[ELSA-2017-1615] kernel security and bug fix update
- [3.10.0-514.26.1.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [bug 24817676]
[3.10.0-514.26.1]
- [mm] enlarge stack guard gap (Larry Woodman) [1452732 1452733] {CVE-2017-1000364}
- Revert: [md] dm mirror: use all available legs on multiple failures (Mike Snitzer) [1449176 1383444]
[3.10.0-514.25.1]
- [lib] kobject: grab an extra reference on kobject->sd to allow duplicate deletes (Aristeu Rozanski) [1454851 1427252]
- [kernel] module: When modifying a module's text ignore modules which are going away too (Aaron Tomlin) [1454684 1386313]
- [kernel] module: Ensure a module's state is set accordingly during module coming cleanup code (Aaron Tomlin) [1454684 1386313]
- [net] vxlan: do not output confusing error message (Jiri Benc) [1454636 1445054]
- [net] vxlan: correctly handle ipv6.disable module parameter (Jiri Benc) [1454636 1445054]
- [iommu] vt-d: fix range computation when making room for large pages (Alex Williamson) [1450856 1435612]
- [fs] nfsd: stricter decoding of write-like NFSv2/v3 ops ('J. Bruce Fields') [1449282 1443204] {CVE-2017-7895}
- [fs] nfsd4: minor NFSv2/v3 write decoding cleanup ('J. Bruce Fields') [1449282 1443204] {CVE-2017-7895}
- [md] dm mirror: use all available legs on multiple failures (Mike Snitzer) [1449176 1383444]
- [fs] nfsd: check for oversized NFSv2/v3 arguments ('J. Bruce Fields') [1447642 1442407] {CVE-2017-7645}
- [scsi] ses: don't get power status of SES device slot on probe (Gustavo Duarte) [1446650 1434768]
- [scsi] ipr: do not set DID_PASSTHROUGH on CHECK CONDITION (Steve Best) [1446649 1441747]
- [net] macsec: dynamically allocate space for sglist (Sabrina Dubroca) [1445546 1445545] {CVE-2017-7477}
- [net] macsec: avoid heap overflow in skb_to_sgvec (Sabrina Dubroca) [1445546 1445545] {CVE-2017-7477}
- [fs] gfs2: Allow glocks to be unlocked after withdraw (Robert S Peterson) [1433882 1404005]
- [net] tcp: avoid infinite loop in tcp_splice_read() (Davide Caratti) [1430579 1430580] {CVE-2017-6214}
- [mm] vma_merge: correct false positive from __vma_unlink->validate_mm_rb (Andrea Arcangeli) [1428840 1374548]
- [mm] vma_merge: fix race vm_page_prot race condition against rmap_walk (Andrea Arcangeli) [1428840 1374548]
- [mm] fix use-after-free if memory allocation failed in vma_adjust() (Andrea Arcangeli) [1428840 1374548]
- [x86] kvm: x86: fix emulation of 'MOV SS, null selector' (Radim Krcmar) [1414742 1414743] {CVE-2017-2583}
- [powerpc] prom: Increase minimum RMA size to 512MB (Gustavo Duarte) [1450041 1411321]
- [pci] pciehp: Prioritize data-link event over presence detect (Myron Stowe) [1450124 1435818]
- [pci] pciehp: Don't re-read Slot Status when queuing hotplug event (Myron Stowe) [1450124 1435818]
- [pci] pciehp: Process all hotplug events before looking for new ones (Myron Stowe) [1450124 1435818]
- [pci] pciehp: Rename pcie_isr() locals for clarity (Myron Stowe) [1450124 1435818]
[3.10.0-514.24.1]
- [scsi] lpfc: Fix panic on BFS configuration (Maurizio Lombardi) [1452044 1443116]
- [vfio] type1: Reduce repetitive calls in vfio_pin_pages_remote() (Alex Williamson) [1450855 1438403]
- [vfio] type1: Remove locked page accounting workqueue (Alex Williamson) [1450855 1438403]
- [fs] nfs: Allow getattr to also report readdirplus cache hits (Dave Wysochanski) [1450851 1442068]
- [fs] nfs: Be more targeted about readdirplus use when doing lookup/revalidation (Dave Wysochanski) [1450851 1442068]
- [fs] nfs: Fix a performance regression in XXXXXXX (Dave Wysochanski) [1450851 1442068]
- [x86] xen: do not re-use pirq number cached in pci device msi msg data (Vitaly Kuznetsov) [1450037 1433831]
- [powerpc] mm: Add missing global TLB invalidate if cxl is active (Steve Best) [1449178 1440776]
- [powerpc] boot: Fix zImage TOC alignment (Gustavo Duarte) [1444343 1395838]
[3.10.0-514.23.1]
- [scsi] qla2xxx: Defer marking device lost when receiving an RSCN (Himanshu Madhani) [1446246 1436940]
- [scsi] qla2xxx: Fix typo in driver (Himanshu Madhani) [1446246 1436940]
- [scsi] qla2xxx: Fix crash in qla2xxx_eh_abort on bad ptr (Himanshu Madhani) [1446246 1436940]
- [scsi] qla2xxx: Avoid that issuing a LIP triggers a kernel crash (Himanshu Madhani) [1446246 1436940]
- [scsi] qla2xxx: Add fix to read correct register value for ISP82xx (Himanshu Madhani) [1446246 1436940]
- [scsi] qla2xxx: Disable the adapter and skip error recovery in case of register disconnect (Himanshu Madhani) [1446246 1436940]
[3.10.0-514.22.1]
- [mm] hugetlb: don't use reserved during VM_SHARED mapping cow (Larry Woodman) [1445184 1385473]
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | < 3.10.0-514.26.1.el7 |
pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | < 3.10.0-514.26.1.el7 |
pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 | < 3.10.0-514.26.1.el7 |
pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 | < 3.10.0-514.26.1.el7 |
pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 | < 3.10.0-514.26.1.el7 |
pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 | < 3.10.0-514.26.1.el7 |
pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 | < 3.10.0-514.26.1.el7 |
pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 | < 3.10.0-514.26.1.el7 |
pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 | < 3.10.0-514.26.1.el7 |
pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 | < 3.10.0-514.26.1.el7 |
pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 | < 3.10.0-514.26.1.el7 |
pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 | < 3.10.0-514.26.1.el7 |
- ID
- ELSA-2017-1615
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2017-1615.html
- Published
-
2017-06-28T00:00:00
(7 years ago) - Modified
-
2017-06-28T00:00:00
(7 years ago) - Rights
- Copyright 2017 Oracle, Inc.
- Other Advisories
-
- ALAS-2017-805
- ASA-201701-32
- ASA-201701-35
- ASA-201701-38
- DSA-3791-1
- DSA-3804-1
- DSA-3886-1
- ELSA-2017-1372
- ELSA-2017-1723
- ELSA-2017-2412
- ELSA-2017-3539
- ELSA-2017-3565
- ELSA-2017-3566
- ELSA-2017-3567
- ELSA-2017-3576
- ELSA-2017-3589
- ELSA-2017-3590
- ELSA-2017-3591
- ELSA-2018-1319
- FEDORA-2017-0aa0f69e0c
- FEDORA-2017-17d1c05236
- FEDORA-2017-18ce368ba3
- FEDORA-2017-7462231059
- FEDORA-2017-9b50e28441
- FEDORA-2017-ad045f80ac
- FEDORA-2017-b9b1ac0d15
- FEDORA-2017-e6012e74b6
- RHSA-2017:1372
- RHSA-2017:1615
- RHSA-2017:1616
- RHSA-2017:1723
- RHSA-2018:1319
- SUSE-SU-2017:0407-1
- SUSE-SU-2017:0464-1
- SUSE-SU-2017:0471-1
- SUSE-SU-2017:0575-1
- SUSE-SU-2017:1183-1
- SUSE-SU-2017:1247-1
- SUSE-SU-2017:1301-1
- SUSE-SU-2017:1360-1
- SUSE-SU-2017:1990-1
- SUSE-SU-2017:2043-1
- SUSE-SU-2017:2046-1
- SUSE-SU-2017:2049-1
- SUSE-SU-2017:2060-1
- SUSE-SU-2017:2061-1
- SUSE-SU-2017:2062-1
- SUSE-SU-2017:2063-1
- SUSE-SU-2017:2064-1
- SUSE-SU-2017:2065-1
- SUSE-SU-2017:2066-1
- SUSE-SU-2017:2067-1
- SUSE-SU-2017:2068-1
- SUSE-SU-2017:2070-1
- SUSE-SU-2017:2072-1
- SUSE-SU-2017:2073-1
- SUSE-SU-2017:2088-1
- SUSE-SU-2017:2091-1
- SUSE-SU-2017:2092-1
- SUSE-SU-2017:2093-1
- SUSE-SU-2017:2095-1
- SUSE-SU-2017:2096-1
- SUSE-SU-2017:2098-1
- SUSE-SU-2017:2099-1
- SUSE-SU-2017:2100-1
- SUSE-SU-2017:2102-1
- SUSE-SU-2017:2103-1
- SUSE-SU-2017:2342-1
- SUSE-SU-2017:2475-1
- SUSE-SU-2017:2476-1
- SUSE-SU-2017:2497-1
- SUSE-SU-2017:2525-1
- SUSE-SU-2017:2775-1
- USN-3208-1
- USN-3208-2
- USN-3265-1
- USN-3265-2
- USN-3292-1
- USN-3292-2
- USN-3293-1
- USN-3312-1
- USN-3312-2
- USN-3314-1
- USN-3359-1
- USN-3360-1
- USN-3360-2
- USN-3361-1
- USN-3422-1
- USN-3422-2
- USN-3754-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2017-1615 | http://linux.oracle.com/errata/ELSA-2017-1615.html | |
CVE | CVE-2017-2583 | http://linux.oracle.com/cve/CVE-2017-2583.html | |
CVE | CVE-2017-6214 | http://linux.oracle.com/cve/CVE-2017-6214.html | |
CVE | CVE-2017-7895 | http://linux.oracle.com/cve/CVE-2017-7895.html | |
CVE | CVE-2017-7477 | http://linux.oracle.com/cve/CVE-2017-7477.html | |
CVE | CVE-2017-7645 | http://linux.oracle.com/cve/CVE-2017-7645.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux | python-perf | < 3.10.0-514.26.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux | perf | < 3.10.0-514.26.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 | oraclelinux | kernel | < 3.10.0-514.26.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 | oraclelinux | kernel-tools | < 3.10.0-514.26.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs | < 3.10.0-514.26.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs-devel | < 3.10.0-514.26.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 | oraclelinux | kernel-headers | < 3.10.0-514.26.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 | oraclelinux | kernel-doc | < 3.10.0-514.26.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 | oraclelinux | kernel-devel | < 3.10.0-514.26.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 | oraclelinux | kernel-debug | < 3.10.0-514.26.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-debug-devel | < 3.10.0-514.26.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 | oraclelinux | kernel-abi-whitelists | < 3.10.0-514.26.1.el7 | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |