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7	< 4.1.12-37.6.1.el7uek
pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6	< 4.1.12-37.6.1.el6uek
pkg:rpm/oraclelinux/dtrace-modules-4.1.12-37.6.1.el7uek?distro=oraclelinux-7	< 0.5.2-1.el7
pkg:rpm/oraclelinux/dtrace-modules-4.1.12-37.6.1.el6uek?distro=oraclelinux-6	< 0.5.2-1.el6

ID

ELSA-2016-3587

Severity

important

URL

https://linux.oracle.com/errata/ELSA-2016-3587.html

Published

2016-07-29T00:00:00
(8 years ago)

Modified

2016-07-29T00:00:00
(8 years ago)

Rights

Other Advisories

Source	# ID	URL
elsa	ELSA-2016-3587	http://linux.oracle.com/errata/ELSA-2016-3587.html
CVE	CVE-2016-6197	http://linux.oracle.com/cve/CVE-2016-6197.html
CVE	CVE-2016-2117	http://linux.oracle.com/cve/CVE-2016-2117.html
CVE	CVE-2016-6198	http://linux.oracle.com/cve/CVE-2016-6198.html

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7	oraclelinux	kernel-uek	< 4.1.12-37.6.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6	oraclelinux	kernel-uek	< 4.1.12-37.6.1.el6uek	oraclelinux-6
Affected	pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7	oraclelinux	kernel-uek-firmware	< 4.1.12-37.6.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6	oraclelinux	kernel-uek-firmware	< 4.1.12-37.6.1.el6uek	oraclelinux-6
Affected	pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7	oraclelinux	kernel-uek-doc	< 4.1.12-37.6.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6	oraclelinux	kernel-uek-doc	< 4.1.12-37.6.1.el6uek	oraclelinux-6
Affected	pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7	oraclelinux	kernel-uek-devel	< 4.1.12-37.6.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6	oraclelinux	kernel-uek-devel	< 4.1.12-37.6.1.el6uek	oraclelinux-6
Affected	pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7	oraclelinux	kernel-uek-debug	< 4.1.12-37.6.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6	oraclelinux	kernel-uek-debug	< 4.1.12-37.6.1.el6uek	oraclelinux-6
Affected	pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7	oraclelinux	kernel-uek-debug-devel	< 4.1.12-37.6.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6	oraclelinux	kernel-uek-debug-devel	< 4.1.12-37.6.1.el6uek	oraclelinux-6
Affected	pkg:rpm/oraclelinux/dtrace-modules-4.1.12-37.6.1.el7uek?distro=oraclelinux-7	oraclelinux	dtrace-modules-4.1.12-37.6.1.el7uek	< 0.5.2-1.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/dtrace-modules-4.1.12-37.6.1.el6uek?distro=oraclelinux-6	oraclelinux	dtrace-modules-4.1.12-37.6.1.el6uek	< 0.5.2-1.el6	oraclelinux-6

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date