Synopsis
The remote OracleVM host is missing one or more security updates.
Description
The remote OracleVM system is missing necessary patches to address critical security updates :
- KEYS: Fix short sprintf buffer in /proc/keys show function (David Howells) [Orabug: 25306361] (CVE-2016-7042)
- nvme: Limit command retries (Keith Busch) [Orabug:
25374751]
- fs/proc/task_mmu.c: fix mm_access mode parameter in pagemap_read (Kenny Keslar) [Orabug: 25374977]
- tcp: fix use after free in tcp_xmit_retransmit_queue (Eric Dumazet) [Orabug: 25374364] (CVE-2016-6828)
- tunnels: Don't apply GRO to multiple layers of encapsulation. (Jesse Gross) [Orabug: 25036352] (CVE-2016-8666)
- i40e: Don't notify client(s) for DCB changes on all VSIs (Neerav Parikh) [Orabug: 25046290]
- packet: fix race condition in packet_set_ring (Philip Pettersson) [Orabug: 25231617] (CVE-2016-8655)
- netlink: Fix dump skb leak/double free (Herbert Xu) [Orabug: 25231692] (CVE-2016-9806)
- ALSA: pcm : Call kill_fasync in stream lock (Takashi Iwai) [Orabug: 25231720] (CVE-2016-9794)
- net: avoid signed overflows for SO_[SND|RCV]BUFFORCE (Eric Dumazet) [Orabug: 25231751] (CVE-2016-9793)
- rebuild bumping release
Solution
Update the affected kernel-uek / kernel-uek-firmware packages.