Описание
ELSA-2013-2513: Unbreakable Enterprise kernel security and bugfix update (IMPORTANT)
[2.6.39-400.21.1]
- SPEC: v2.6.39-400.21.1 (Maxim Uvarov)
- xen/mmu: On early bootup, flush the TLB when changing RO->RW bits Xen provided pagetables. (Konrad Rzeszutek Wilk)
[2.6.39-400.20.1]
- SPEC: v2.6.39-400.20.1 (Maxim Uvarov)
- PCI: Set device power state to PCI_D0 for device without native PM support (Ajaykumar Hotchandani) [Orabug: 16482495]
- sched: Fix cgroup movement of waking process (Daisuke Nishimura) [Orabug: 13740515]
- sched: Fix cgroup movement of newly created process (Daisuke Nishimura) [Orabug: 13740515]
- sched: Fix cgroup movement of forking process (Daisuke Nishimura) [Orabug: 13740515]
[2.6.39-400.19.1]
- IB/core: Allow device-specific per-port sysfs files (Ralph Campbell)
- RDMA/cma: Pass QP type into rdma_create_id() (Sean Hefty)
- IB: Rename RAW_ETY to RAW_ETHERTYPE (Aleksey Senin)
- IB: Warning Resolution. (Ajaykumar Hotchandani)
- mlx4_core: fix FMR flags in free MTT range (Saeed Mahameed)
- mlx4_core/ib: sriov fmr bug fixes (Saeed Mahameed)
- mlx4_core: Change bitmap allocator to work in round-robin fashion (Saeed Mahameed)
- mlx4_vnic: move host admin vnics to closed state when closing the vnic. (Saeed Mahameed)
- mlx4_ib: make sure to flush clean_wq while closing sriov device (Saeed Mahameed)
- ib_sdp: fix deadlock when sdp_cma_handler is called while socket is being closed (Saeed Mahameed)
- ib_sdp: add unhandled events to rdma_cm_event_str (Saeed Mahameed)
- mlx4_core: use dev->sriov instead of hardcoed 127 vfs when initializing FMR MPT tables (Saeed Mahameed)
- mlx4_vnic: print vnic keep alive info in mlx4_vnic_info (Saeed Mahameed)
- rds: Congestion flag does not get cleared causing the connection to hang (Bang Nguyen) [Orabug: 16424692]
- dm table: set flush capability based on underlying devices (Mike Snitzer) [Orabug: 16392584]
- wake_up_process() should be never used to wakeup a TASK_STOPPED/TRACED task (Oleg Nesterov) [Orabug: 16405869] {CVE-2013-0871}
- ptrace: ensure arch_ptrace/ptrace_request can never race with SIGKILL (Oleg Nesterov) [Orabug: 16405869] {CVE-2013-0871}
- ptrace: introduce signal_wake_up_state() and ptrace_signal_wake_up() (Oleg Nesterov) [Orabug: 16405869] {CVE-2013-0871}
- drm/i915: bounds check execbuffer relocation count (Kees Cook) [Orabug: 16482650] {CVE-2013-0913}
- NLS: improve UTF8 -> UTF16 string conversion routine (Alan Stern) [Orabug: 16425571] {CVE-2013-1773}
- ipmi: make kcs timeout parameters as module options (Pavel Bures) [Orabug: 16470881]
- drm/i915/lvds: ditch ->prepare special case (Daniel Vetter) [Orabug: 14394113]
- drm/i915: Leave LVDS registers unlocked (Keith Packard) [Orabug: 14394113]
- drm/i915: dont clobber the pipe param in sanitize_modesetting (Daniel Vetter) [Orabug: 14394113]
- drm/i915: Sanitize BIOS debugging bits from PIPECONF (Chris Wilson) [Orabug: 14394113]
[2.6.39-400.18.1]
- SPEC: fix doc build (Guru Anbalagane)
- floppy: Fix a crash during rmmod (Vivek Goyal) [Orabug: 16040504]
- x86: ignore changes to paravirt_lazy_mode while in an interrupt context (Chuck Anderson) [Orabug: 16417326]
- x86/msr: Add capabilities check (Alan Cox) [Orabug: 16405007] {CVE-2013-0268}
- spec: unique debuginfo (Maxim Uvarov) [Orabug: 16245366]
- xfs: Use preallocation for inodes with extsz hints (Dave Chinner) [Orabug: 16307993]
- Add SIOCRDSGETTOS to get the current TOS for the socket (bang.nguyen) [Orabug: 16397197]
- Changes to connect/TOS interface (bang.nguyen) [Orabug: 16397197]
- floppy: Cleanup disk->queue before caling put_disk() if add_disk() was never called (Vivek Goyal) [Orabug: 16040504]
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
kernel-uek
2.6.39-400.21.1.el5uek
kernel-uek-debug
2.6.39-400.21.1.el5uek
kernel-uek-debug-devel
2.6.39-400.21.1.el5uek
kernel-uek-devel
2.6.39-400.21.1.el5uek
kernel-uek-doc
2.6.39-400.21.1.el5uek
kernel-uek-firmware
2.6.39-400.21.1.el5uek
Oracle Linux i386
kernel-uek
2.6.39-400.21.1.el5uek
kernel-uek-debug
2.6.39-400.21.1.el5uek
kernel-uek-debug-devel
2.6.39-400.21.1.el5uek
kernel-uek-devel
2.6.39-400.21.1.el5uek
kernel-uek-doc
2.6.39-400.21.1.el5uek
kernel-uek-firmware
2.6.39-400.21.1.el5uek
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
2.6.39-400.21.1.el6uek
kernel-uek-debug
2.6.39-400.21.1.el6uek
kernel-uek-debug-devel
2.6.39-400.21.1.el6uek
kernel-uek-devel
2.6.39-400.21.1.el6uek
kernel-uek-doc
2.6.39-400.21.1.el6uek
kernel-uek-firmware
2.6.39-400.21.1.el6uek
Oracle Linux i686
kernel-uek
2.6.39-400.21.1.el6uek
kernel-uek-debug
2.6.39-400.21.1.el6uek
kernel-uek-debug-devel
2.6.39-400.21.1.el6uek
kernel-uek-devel
2.6.39-400.21.1.el6uek
kernel-uek-doc
2.6.39-400.21.1.el6uek
kernel-uek-firmware
2.6.39-400.21.1.el6uek
Связанные CVE
Связанные уязвимости
Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death.
Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death.
Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death.
Race condition in the ptrace functionality in the Linux kernel before ...
Race condition in the ptrace functionality in the Linux kernel before 3.7.5 allows local users to gain privileges via a PTRACE_SETREGS ptrace system call in a crafted application, as demonstrated by ptrace_death.