Oracle Linux 6255 Published by

The following updates has been released for Oracle Linux:

ELSA-2017-3111 Moderate: Oracle Linux 7 liblouis security update
ELSA-2017-3635 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
ELSA-2017-3635 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELSA-2017-3636 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
ELSA-2017-3636 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELSA-2017-3637 Important: Oracle Linux 5 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update
ELSA-2017-3637 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update



ELSA-2017-3111 Moderate: Oracle Linux 7 liblouis security update

Oracle Linux Security Advisory ELSA-2017-3111

http://linux.oracle.com/errata/ELSA-2017-3111.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
liblouis-2.5.2-11.el7_4.i686.rpm
liblouis-2.5.2-11.el7_4.x86_64.rpm
liblouis-devel-2.5.2-11.el7_4.i686.rpm
liblouis-devel-2.5.2-11.el7_4.x86_64.rpm
liblouis-doc-2.5.2-11.el7_4.noarch.rpm
liblouis-python-2.5.2-11.el7_4.noarch.rpm
liblouis-utils-2.5.2-11.el7_4.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/liblouis-2.5.2-11.el7_4.src.rpm



Description of changes:

[2.5.2-11]
- Resolves: CVE-2017-13738, CVE-2017-13740, CVE-2017-13741,
CVE-2017-13742, CVE-2017-13743, CVE-2017-13744, CVE-2014-8184

ELSA-2017-3635 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2017-3635

http://linux.oracle.com/errata/ELSA-2017-3635.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-4.1.12-103.9.2.el6uek.x86_64.rpm
kernel-uek-doc-4.1.12-103.9.2.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-103.9.2.el6uek.noarch.rpm
kernel-uek-devel-4.1.12-103.9.2.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-103.9.2.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-103.9.2.el6uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-4.1.12-103.9.2.el6uek.src.rpm



Description of changes:

[4.1.12-103.9.2.el6uek]
- Revert "drivers/char/mem.c: deny access in open operation when
securelevel is set" (Brian Maly) [Orabug: 27037811]

[4.1.12-103.9.1.el6uek]
- xfs: use dedicated log worker wq to avoid deadlock with cil wq (Brian
Foster) [Orabug: 27013241]
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't
parse nlmsg properly (Xin Long) [Orabug: 26988633] {CVE-2017-14489}
- nvme: honor RTD3 Entry Latency for shutdowns (Martin K. Petersen)
[Orabug: 26999097]
- ipv6: avoid overflow of offset in ip6_find_1stfragopt (Sabrina
Dubroca) [Orabug: 27013220] {CVE-2017-7542}
- udp: consistently apply ufo or fragmentation (Willem de Bruijn)
[Orabug: 27013227] {CVE-2017-1000112}
- drivers/char/mem.c: deny access in open operation when securelevel is
set (Ethan Zhao) [Orabug: 26943884]

[4.1.12-103.8.1.el6uek]
- tcp: fix tcp_mark_head_lost to check skb len before fragmenting (Neal
Cardwell) [Orabug: 26923675]
- timerfd: Protect the might cancel mechanism proper (Thomas Gleixner)
[Orabug: 26899775] {CVE-2017-10661}
- kvm: nVMX: Don't allow L2 to access the hardware CR8 (Jim Mattson)
{CVE-2017-12154} {CVE-2017-12154}
- brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
(Tim Tianyang Chen) [Orabug: 26880590] {CVE-2017-7541}
- crypto: ahash - Fix EINPROGRESS notification callback (Herbert Xu)
[Orabug: 26916575] {CVE-2017-7618}
- ovl: use O_LARGEFILE in ovl_copy_up() (David Howells) [Orabug: 25953280]
- rxrpc: Fix several cases where a padded len isn't checked in ticket
decode (David Howells) [Orabug: 26880508] {CVE-2017-7482} {CVE-2017-7482}
- tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Wei Wang)
[Orabug: 26813385] {CVE-2017-14106}

ELSA-2017-3635 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2017-3635

http://linux.oracle.com/errata/ELSA-2017-3635.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-103.9.2.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-103.9.2.el7uek.noarch.rpm
kernel-uek-4.1.12-103.9.2.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-103.9.2.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-103.9.2.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-103.9.2.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-103.9.2.el7uek.src.rpm



Description of changes:

[4.1.12-103.9.2.el7uek]
- Revert "drivers/char/mem.c: deny access in open operation when
securelevel is set" (Brian Maly) [Orabug: 27037811]

[4.1.12-103.9.1.el7uek]
- xfs: use dedicated log worker wq to avoid deadlock with cil wq (Brian
Foster) [Orabug: 27013241]
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't
parse nlmsg properly (Xin Long) [Orabug: 26988633] {CVE-2017-14489}
- nvme: honor RTD3 Entry Latency for shutdowns (Martin K. Petersen)
[Orabug: 26999097]
- ipv6: avoid overflow of offset in ip6_find_1stfragopt (Sabrina
Dubroca) [Orabug: 27013220] {CVE-2017-7542}
- udp: consistently apply ufo or fragmentation (Willem de Bruijn)
[Orabug: 27013227] {CVE-2017-1000112}
- drivers/char/mem.c: deny access in open operation when securelevel is
set (Ethan Zhao) [Orabug: 26943884]

[4.1.12-103.8.1.el7uek]
- tcp: fix tcp_mark_head_lost to check skb len before fragmenting (Neal
Cardwell) [Orabug: 26923675]
- timerfd: Protect the might cancel mechanism proper (Thomas Gleixner)
[Orabug: 26899775] {CVE-2017-10661}
- kvm: nVMX: Don't allow L2 to access the hardware CR8 (Jim Mattson)
{CVE-2017-12154} {CVE-2017-12154}
- brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
(Tim Tianyang Chen) [Orabug: 26880590] {CVE-2017-7541}
- crypto: ahash - Fix EINPROGRESS notification callback (Herbert Xu)
[Orabug: 26916575] {CVE-2017-7618}
- ovl: use O_LARGEFILE in ovl_copy_up() (David Howells) [Orabug: 25953280]
- rxrpc: Fix several cases where a padded len isn't checked in ticket
decode (David Howells) [Orabug: 26880508] {CVE-2017-7482} {CVE-2017-7482}
- tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Wei Wang)
[Orabug: 26813385] {CVE-2017-14106}

ELSA-2017-3636 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2017-3636

http://linux.oracle.com/errata/ELSA-2017-3636.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-firmware-3.8.13-118.19.12.el6uek.noarch.rpm
kernel-uek-doc-3.8.13-118.19.12.el6uek.noarch.rpm
kernel-uek-3.8.13-118.19.12.el6uek.x86_64.rpm
kernel-uek-devel-3.8.13-118.19.12.el6uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-118.19.12.el6uek.x86_64.rpm
kernel-uek-debug-3.8.13-118.19.12.el6uek.x86_64.rpm
dtrace-modules-3.8.13-118.19.12.el6uek-0.4.5-3.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-3.8.13-118.19.12.el6uek.src.rpm
http://oss.oracle.com/ol6/SRPMS-updates/dtrace-modules-3.8.13-118.19.12.el6uek-0.4.5-3.el6.src.rpm



Description of changes:

kernel-uek
[3.8.13-118.19.12.el6uek]
- nvme: Drop nvmeq->q_lock before dma_pool_alloc(), so as to prevent
hard lockups (Aruna Ramakrishna) [Orabug: 25409587]

[3.8.13-118.19.11.el6uek]
- nvme: Handle PM1725 HIL reset (Martin K. Petersen) [Orabug: 26277600]
- char: lp: fix possible integer overflow in lp_setup() (Willy Tarreau)
[Orabug: 26403940] {CVE-2017-1000363}
- ALSA: timer: Fix missing queue indices reset at
SNDRV_TIMER_IOCTL_SELECT (Takashi Iwai) [Orabug: 26403956]
{CVE-2017-1000380}
- ALSA: timer: Fix race between read and ioctl (Takashi Iwai) [Orabug:
26403956] {CVE-2017-1000380}
- ALSA: timer: fix NULL pointer dereference in read()/ioctl() race
(Vegard Nossum) [Orabug: 26403956] {CVE-2017-1000380}
- ALSA: timer: Fix negative queue usage by racy accesses (Takashi Iwai)
[Orabug: 26403956] {CVE-2017-1000380}
- ALSA: timer: Fix race at concurrent reads (Takashi Iwai) [Orabug:
26403956] {CVE-2017-1000380}
- ALSA: timer: Fix race among timer ioctls (Takashi Iwai) [Orabug:
26403956] {CVE-2017-1000380}
- ipv6/dccp: do not inherit ipv6_mc_list from parent (WANG Cong)
[Orabug: 26404005] {CVE-2017-9077}
- ocfs2: fix deadlock issue when taking inode lock at vfs entry points
(Eric Ren) [Orabug: 26427126]
- ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
(Eric Ren) [Orabug: 26427126]
- ping: implement proper locking (Eric Dumazet) [Orabug: 26540286]
{CVE-2017-2671}
- aio: mark AIO pseudo-fs noexec (Jann Horn) [Orabug: 26643598]
{CVE-2016-10044}
- vfs: Commit to never having exectuables on proc and sysfs. (Eric W.
Biederman) [Orabug: 26643598] {CVE-2016-10044}
- vfs, writeback: replace FS_CGROUP_WRITEBACK with SB_I_CGROUPWB (Tejun
Heo) [Orabug: 26643598] {CVE-2016-10044}
- x86/acpi: Prevent out of bound access caused by broken ACPI tables
(Seunghun Han) [Orabug: 26643645] {CVE-2017-11473}
- sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (Eric Dumazet)
[Orabug: 26650883] {CVE-2017-9075}
- [media] saa7164: fix double fetch PCIe access condition (Steven Toth)
[Orabug: 26675142] {CVE-2017-8831}
- [media] saa7164: fix sparse warnings (Hans Verkuil) [Orabug:
26675142] {CVE-2017-8831}
- fs: __generic_file_splice_read retry lookup on AOP_TRUNCATED_PAGE
(Abhi Das) [Orabug: 26797306]
- timerfd: Protect the might cancel mechanism proper (Thomas Gleixner)
[Orabug: 26899787] {CVE-2017-10661}
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't
parse nlmsg properly (Xin Long) [Orabug: 26988627] {CVE-2017-14489}

ELSA-2017-3636 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2017-3636

http://linux.oracle.com/errata/ELSA-2017-3636.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-firmware-3.8.13-118.19.12.el7uek.noarch.rpm
kernel-uek-doc-3.8.13-118.19.12.el7uek.noarch.rpm
kernel-uek-3.8.13-118.19.12.el7uek.x86_64.rpm
kernel-uek-devel-3.8.13-118.19.12.el7uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-118.19.12.el7uek.x86_64.rpm
kernel-uek-debug-3.8.13-118.19.12.el7uek.x86_64.rpm
dtrace-modules-3.8.13-118.19.12.el7uek-0.4.5-3.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-3.8.13-118.19.12.el7uek.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/dtrace-modules-3.8.13-118.19.12.el7uek-0.4.5-3.el7.src.rpm



Description of changes:

kernel-uek
[3.8.13-118.19.12.el7uek]
- nvme: Drop nvmeq->q_lock before dma_pool_alloc(), so as to prevent
hard lockups (Aruna Ramakrishna) [Orabug: 25409587]

[3.8.13-118.19.11.el7uek]
- nvme: Handle PM1725 HIL reset (Martin K. Petersen) [Orabug: 26277600]
- char: lp: fix possible integer overflow in lp_setup() (Willy Tarreau)
[Orabug: 26403940] {CVE-2017-1000363}
- ALSA: timer: Fix missing queue indices reset at
SNDRV_TIMER_IOCTL_SELECT (Takashi Iwai) [Orabug: 26403956]
{CVE-2017-1000380}
- ALSA: timer: Fix race between read and ioctl (Takashi Iwai) [Orabug:
26403956] {CVE-2017-1000380}
- ALSA: timer: fix NULL pointer dereference in read()/ioctl() race
(Vegard Nossum) [Orabug: 26403956] {CVE-2017-1000380}
- ALSA: timer: Fix negative queue usage by racy accesses (Takashi Iwai)
[Orabug: 26403956] {CVE-2017-1000380}
- ALSA: timer: Fix race at concurrent reads (Takashi Iwai) [Orabug:
26403956] {CVE-2017-1000380}
- ALSA: timer: Fix race among timer ioctls (Takashi Iwai) [Orabug:
26403956] {CVE-2017-1000380}
- ipv6/dccp: do not inherit ipv6_mc_list from parent (WANG Cong)
[Orabug: 26404005] {CVE-2017-9077}
- ocfs2: fix deadlock issue when taking inode lock at vfs entry points
(Eric Ren) [Orabug: 26427126]
- ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
(Eric Ren) [Orabug: 26427126]
- ping: implement proper locking (Eric Dumazet) [Orabug: 26540286]
{CVE-2017-2671}
- aio: mark AIO pseudo-fs noexec (Jann Horn) [Orabug: 26643598]
{CVE-2016-10044}
- vfs: Commit to never having exectuables on proc and sysfs. (Eric W.
Biederman) [Orabug: 26643598] {CVE-2016-10044}
- vfs, writeback: replace FS_CGROUP_WRITEBACK with SB_I_CGROUPWB (Tejun
Heo) [Orabug: 26643598] {CVE-2016-10044}
- x86/acpi: Prevent out of bound access caused by broken ACPI tables
(Seunghun Han) [Orabug: 26643645] {CVE-2017-11473}
- sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (Eric Dumazet)
[Orabug: 26650883] {CVE-2017-9075}
- [media] saa7164: fix double fetch PCIe access condition (Steven Toth)
[Orabug: 26675142] {CVE-2017-8831}
- [media] saa7164: fix sparse warnings (Hans Verkuil) [Orabug:
26675142] {CVE-2017-8831}
- fs: __generic_file_splice_read retry lookup on AOP_TRUNCATED_PAGE
(Abhi Das) [Orabug: 26797306]
- timerfd: Protect the might cancel mechanism proper (Thomas Gleixner)
[Orabug: 26899787] {CVE-2017-10661}
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't
parse nlmsg properly (Xin Long) [Orabug: 26988627] {CVE-2017-14489}


ELSA-2017-3637 Important: Oracle Linux 5 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2017-3637

http://linux.oracle.com/errata/ELSA-2017-3637.html

The following updated rpms for Oracle Linux 5 Extended Lifecycle Support
(ELS) have been uploaded to the Unbreakable Linux Network:

i386:
kernel-uek-2.6.39-400.297.12.el5uek.i686.rpm
kernel-uek-debug-2.6.39-400.297.12.el5uek.i686.rpm
kernel-uek-debug-devel-2.6.39-400.297.12.el5uek.i686.rpm
kernel-uek-devel-2.6.39-400.297.12.el5uek.i686.rpm
kernel-uek-doc-2.6.39-400.297.12.el5uek.noarch.rpm
kernel-uek-firmware-2.6.39-400.297.12.el5uek.noarch.rpm

x86_64:
kernel-uek-firmware-2.6.39-400.297.12.el5uek.noarch.rpm
kernel-uek-doc-2.6.39-400.297.12.el5uek.noarch.rpm
kernel-uek-2.6.39-400.297.12.el5uek.x86_64.rpm
kernel-uek-devel-2.6.39-400.297.12.el5uek.x86_64.rpm
kernel-uek-debug-devel-2.6.39-400.297.12.el5uek.x86_64.rpm
kernel-uek-debug-2.6.39-400.297.12.el5uek.x86_64.rpm





Description of changes:

[2.6.39-400.297.12.el5uek]
- xsigo: [backport] Fix race in freeing aged Forwarding tables (Pradeep
Gopanapalli) [Orabug: 24823234]
- ocfs2: fix deadlock issue when taking inode lock at vfs entry points
(Eric Ren) [Orabug: 25671723]
- ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
(Eric Ren) [Orabug: 25671723]
- net/packet: fix overflow in check for tp_reserve (Andrey Konovalov)
[Orabug: 26143563] {CVE-2017-7308}
- net/packet: fix overflow in check for tp_frame_nr (Andrey Konovalov)
[Orabug: 26143563] {CVE-2017-7308}
- char: lp: fix possible integer overflow in lp_setup() (Willy Tarreau)
[Orabug: 26403941] {CVE-2017-1000363}
- ALSA: timer: Fix missing queue indices reset at
SNDRV_TIMER_IOCTL_SELECT (Takashi Iwai) [Orabug: 26403958]
{CVE-2017-1000380}
- ALSA: timer: Fix race between read and ioctl (Takashi Iwai) [Orabug:
26403958] {CVE-2017-1000380}
- ALSA: timer: fix NULL pointer dereference in read()/ioctl() race
(Vegard Nossum) [Orabug: 26403958] {CVE-2017-1000380}
- ALSA: timer: Fix negative queue usage by racy accesses (Takashi Iwai)
[Orabug: 26403958] {CVE-2017-1000380}
- ALSA: timer: Fix race at concurrent reads (Takashi Iwai) [Orabug:
26403958] {CVE-2017-1000380}
- ALSA: timer: Fix race among timer ioctls (Takashi Iwai) [Orabug:
26403958] {CVE-2017-1000380}
- ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() (Ben
Hutchings) [Orabug: 26403974] {CVE-2017-9074}
- ipv6: Check ip6_find_1stfragopt() return value properly. (David S.
Miller) [Orabug: 26403974] {CVE-2017-9074}
- ipv6: Prevent overrun when parsing v6 header options (Craig Gallek)
[Orabug: 26403974] {CVE-2017-9074}
- ipv6/dccp: do not inherit ipv6_mc_list from parent (WANG Cong)
[Orabug: 26404007] {CVE-2017-9077}
- aio: mark AIO pseudo-fs noexec (Jann Horn) [Orabug: 26643601]
{CVE-2016-10044}
- vfs: Commit to never having exectuables on proc and sysfs. (Eric W.
Biederman) [Orabug: 26643601] {CVE-2016-10044}
- vfs, writeback: replace FS_CGROUP_WRITEBACK with SB_I_CGROUPWB (Tejun
Heo) [Orabug: 26643601] {CVE-2016-10044}
- x86/acpi: Prevent out of bound access caused by broken ACPI tables
(Seunghun Han) [Orabug: 26643652] {CVE-2017-11473}
- sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (Eric Dumazet)
[Orabug: 26650889] {CVE-2017-9075}
- saa7164: fix double fetch PCIe access condition (Steven Toth)
[Orabug: 26675148] {CVE-2017-8831}
- saa7164: fix sparse warnings (Hans Verkuil) [Orabug: 26675148]
{CVE-2017-8831}
- saa7164: get rid of warning: no previous prototype (Mauro Carvalho
Chehab) [Orabug: 26675148] {CVE-2017-8831}
- [scsi] lpfc 8.3.44: Fix kernel panics from corrupted ndlp (James
Smart) [Orabug: 26765341]
- timerfd: Protect the might cancel mechanism proper (Thomas Gleixner)
[Orabug: 26899791] {CVE-2017-10661}
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't
parse nlmsg properly (Xin Long) [Orabug: 26988628] {CVE-2017-14489}

ELSA-2017-3637 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2017-3637

http://linux.oracle.com/errata/ELSA-2017-3637.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
kernel-uek-2.6.39-400.297.12.el6uek.i686.rpm
kernel-uek-debug-2.6.39-400.297.12.el6uek.i686.rpm
kernel-uek-debug-devel-2.6.39-400.297.12.el6uek.i686.rpm
kernel-uek-devel-2.6.39-400.297.12.el6uek.i686.rpm
kernel-uek-doc-2.6.39-400.297.12.el6uek.noarch.rpm
kernel-uek-firmware-2.6.39-400.297.12.el6uek.noarch.rpm

x86_64:
kernel-uek-firmware-2.6.39-400.297.12.el6uek.noarch.rpm
kernel-uek-doc-2.6.39-400.297.12.el6uek.noarch.rpm
kernel-uek-2.6.39-400.297.12.el6uek.x86_64.rpm
kernel-uek-devel-2.6.39-400.297.12.el6uek.x86_64.rpm
kernel-uek-debug-devel-2.6.39-400.297.12.el6uek.x86_64.rpm
kernel-uek-debug-2.6.39-400.297.12.el6uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-2.6.39-400.297.12.el6uek.src.rpm



Description of changes:

[2.6.39-400.297.12.el6uek]
- xsigo: [backport] Fix race in freeing aged Forwarding tables (Pradeep
Gopanapalli) [Orabug: 24823234]
- ocfs2: fix deadlock issue when taking inode lock at vfs entry points
(Eric Ren) [Orabug: 25671723]
- ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock
(Eric Ren) [Orabug: 25671723]
- net/packet: fix overflow in check for tp_reserve (Andrey Konovalov)
[Orabug: 26143563] {CVE-2017-7308}
- net/packet: fix overflow in check for tp_frame_nr (Andrey Konovalov)
[Orabug: 26143563] {CVE-2017-7308}
- char: lp: fix possible integer overflow in lp_setup() (Willy Tarreau)
[Orabug: 26403941] {CVE-2017-1000363}
- ALSA: timer: Fix missing queue indices reset at
SNDRV_TIMER_IOCTL_SELECT (Takashi Iwai) [Orabug: 26403958]
{CVE-2017-1000380}
- ALSA: timer: Fix race between read and ioctl (Takashi Iwai) [Orabug:
26403958] {CVE-2017-1000380}
- ALSA: timer: fix NULL pointer dereference in read()/ioctl() race
(Vegard Nossum) [Orabug: 26403958] {CVE-2017-1000380}
- ALSA: timer: Fix negative queue usage by racy accesses (Takashi Iwai)
[Orabug: 26403958] {CVE-2017-1000380}
- ALSA: timer: Fix race at concurrent reads (Takashi Iwai) [Orabug:
26403958] {CVE-2017-1000380}
- ALSA: timer: Fix race among timer ioctls (Takashi Iwai) [Orabug:
26403958] {CVE-2017-1000380}
- ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() (Ben
Hutchings) [Orabug: 26403974] {CVE-2017-9074}
- ipv6: Check ip6_find_1stfragopt() return value properly. (David S.
Miller) [Orabug: 26403974] {CVE-2017-9074}
- ipv6: Prevent overrun when parsing v6 header options (Craig Gallek)
[Orabug: 26403974] {CVE-2017-9074}
- ipv6/dccp: do not inherit ipv6_mc_list from parent (WANG Cong)
[Orabug: 26404007] {CVE-2017-9077}
- aio: mark AIO pseudo-fs noexec (Jann Horn) [Orabug: 26643601]
{CVE-2016-10044}
- vfs: Commit to never having exectuables on proc and sysfs. (Eric W.
Biederman) [Orabug: 26643601] {CVE-2016-10044}
- vfs, writeback: replace FS_CGROUP_WRITEBACK with SB_I_CGROUPWB (Tejun
Heo) [Orabug: 26643601] {CVE-2016-10044}
- x86/acpi: Prevent out of bound access caused by broken ACPI tables
(Seunghun Han) [Orabug: 26643652] {CVE-2017-11473}
- sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (Eric Dumazet)
[Orabug: 26650889] {CVE-2017-9075}
- saa7164: fix double fetch PCIe access condition (Steven Toth)
[Orabug: 26675148] {CVE-2017-8831}
- saa7164: fix sparse warnings (Hans Verkuil) [Orabug: 26675148]
{CVE-2017-8831}
- saa7164: get rid of warning: no previous prototype (Mauro Carvalho
Chehab) [Orabug: 26675148] {CVE-2017-8831}
- [scsi] lpfc 8.3.44: Fix kernel panics from corrupted ndlp (James
Smart) [Orabug: 26765341]
- timerfd: Protect the might cancel mechanism proper (Thomas Gleixner)
[Orabug: 26899791] {CVE-2017-10661}
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesn't
parse nlmsg properly (Xin Long) [Orabug: 26988628] {CVE-2017-14489}