Focus On Oracle

Installing, Backup & Recovery, Performance Tuning,
Troubleshooting, Upgrading, Patching, Zero-Downtime Upgrade, GoldenGate

Oracle Exadata ,Oracle ODA, Oracle ZDLRA


当前位置: 首页 » 技术文章 » Oracle

Oracle Linux ksplice的用法

在传统情况下,Linux的内核升级,需要重启操作系统才生效。Oracle收购ksplice之后(Ksplice创立于2008年,在2009年07月01日,Ksplice Uptrack发布,用于Linux核心无需重启机器的情况下更新内核,甲骨文在2011年7月21日宣布完成对Ksplice的并购),把Ksplice的功能列入到了付费用户的基本服务项目,她可以动态地应用内核与安全补丁等升级,实现零停机,对应用不产生中断影响,是依赖Ksplice Uptrack实现的。如果排除硬件的影响外,系统可以永远运行下去



登录ksplice网址获取30天的试用

https://status-ksplice.oracle.com/status/trial/

注意:你需要注册oracle的SSO账号,如果没有的话。成功后,你会收到安装指导。当然如果是Oracle的付费用户,就不需要试用了,可以直接使用


安装指导内容
To install Ksplice Uptrack, please run the following commands as root:
wget -N https://www.ksplice.com/uptrack/install-uptrack
sh install-uptrack 5cb81cb0359f6c3dcf0a9d10bfee7550a46ed4860368d615913cf30c5ef7e868
uptrack-upgrade -y

If you'd like Ksplice Uptrack to automatically install updates as they become available, run:

sh install-uptrack 5cb81cb0359f6c3dcf0a9d10bfee7550a46ed4860368d615913cf30c5ef7e868 --autoinstall

in place of the above install-uptrack command, or set "autoinstall = yes" in /etc/uptrack/uptrack.conf after installation.

If installing on a Debian or Ubuntu machine, you may first need to install the ca-certificates package with apt-get install ca-certificates. Without this package you will see a "certificate verification error".

安装uptrack
[root@ovm ~]# wget -N https://www.ksplice.com/uptrack/install-uptrack
--2016-10-05 11:23:13--  https://www.ksplice.com/uptrack/install-uptrack
Resolving www.ksplice.com... 137.254.56.32
Connecting to www.ksplice.com|137.254.56.32|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 9377 (9.2K) [text/plain]
Saving to: “install-uptrack”

100%[==============================================>] 9,377       42.7K/s   in 0.2s

2016-10-05 11:23:14 (42.7 KB/s) - “install-uptrack” saved [9377/9377]

[root@ovm ~]# ls -l install-uptrack
-rw-r--r--. 1 root root 9377 Apr 18 11:07 install-uptrack
[root@ovm ~]# sh install-uptrack 5cb81cb0359f6c3dcf0a9d10bfee7550a46ed4860368d615913cf30c5ef6d868
[ Release detected: ol ]
--2016-10-05 11:23:44--  https://www.ksplice.com/yum/uptrack/ol/ksplice-uptrack-release.noarch.rpm
Resolving www.ksplice.com... 137.254.56.32
Connecting to www.ksplice.com|137.254.56.32|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 6876 (6.7K) [application/x-rpm]
Saving to: “ksplice-uptrack-release.noarch.rpm”

100%[=============================================>] 6,876       --.-K/s   in 0s

2016-10-05 11:23:45 (32.7 MB/s) - “ksplice-uptrack-release.noarch.rpm” saved [6876/6876]

[ Installing Uptrack ]
warning: ksplice-uptrack-release.noarch.rpm: Header V3 DSA/SHA1 Signature, key ID 16c083cd: NOKEY
Preparing packages for installation...
ksplice-uptrack-release-1-3
Loaded plugins: refresh-packagekit, security, ulninfo
Setting up Install Process
docker-main-repo                                 | 2.9 kB     00:00
dockerrepo                                       | 2.9 kB     00:00
ksplice-uptrack                                  |  951 B     00:00
ksplice-uptrack/primary                          | 4.5 kB     00:00
ksplice-uptrack                                                   16/16
Resolving Dependencies
--> Running transaction check
---> Package uptrack.noarch 0:1.2.38-0.el6 will be installed
--> Processing Dependency: uptrack-PyYAML for package: uptrack-1.2.38-0.el6.noarch
--> Running transaction check
---> Package uptrack-PyYAML.x86_64 0:3.08-4.el6 will be installed
--> Processing Dependency: uptrack-libyaml >= 0.1.3-1 for package: uptrack-PyYAML-3.08-4.el6.x86_64
--> Running transaction check
---> Package uptrack-libyaml.x86_64 0:0.1.4-1.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
==============================================================================
 Package                        Arch     Version       Repository        Size
==============================================================================
Installing:
 uptrack                        noarch   1.2.38-0.el6  ksplice-uptrack  497 k
Installing for dependencies:
 uptrack-PyYAML                 x86_64   3.08-4.el6    ksplice-uptrack  143 k
 uptrack-libyaml                x86_64   0.1.4-1.el6   ksplice-uptrack   48 k

Transaction Summary
=============================================================================
Install       3 Package(s)

Total download size: 688 k
Installed size: 2.1 M
Downloading Packages:
(1/3): uptrack-1.2.38-0.el6.noarch.rpm                | 497 kB     00:35
(2/3): uptrack-PyYAML-3.08-4.el6.x86_64.rpm           | 143 kB     00:10
(3/3): uptrack-libyaml-0.1.4-1.el6.x86_64.rpm         |  48 kB     00:00
-----------------------------------------------------------------------------
Total                                         14 kB/s | 688 kB     00:48
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Warning: RPMDB altered outside of yum.
  Installing : uptrack-libyaml-0.1.4-1.el6.x86_64                     1/3
  Installing : uptrack-PyYAML-3.08-4.el6.x86_64                       2/3
  Installing : uptrack-1.2.38-0.el6.noarch                            3/3
There are no existing modules on disk that need basename migration.
  Verifying  : uptrack-1.2.38-0.el6.noarch                            1/3
  Verifying  : uptrack-libyaml-0.1.4-1.el6.x86_64                     2/3
  Verifying  : uptrack-PyYAML-3.08-4.el6.x86_64                       3/3

Installed:
  uptrack.noarch 0:1.2.38-0.el6

Dependency Installed:
  uptrack-PyYAML.x86_64 0:3.08-4.el6
  uptrack-libyaml.x86_64 0:0.1.4-1.el6

