Difference between revisions of "Download/kernel/rhel6/042stab117.14/changes"

From OpenVZ Virtuozzo Containers Wiki
Jump to: navigation, search
(ovz issues linked (using template:ovz))
(fix RHSA number)
 
(One intermediate revision by the same user not shown)
Line 2: Line 2:
 
Since {{kernel link|rhel6|042stab116.2}}:
 
Since {{kernel link|rhel6|042stab116.2}}:
  
* Rebase to RHEL6u8 kernel 2.6.32-642.el6
+
* Rebase to RHEL6u8 kernel 2.6.32-642.el6 (security, bug fixes, and enhancements)
 
* kvm: reporting emulation failures to userspace. (CVE-2010-5313, CVE-2014-7842)
 
* kvm: reporting emulation failures to userspace. (CVE-2010-5313, CVE-2014-7842)
 
* File descriptors passed over unix sockets are not properly accounted. (CVE-2013-4312)
 
* File descriptors passed over unix sockets are not properly accounted. (CVE-2013-4312)
Line 30: Line 30:
  
 
=== See also ===
 
=== See also ===
 +
* {{RHSA|2016-0855}}
 
* {{CVE|2010-5313}}
 
* {{CVE|2010-5313}}
 
* {{CVE|2014-4832}}
 
* {{CVE|2014-4832}}

Latest revision as of 18:43, 13 September 2016

Changes[edit]

Since 042stab116.2:

  • Rebase to RHEL6u8 kernel 2.6.32-642.el6 (security, bug fixes, and enhancements)
  • kvm: reporting emulation failures to userspace. (CVE-2010-5313, CVE-2014-7842)
  • File descriptors passed over unix sockets are not properly accounted. (CVE-2013-4312)
  • x86: espfix not working for 32-bit KVM paravirt guests. (CVE-2014-8134)
  • Buffer overflow with fraglist larger than MAX_SKB_FRAGS + 2 in virtio-net. (CVE-2015-5156)
  • Mounting ext2 fs e2fsprogs/tests/f_orphan as ext4 crashes system. (CVE-2015-7509)
  • MTU value is not validated in IPv6 stack causing packet loss. (CVE-2015-8215)
  • Null pointer dereference when mounting ext4. (CVE-2015-8324)
  • IPv6 connect causes DoS via NULL pointer dereference. (CVE-2015-8543)
  • An attacker with knowledge of a connections client IP, server IP, and server port can abuse the challenge ACK mechanism and remotely inject or control a TCP stream contents in a connection between a Linux device and its connected client/server. (CVE-2016-5696)
  • Numabalanced acquire cgroup_mutex for a long time. (PSBM-26897)
  • cpt: incorrect restore of SKB resulting in warnings in tcp_recvmsg(). (PSBM-39332, PSBM-46741)
  • CPU hotplug improvements (PSBM-46773).
  • cpt: crash in nfs_fscache_dup_uniq_id on dump of container with NFS mounts inside. (PSBM-47216)
  • cpt: crash in svc_age_temp_xprts_now() on stop of container with NFS mount. (PSBM-47515)
  • cpt: crash on closing restored Unix sockets. (PSBM-47529)
  • cpt: fixed restore of shared mounts. (PSBM-47639, OVZ-6779)
  • cpt: crash after restore of Unix sockets with in-flight file descriptors. (PSBM-51254, PSBM-51351)
  • ext4: crash in ext4_kill_sb() on mount of non-EXT4 filesystems (042stab114.2+ are affected) (PSBM-47782).
  • swap: forbid exceeding ub swappages limit on global memory pressure. (PSBM-47836).
  • 25-second delays can happen while logging in to systemd-based containers after container migration or host vzreboot. (PSBM-47889)
  • CISCO UCS eNIC driver wraps untagged traffic into vlan0. (PSBM-51149)
  • aacraid: Crash in aac_intr_normal(). (042stab112.15+ are affected) PSBM-49814)
  • Fixed operation of iputils-ping-20150815 (debian-9) inside containers. (OVZ-6744)
  • module: removed warning about waiting module removal. (OVZ-6748)
  • fs.mqueue.* sysctls can be changed inside containers. (OVZ-6757)

See also[edit]