Oracle alert ELSA-2012-2026 (kernel)
| From: | Errata Announcements for Oracle Linux <el-errata@oss.oracle.com> | |
| To: | el-errata@oss.oracle.com | |
| Subject: | [El-errata] ELSA-2012-2026 Important: Oracle Linux 6 Unbreakable Enterprise kernel Security update | |
| Date: | Wed, 18 Jul 2012 12:05:42 -0700 | |
| Message-ID: | <50070906.7090404@oracle.com> |
Oracle Linux Security Advisory ELSA-2012-2026 The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: kernel-uek-2.6.32-300.29.2.el6uek.i686.rpm kernel-uek-debug-2.6.32-300.29.2.el6uek.i686.rpm kernel-uek-debug-devel-2.6.32-300.29.2.el6uek.i686.rpm kernel-uek-headers-2.6.32-300.29.2.el6uek.i686.rpm kernel-uek-devel-2.6.32-300.29.2.el6uek.i686.rpm kernel-uek-doc-2.6.32-300.29.2.el6uek.noarch.rpm kernel-uek-firmware-2.6.32-300.29.2.el6uek.noarch.rpm ofa-2.6.32-300.29.2.el6uek-1.5.1-4.0.58.i686.rpm ofa-2.6.32-300.29.2.el6uekdebug-1.5.1-4.0.58.i686.rpm mlnx_en-2.6.32-300.29.2.el6uek-1.5.7-0.1.i686.rpm mlnx_en-2.6.32-300.29.2.el6uekdebug-1.5.7-0.1.i686.rpm x86_64: kernel-uek-firmware-2.6.32-300.29.2.el6uek.noarch.rpm kernel-uek-doc-2.6.32-300.29.2.el6uek.noarch.rpm kernel-uek-2.6.32-300.29.2.el6uek.x86_64.rpm kernel-uek-headers-2.6.32-300.29.2.el6uek.x86_64.rpm kernel-uek-devel-2.6.32-300.29.2.el6uek.x86_64.rpm kernel-uek-debug-devel-2.6.32-300.29.2.el6uek.x86_64.rpm kernel-uek-debug-2.6.32-300.29.2.el6uek.x86_64.rpm ofa-2.6.32-300.29.2.el6uek-1.5.1-4.0.58.x86_64.rpm ofa-2.6.32-300.29.2.el6uekdebug-1.5.1-4.0.58.x86_64.rpm mlnx_en-2.6.32-300.29.2.el6uek-1.5.7-0.1.x86_64.rpm mlnx_en-2.6.32-300.29.2.el6uekdebug-1.5.7-0.1.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-2.6.32... http://oss.oracle.com/ol6/SRPMS-updates/ofa-2.6.32-300.29... http://oss.oracle.com/ol6/SRPMS-updates/mlnx_en-2.6.32-30... Users with Oracle Linux Premier Support can now use Ksplice to patch against this Security Advisory. We recommend that all users of Oracle Linux 6 install these updates. Users of Ksplice Uptrack can install these updates by running : # /usr/sbin/uptrack-upgrade -y On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any additional action. Description of changes: * CVE-2012-2745: Denial-of-service in kernel key management. A potential double-free of the replacement session keyring on fork() could result in a denial-of-service by a local, unprivileged user. * CVE-2011-1083: Algorithmic denial of service in epoll. A flaw was found in the way the Linux kernel's Event Poll (epoll) subsystem handled large, nested epoll structures. A local, unprivileged user could use this flaw to cause a denial of service. [2.6.32-300.29.2.el6uek] - epoll: epoll_wait() should not use timespec_add_ns() (Eric Dumazet) - epoll: clear the tfile_check_list on -ELOOP (Joe Jin) {CVE-2012-3375} - Don't limit non-nested epoll paths (Jason Baron) - epoll: kabi fixups for epoll limit wakeup paths (Joe Jin) {CVE-2011-1083} - epoll: limit paths (Jason Baron) {CVE-2011-1083} - eventpoll: fix comment typo 'evenpoll' (Paul Bolle) - epoll: fix compiler warning and optimize the non-blocking path (Shawn Bohrer) - epoll: move ready event check into proper inline (Davide Libenzi) - epoll: make epoll_wait() use the hrtimer range feature (Shawn Bohrer) - select: rename estimate_accuracy() to select_estimate_accuracy() (Andrew Morton) - cred: copy_process() should clear child->replacement_session_keyring (Oleg Nesterov) {CVE-2012-2745} _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata