logo
DATABASE RESOURCES PRICING ABOUT US

OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0039)

Description

The remote OracleVM system is missing necessary patches to address critical security updates : - vfio/pci: Fix integer overflows, bitmask check (Vlad Tsyrklevich) [Orabug: 25164094] (CVE-2016-9083) (CVE-2016-9084) - Don't feed anything but regular iovec's to blk_rq_map_user_iov (Linus Torvalds) [Orabug: 25231931] (CVE-2016-9576) - kvm: x86: Check memopp before dereference (CVE-2016-8630) (Owen Hofmann) [Orabug: 25417387] (CVE-2016-8630) - crypto: algif_hash - Only export and import on sockets with data (Herbert Xu) [Orabug: 25417799] (CVE-2016-8646) - USB: usbfs: fix potential infoleak in devio (Kangjie Lu) [Orabug: 25462755] (CVE-2016-4482) - net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462799] (CVE-2016-4485) - xen-netback: fix extra_info handling in xenvif_tx_err (Paul Durrant) [Orabug: 25445336] - net: Documentation: Fix default value tcp_limit_output_bytes (Niklas Cassel) [Orabug: 25458076] - tcp: double default TSQ output bytes limit (Wei Liu) [Orabug: 25458076] - xenbus: fix deadlock on writes to /proc/xen/xenbus (David Vrabel)


Related