Oracle alert ELSA-2012-1156 (kernel)
| From: | Errata Announcements for Oracle Linux <el-errata@oss.oracle.com> | |
| To: | el-errata@oss.oracle.com | |
| Subject: | [El-errata] ELSA-2012-1156 Moderate: Oracle Linux 6 kernel security and bug fix update | |
| Date: | Wed, 15 Aug 2012 13:08:07 -0700 | |
| Message-ID: | <502C01A7.9050207@oracle.com> |
Oracle Linux Security Advisory ELSA-2012-1156 https://rhn.redhat.com/errata/RHSA-2012-1156.html The following updated rpms for Oracle Linux 6 have been uploaded to the Unbreakable Linux Network: i386: kernel-2.6.32-279.5.1.el6.i686.rpm kernel-debug-2.6.32-279.5.1.el6.i686.rpm kernel-debug-devel-2.6.32-279.5.1.el6.i686.rpm kernel-devel-2.6.32-279.5.1.el6.i686.rpm kernel-doc-2.6.32-279.5.1.el6.noarch.rpm kernel-firmware-2.6.32-279.5.1.el6.noarch.rpm kernel-headers-2.6.32-279.5.1.el6.i686.rpm perf-2.6.32-279.5.1.el6.i686.rpm python-perf-2.6.32-279.5.1.el6.i686.rpm x86_64: kernel-2.6.32-279.5.1.el6.x86_64.rpm kernel-debug-2.6.32-279.5.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-279.5.1.el6.x86_64.rpm kernel-devel-2.6.32-279.5.1.el6.x86_64.rpm kernel-doc-2.6.32-279.5.1.el6.noarch.rpm kernel-firmware-2.6.32-279.5.1.el6.noarch.rpm kernel-headers-2.6.32-279.5.1.el6.x86_64.rpm perf-2.6.32-279.5.1.el6.x86_64.rpm python-perf-2.6.32-279.5.1.el6.x86_64.rpm SRPMS: http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-279... The following packages were rebuilt to be in sync with the updated kernel version (no changes other than updating the version number): Users with Oracle Linux Premier Support can now use Ksplice to patch against this Security Advisory. We recommend that all users of Oracle Linux 6 install these updates. Users of Ksplice Uptrack can install these updates by running : # /usr/sbin/uptrack-upgrade -y On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any additional action. Description of changes: * CVE-2011-1078: Information leak in Bluetooth SCO link driver. One byte of the 'struct sco_conninfo' data structure was not initialized before being copied to userspace, leading to a leak of potentially sensitive kernel memory. * CVE-2012-2384: Integer overflow in i915 execution buffer. An integer overflow in the i915 execution buffer code could result in a user triggering a denial-of-service attack or elevating privileges. [2.6.32-279.5.1.el6] - [net] 8021q/vlan: filter device events on bonds (Neil Horman) [842429 841983] [2.6.32-279.4.1.el6] - [fs] proc: stats: Use arch_idle_time for idle and iowait times if available (Steve Best) [841579 841149] - [drm] i915: fix integer overflow in i915_gem_execbuffer2() (Jacob Tanenbaum) [824553 824555] {CVE-2012-2383} - [usb] core: change the memory limits in usbfs URB submission (Don Zickus) [841667 828271] - [usb] core: unify some error pathways in usbfs (Don Zickus) [841667 828271] - [netdrv] ixgbe: BIT_APP_UPCHG not set by ixgbe_copy_dcb_cfg() (Andy Gospodarek) [840156 814044] - [netdrv] ixgbe: driver fix for link flap (Andy Gospodarek) [840156 814044] - [net] bridge: Fix enforcement of multicast hash_max limit (Thomas Graf) [840023 832575] - [net] bluetooth: fix sco_conninfo infoleak (Jacob Tanenbaum) [681307 681308] {CVE-2011-1078} - [wireless] ipw2200: remove references to CFG80211_WEXT config option (John Linville) [841406 839311] - [netdrv] be2net: enable GRO by default (Ivan Vecera) [838821 837230] - [virt] kvm/vmx: Fix KVM_SET_SREGS with big real mode segments (Orit Wasserman) [841411 756044] - [fs] writeback: merge for_kupdate and !for_kupdate cases (Eric Sandeen) [832360 818172] - [fs] writeback: fix queue_io() ordering (Eric Sandeen) [832360 818172] - [fs] writeback: don't redirty tail an inode with dirty pages (Eric Sandeen) [832360 818172] [2.6.32-279.3.1.el6] - [fs] ext4: properly dirty split extent nodes (David Jeffery) [840052 838640] _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata