LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Oracle alert ELSA-2012-2014 (kernel)



From:
    	      Errata Announcements for Oracle Linux <el-errata@oss.oracle.com> 


To:
    	      el-errata@oss.oracle.com 


Subject:
    	      [El-errata] ELSA-2012-2014 Moderate: Oracle Linux 6 Unbreakable
 Enterprise kernel security update 


Date:
    	      Mon, 21 May 2012 16:01:11 -0700


Message-ID:
    	      <4FBAC937.8070001@oracle.com>


Archive-link:
    	      Article, Thread
              


Oracle Linux Security Advisory ELSA-2012-2014

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
kernel-uek-firmware-2.6.32-300.25.1.el6uek.noarch.rpm
kernel-uek-doc-2.6.32-300.25.1.el6uek.noarch.rpm
kernel-uek-2.6.32-300.25.1.el6uek.i686.rpm
kernel-uek-headers-2.6.32-300.25.1.el6uek.i686.rpm
kernel-uek-devel-2.6.32-300.25.1.el6uek.i686.rpm
kernel-uek-debug-devel-2.6.32-300.25.1.el6uek.i686.rpm
kernel-uek-debug-2.6.32-300.25.1.el6uek.i686.rpm
ofa-2.6.32-300.25.1.el6uek-1.5.1-4.0.47.i686.rpm
ofa-2.6.32-300.25.1.el6uekdebug-1.5.1-4.0.47.i686.rpm
mlnx_en-2.6.32-300.25.1.el6uek-1.5.7-0.1.i686.rpm
mlnx_en-2.6.32-300.25.1.el6uekdebug-1.5.7-0.1.i686.rpm

x86_64:
kernel-uek-firmware-2.6.32-300.25.1.el6uek.noarch.rpm
kernel-uek-doc-2.6.32-300.25.1.el6uek.noarch.rpm
kernel-uek-2.6.32-300.25.1.el6uek.x86_64.rpm
kernel-uek-headers-2.6.32-300.25.1.el6uek.x86_64.rpm
kernel-uek-devel-2.6.32-300.25.1.el6uek.x86_64.rpm
kernel-uek-debug-devel-2.6.32-300.25.1.el6uek.x86_64.rpm
kernel-uek-debug-2.6.32-300.25.1.el6uek.x86_64.rpm
ofa-2.6.32-300.25.1.el6uek-1.5.1-4.0.47.x86_64.rpm
ofa-2.6.32-300.25.1.el6uekdebug-1.5.1-4.0.47.x86_64.rpm
mlnx_en-2.6.32-300.25.1.el6uek-1.5.7-0.1.x86_64.rpm
mlnx_en-2.6.32-300.25.1.el6uekdebug-1.5.7-0.1.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-2.6.32...
http://oss.oracle.com/ol6/SRPMS-updates/ofa-2.6.32-300.25...
http://oss.oracle.com/ol6/SRPMS-updates/mlnx_en-2.6.32-30...


Users with Oracle Linux Premier Support can now use Ksplice to patch
against this Security Advisory.

We recommend that all users of  Oracle Linux 5 install these updates.

Users of Ksplice Uptrack can install these updates by running :

# /usr/sbin/uptrack-upgrade -y
On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any additional action.

Description of changes:

* CVE-2011-4086: Denial of service in journaling block device.

The journal block device assumed that a buffer marked as unwritten
or delay could be live without checking if the buffer was mapped.

An unprivileged local user could use this flaw to crash the system.


[2.6.32-300.25.1.el6uek]
- jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen)
   [Bugdb: 13871] {CVE-2011-4086}


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
http://oss.oracle.com/mailman/listinfo/el-errata
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds