OracleVM 2.1 : kernel (OVMSA-2009-0004)


The remote OracleVM system is missing necessary patches to address critical security updates : CVE-2008-3528 The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service (temporary system hang) by mounting a filesystem that has corrupted dir->i_size and dir->i_blocks values and performing (a) read or (b) write operations. NOTE: there are limited scenarios in which this crosses privilege boundaries. CVE-2008-5700 libata in the Linux kernel before does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program. CVE-2009-0028 The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting this new process exit. CVE-2009-0322 drivers/firmware/dell_rbu.c in the Linux kernel before, and 2.6.28.x before, allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size file in /sys/devices/platform/dell_rbu/. CVE-2009-0675 The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an 'inverted logic' issue. CVE-2009-0676 The sock_getsockopt function in net/core/sock.c in the Linux kernel before does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt request. - CVE-2008-3528 - [fs] ext[234]: directory corruption DoS (Eugene Teo) - CVE-2008-5700 - [block] enforce a minimum SG_IO timeout (Eugene Teo) - CVE-2009-0322 - [firmware] dell_rbu: prevent oops (Don Howard) - CVE-2009-0028 - [misc] minor signal handling vulnerability (Oleg Nesterov) [479963 479964] - CVE-2009-0676 - [net] memory disclosure in SO_BSDCOMPAT gsopt (Eugene Teo) [486517 486518] - CVE-2009-0675 - [net] skfp_ioctl inverted logic flaw (Eugene Teo) - CVE-2009-0778 - not required - CVE-2009-0269 - not required - Enable enic - Finish porting infrastructure for fnic but disable it on 32bit - Add netconsole support for bonding in dom0 (Tina Yang) [orabug 8231228] - Add Cisco fnic/enic support, requires fc infrastructure from el5u3