Complete!
Effective kernel version is 4.1.12-37.4.1.el6uek
The following steps will be taken:
Install [mdovvlwf] Improve the interface to freeze tasks.
Install [nhdxempm] CVE-2016-4565: Privilege escalation in Infiniband ioctl.
Install [uadmmjua] CVE-2016-2117: Information leak in Atheros ATL2 transmission.
Install [u4qw4jdx] CVE-2016-6197, CVE-2016-6198: Denial-of-service in OverlayFS on XFS.
Install [j0o0d238] CVE-2015-8660: Permission bypass on overlayfs when setting file extended attributes.
Install [in658n2y] CVE-2016-4470: Denial-of-service in the keyring subsystem.
Install [lp3b4vzo] CVE-2016-5696: Session hijacking in TCP connections.
Install [g5n10jro] CVE-2015-8785: Infinite loop when submitting invalid io vectors to FUSE filesystem.
Install [qvypln00] CVE-2016-2069: Race condition in the TLB flush logic on multi-processors.
Install [fubymn3l] CVE-2015-8787: NULL pointer dereference in Netfilter NAT redirection.
Install [29shzoeu] CVE-2016-0723: Denial-of-service in TTY TIOCGETD ioctl().
Install [iyyf5mc3] Stack buffer overflow in the HP Smart Array SCSI driver.
Install [p9jkup8d] Denial-of-service in ALSA SNDRV_SEQ_IOCTL_REMOVE_EVENTS ioctl().
Install [5trmadhz] Use-after-free in ALSA sequencer timers.
Install [0kemd3n0] Privilege escalation in ALSA compatibility ioctl().
Install [g5kga5kw] Denial-of-service in ALSA timer management.
Install [kghekfwi] Denial-of-service in ALSA TLV controls.
Install [y1fivdl9] Use-after-free in Intel audio device removal.
Install [wf4987ap] Use-after-free when taking a reference on an IPv6 label.
Install [pmxhuk5h] Denial-of-service in IPv6 stable_secret sysctl writing.
Install [6cng3h9y] Denial-of-service in SCTP protocol under memory pressure.
Install [9j8uda3z] Denial-of-service in Connector callback implementation.
Install [fizhyy51] Privilege escalation in network bridge startup.
Install [0sdd9nt0] Use-after-free in network destination cache removal.
Install [015zv6zt] Out-of-bounds access in SCTP cookie_hmac_alg sysctl writing.
Install [o1sqdmgn] Use-after-free in IPv6 SYNACK retransmission.
Install [czz300rq] Denial-of-service in SO_NO_CHECK sockets.
Install [7al0itnm] NULL pointer dereference in PhoNet packet reception.
Install [chhvzpr5] CVE-2016-2383: Undefined behaviour in Berkeley Packet Filter constant shifts.
Install [sfg3qe62] Denial-of-service in ISDN PPP device opening.
Install [vecx9mji] CVE-2015-7799: Denial-of-service in PPP compression slot parameters.
Install [ywge2v76] Information leak in HID core when connecting device.
Install [h1fzcvjn] Denial of service in Topro USB Camera ioctl.
Install [rk5fbc49] Memory leak in Realtek USB Wireless adapter when receiving malformed frames.
Install [v1j86ako] Privilege escalation in overlayfs extended attributes.
Install [2svmlu1o] Kernel panic when removing directory from overlay filesystem.
Install [kxuwfxw5] Memory leak when requeuing priority inversion futex.
Install [0l6ygvrj] Denial-of-service when parsing UDF indirect extents.
Install [izqgc784] Denial-of-service in block cache driver on device removal.
Install [4dojfzjt] Memory corruption when processing multibyte unicode filenames on UDF.
Install [7r0srh9n] Denial-of-service in BTRFS device array reading.
Install [nnx4ymjw] Memory corruption in Nouveau driver during connector hotplug.
Install [lytrplwr] Use-after-free in virtio balloon driver during compaction.
Install [l8dzuqb4] Information leak when reading directory entries on CIFS mount.
Install [anhwn031] Use-after-free in OCFS2 distributed lock manager.
Install [p53zywd9] Kernel panic when soft-offlining memory.
Install [we9rx462] Use-after-free when unregistering events in memory control group.
Install [tkxnuvw7] Use-after-free when failing to accept userspace cryptographic sockets.
Install [vwij25nr] Memory corruption when sending data to userspace cryptographic socket.
Install [tfadz0yc] Kernel panic when setting prctl MM values.
Install [0jvyx87q] Data loss in USB Modem driver during suspend and resume.
Install [hqqwruse] Crash in USB hub driver during device reset.
Install [p3c9p7tn] Crash in USB serial driver when malicious Treo device is connected.
Install [lcwxn667] CVE-2015-7566: Denial-of-service in USB Handspring Visor driver.
Install [rtmduzgc] Use-after-free when removing virtio PCI devices.
Install [36sz5euf] Crash in SCSI driver during power management suspend and resume.
Install [xgwvni1u] Deadlock when reading from rfkill sysfs file.
Install [nn2hvj9p] Kernel crash in userspace interface for hash algorithm when sending a message.
Install [pt45ej4e] Kernel log buffer flood in ALSA rawmidi driver.
Install [7d8frpop] Multiple kernel deadlocks in ALSA OSS emulation.
Install [cy1wkzmz] Multiple use-after-free in ALSA sequencers when closing the device.
Install [urmrrm0f] Memory corruption in ALSA rawmidi driver on concurrent read/write.
Install [j81y9jaz] Use-after-free when unloading xHCI host driver.
Install [3ic8chog] Denial-of-service in ALSA timer handling.
Install [1ag47m1z] Kernel deadlock when dumping the call stack on multiple CPUs.
Install [p66d24gh] Infinite loop when unmounting an OCFS2 filesystem using the kernel distributed lock manager.
Install [d7wae6pw] Kernel deadlock when validating a memory context.
Install [z3tqbzvk] Kernel panic when handling interrupts for SATA devices.
Install [nn8yh1r8] Kernel hang in Btrfs filesystem when using the BTRFS_IOC_INO_PATHS ioctl.
Install [trwlwuhf] Information leak in ALSA sound sub-system when parsing the HDMI EDID-Like-Data (ELD).
Install [x0wv59yr] Use-after-free in the kernel list library on concurrent hotplug events.
Install [halioyqa] Kernel panic when parsing VBT in Intel integrated graphics.
Install [5jsms2s6] Integer overflow in ext4 buffer allocation.
Install [zavamdat] Data corruption on ext4 filesystem when moving data to a donor file.
Install [35ls1brl] Memory leak in the ALSA audio driver on concurrent writes to the sequencer device.
Install [c9asia8l] Kernel crash when handling vmalloc page faults on large pages.
Install [ual35d59] Kernel deadlock in ALSA sound driver when handling pulse code modulation.
Install [v5sm9atv] Data loss in ext4 with concurrent direct IO operations.
Install [m8ktv3pc] Kernel panic when starting fastopen TCP connections.
Install [gex6ku8y] Memory leak when reading from AF_UNIX socket.
Install [jaqkvgea] Memory leak when sending IPv4 data with ancillary data.
Install [w3ucr08q] Information leak in the ATA 32 bits compat ioctl.
Install [sj71njz2] Memory leak in device mapper when requeuing requests.
Install [q720zpzm] Memory corruption when parsing numbers from NFS requests.
Install [vaqyzjze] Kernel deadlock in JFFS2 filesystem when writing.
Install [fmam69o9] Kernel panic when handling signals under Intel MPX.
Install [ggdqj0av] Kernel panic when failing to open file.
Install [4ugtzaij] Kernel panic when parsing filenames.
Install [cm5yw39p] Out of bounds memory access on reading a file from a SMB server.
Install [8ouqh5s2] Kernel hang when the function graph tracer is enabled on suspend.
Install [nejd813f] Heap overflow in the Unsorted Block Images (UBI) on volume update.
Install [0em64mbp] Kernel panic when using receive aggregation on WiFi.
Install [yyy44gmu] Possible frame injection on encrypted WiFi using Galois/Counter Mode Protocol.
Install [ul0r053a] Denial-of-service in JFFS2 when recovering a halfway failed rename.
Install [7i25yfkl] Information leak to KVM guests when the the host is using PEBS tracing.
Install [iqjcnvc9] Denial-of-service when running KVM guest with Extended Page Table disabled.
Install [el6110l4] Kernel deadlock in the USB HID stack on interrupt.
Install [be452d8p] Memory leak in btrfs superblock validation.
Install [csyikupa] Kernel panic when writing a single page to a btrfs filesystem.
Install [58tj7xii] Kernel panic when accessing symlinks on btrfs volume.
Install [dnxjh1as] Memory leak when creating hard link on btrfs volume.
Install [wt6hbic0] Use-after-free when tracing a work queueing in Btrfs filesystem.
Install [tofygh65] CVE-2015-7513: Divide-by-zero in KVM when reloading the programmable interrupt timer.
Install [erxi8kn0] Denial-of-service when updating a negatively instantiated user cryptographic key.
Install [19xdhl89] NULL pointer dereference in TTY line discipline reception.
Install [j4hdfxbf] Filesystem corruption in EXT4 extent moving.
Install [6pkvalrk] Denial-of-service in NFS server buffer decoding.
Install [etmgkfsh] Kernel crash in disk quota initialization.
Install [msycyr7w] Kernel crash in block cache device initialization.
Install [mze2l7t6] NULL pointer dereference in block cache registration failure.
Install [ubidlkf9] Journalling filesystem corruption on unmount under memory pressure.
Install [19qbp1kt] Use-after-free in FUSE filesystems with direct, asynchronous I/O.
Install [zx03u41m] CVE-2016-2186: Denial of service in Griffin PowerMate USB descriptor parsing.
Install [n6vjz8o9] CVE-2016-2184: Denial of service in ALSA USB audio descriptor parsing.
Install [hcyy40ng] Denial-of-service in NFS secinfo+readdir operations.
Install [5fc7zave] CVE-2016-2188: Denial of service in IO Warrior USB descriptor parsing.
Install [rdlmjqs1] Denial of service in generic USB interface management.
Install [7vibanga] CVE-2016-3138: Denial of service in CDC ADM USB descriptor parsing.
Install [zlsqcgw5] Denial-of-service in pipe splicing with no pages.
Install [3jde7dfg] Denial-of-service in KVM invept instruction emulation.
Install [cbx8wk7c] Denial-of-service in KVM VCPU creation.
Install [gcml7smx] Denial-of-service in coredump writing.
Install [1gdy967x] CVE-2016-2185: Denial of service in ATI/Philips USB RF remote descriptor parsing.
Install [nik5wgnt] Kernel hang in OCFS2 Distributed Lock Manager convert and recovery operations.
Install [0wk20x0r] Kernel crash in OCFS2 Distributed Lock Manager during master loss.
Install [i8dl229b] CVE-2016-3136: Denial of service in MCT Serial USB descriptor parsing.
Install [pwd2bjm4] CVE-2016-3137: Denial of service in USB Cypress M8 descriptor parsing.
Install [4ioo8hzw] Memory corruption when inserting data into associative arrays.
Install [qr9r8r5u] Use after free when disabling a USB XHCI device.
Install [7nmjtbf9] Kernel crash when remapping file pages of a removed IPC ID.
Install [xyxen72s] Use-after-free when processing switchdev events.
Install [83ojhh6s] Divide-by-zero in the ALSA RME Hammerfall audio driver.
Install [rc0xc3c4] Privilege escalation when chowning files on overlayfs mount.
Install [t1bu1des] Use-after-free in the perf subsystem on error in the perf_event_open syscall.
Install [38s4ghcb] SMAP bypass in 32bit compatibility syscall handler.
Install [xya10lbt] BTRFS filesystem xattr data corruption during fast fsync().
Install [05qej9zi] BTRFS filesystem data corruption with no_holes and multiple truncates.
Install [ewgh3nwa] BTRFS filesystem data loss during fsync() after rename and inode creation.
Install [zogv6y7s] Multiple crashes with RDS (Reliable Datagram Sockets) over TCP.
Install [j5fknf63] NULL pointer dereference in RDS over TCP during accept().
Install [htkan8zo] Use-after-free in Xen network device teardown.
Install [kns889dc] Heap buffer overflow in internal Xen reply queue.
Install [7uflvnij] Denial of service in BTRFS filesystem driver.
Install [rgd2u0nb] Multiple data corruption issues in BTRFS filesystem driver.
Install [56dpbu10] Kernel crash in HP Smart Array SAS Controller driver.
Install [6q4o006n] Kernel infinite loop in SCSI disk driver.
Install [93rz5hgf] Kernel panic in IPv6 forwarding of timewait sockets.
Install [3e59ivmc] Kernel hang with Xen under nested virtualization.
Install [rb7w6d57] Kernel crash in Xen block-device backend driver.
Install [3gbuztol] Kernel BUG during scrub of BTRFS filesystem.
Install [sjsw0zz6] CVE-2015-7833: Crash in USB vision driver when malicious device is connected.
Install [27ea8xs6] CVE-2016-4913: Information leak in ISO9660 filename parsing.
Install [ndqo6xfi] CVE-2016-4581: Denial-of-service in slave mount propagation.
Install [mfbni72l] Memory leak in virtio balloon driver during inflation and deflation.
Install [vjivzetn] Kernel deadlock in Emulex 10Gbps iSCSI driver.
Install [bzg4r3ye] Kernel panic on machine check exception with offline cpu.
Install [yfm9dr51] Memory leak in Broadcom QLogic bnx2 driver on initialization failure.
Install [2mv564et] NULL pointer dereference in Brocade Fiber Channel driver on disconnection.
Install [s6fw2dpk] Kernel memory corruption in Btrfs direct IO reads and writes.
Install [k7r9m5v0] Denial-of-service when accepting userspace cryptographic sockets.
Install [6cysves6] Permission bypass when checking credentials for filesystem accesses.
Install [xji221sd] Denial of service in Emulex LightPulse device reset.
Install [4efqsldi] Heap overflow in block driver on flush.
Install [c0h2rik7] CVE-2016-4997, CVE-2016-4998: Privilege escalation in the Netfilter driver.
[ Installation Complete! ]
[ Please run '/usr/sbin/uptrack-upgrade -y' to bring your system up to date ]
[root@ovm ~]#

uptrack utility
[root@ovm ~]# ls -l /usr/sbin/uptrack-*
lrwxrwxrwx. 1 root root     15 Oct  5 11:24 /usr/sbin/uptrack-install -> uptrack-upgrade
lrwxrwxrwx. 1 root root     15 Oct  5 11:24 /usr/sbin/uptrack-remove -> uptrack-upgrade
lrwxrwxrwx. 1 root root     15 Oct  5 11:24 /usr/sbin/uptrack-show -> uptrack-upgrade
-rwxr-xr-x. 1 root root 102617 Aug 18 08:36 /usr/sbin/uptrack-upgrade
[root@ovm ~]# which uptrack-uname
/usr/bin/uptrack-uname
[root@ovm ~]#

列出可用的补丁,下面的命令都可以
uptrack-upgrade –n,uptrack-show,uptrack-show --available
[root@ovm ~]# uptrack-upgrade –n
The following steps will be taken:
Install [mdovvlwf] Improve the interface to freeze tasks.
Install [nhdxempm] CVE-2016-4565: Privilege escalation in Infiniband ioctl.
Install [uadmmjua] CVE-2016-2117: Information leak in Atheros ATL2 transmission.
Install [u4qw4jdx] CVE-2016-6197, CVE-2016-6198: Denial-of-service in OverlayFS on XFS.
Install [j0o0d238] CVE-2015-8660: Permission bypass on overlayfs when setting file extended attributes.
Install [in658n2y] CVE-2016-4470: Denial-of-service in the keyring subsystem.
Install [lp3b4vzo] CVE-2016-5696: Session hijacking in TCP connections.
Install [g5n10jro] CVE-2015-8785: Infinite loop when submitting invalid io vectors to FUSE filesystem.
Install [qvypln00] CVE-2016-2069: Race condition in the TLB flush logic on multi-processors.
Install [fubymn3l] CVE-2015-8787: NULL pointer dereference in Netfilter NAT redirection.
Install [29shzoeu] CVE-2016-0723: Denial-of-service in TTY TIOCGETD ioctl().
Install [iyyf5mc3] Stack buffer overflow in the HP Smart Array SCSI driver.
Install [p9jkup8d] Denial-of-service in ALSA SNDRV_SEQ_IOCTL_REMOVE_EVENTS ioctl().
Install [5trmadhz] Use-after-free in ALSA sequencer timers.
Install [0kemd3n0] Privilege escalation in ALSA compatibility ioctl().
Install [g5kga5kw] Denial-of-service in ALSA timer management.
Install [kghekfwi] Denial-of-service in ALSA TLV controls.
Install [y1fivdl9] Use-after-free in Intel audio device removal.
Install [wf4987ap] Use-after-free when taking a reference on an IPv6 label.
Install [pmxhuk5h] Denial-of-service in IPv6 stable_secret sysctl writing.
Install [6cng3h9y] Denial-of-service in SCTP protocol under memory pressure.
Install [9j8uda3z] Denial-of-service in Connector callback implementation.
Install [fizhyy51] Privilege escalation in network bridge startup.
Install [0sdd9nt0] Use-after-free in network destination cache removal.
Install [015zv6zt] Out-of-bounds access in SCTP cookie_hmac_alg sysctl writing.
Install [o1sqdmgn] Use-after-free in IPv6 SYNACK retransmission.
Install [czz300rq] Denial-of-service in SO_NO_CHECK sockets.
Install [7al0itnm] NULL pointer dereference in PhoNet packet reception.
Install [chhvzpr5] CVE-2016-2383: Undefined behaviour in Berkeley Packet Filter constant shifts.
Install [sfg3qe62] Denial-of-service in ISDN PPP device opening.
Install [vecx9mji] CVE-2015-7799: Denial-of-service in PPP compression slot parameters.
Install [ywge2v76] Information leak in HID core when connecting device.
Install [h1fzcvjn] Denial of service in Topro USB Camera ioctl.
Install [rk5fbc49] Memory leak in Realtek USB Wireless adapter when receiving malformed frames.
Install [v1j86ako] Privilege escalation in overlayfs extended attributes.
Install [2svmlu1o] Kernel panic when removing directory from overlay filesystem.
Install [kxuwfxw5] Memory leak when requeuing priority inversion futex.
Install [0l6ygvrj] Denial-of-service when parsing UDF indirect extents.
Install [izqgc784] Denial-of-service in block cache driver on device removal.
Install [4dojfzjt] Memory corruption when processing multibyte unicode filenames on UDF.
Install [7r0srh9n] Denial-of-service in BTRFS device array reading.
Install [nnx4ymjw] Memory corruption in Nouveau driver during connector hotplug.
Install [lytrplwr] Use-after-free in virtio balloon driver during compaction.
Install [l8dzuqb4] Information leak when reading directory entries on CIFS mount.
Install [anhwn031] Use-after-free in OCFS2 distributed lock manager.
Install [p53zywd9] Kernel panic when soft-offlining memory.
Install [we9rx462] Use-after-free when unregistering events in memory control group.
Install [tkxnuvw7] Use-after-free when failing to accept userspace cryptographic sockets.
Install [vwij25nr] Memory corruption when sending data to userspace cryptographic socket.
Install [tfadz0yc] Kernel panic when setting prctl MM values.
Install [0jvyx87q] Data loss in USB Modem driver during suspend and resume.
Install [hqqwruse] Crash in USB hub driver during device reset.
Install [p3c9p7tn] Crash in USB serial driver when malicious Treo device is connected.
Install [lcwxn667] CVE-2015-7566: Denial-of-service in USB Handspring Visor driver.
Install [rtmduzgc] Use-after-free when removing virtio PCI devices.
Install [36sz5euf] Crash in SCSI driver during power management suspend and resume.
Install [xgwvni1u] Deadlock when reading from rfkill sysfs file.
Install [nn2hvj9p] Kernel crash in userspace interface for hash algorithm when sending a message.
Install [pt45ej4e] Kernel log buffer flood in ALSA rawmidi driver.
Install [7d8frpop] Multiple kernel deadlocks in ALSA OSS emulation.
Install [cy1wkzmz] Multiple use-after-free in ALSA sequencers when closing the device.
Install [urmrrm0f] Memory corruption in ALSA rawmidi driver on concurrent read/write.
Install [j81y9jaz] Use-after-free when unloading xHCI host driver.
Install [3ic8chog] Denial-of-service in ALSA timer handling.
Install [1ag47m1z] Kernel deadlock when dumping the call stack on multiple CPUs.
Install [p66d24gh] Infinite loop when unmounting an OCFS2 filesystem using the kernel distributed lock manager.
Install [d7wae6pw] Kernel deadlock when validating a memory context.
Install [z3tqbzvk] Kernel panic when handling interrupts for SATA devices.
Install [nn8yh1r8] Kernel hang in Btrfs filesystem when using the BTRFS_IOC_INO_PATHS ioctl.
Install [trwlwuhf] Information leak in ALSA sound sub-system when parsing the HDMI EDID-Like-Data (ELD).
Install [x0wv59yr] Use-after-free in the kernel list library on concurrent hotplug events.
Install [halioyqa] Kernel panic when parsing VBT in Intel integrated graphics.
Install [5jsms2s6] Integer overflow in ext4 buffer allocation.
Install [zavamdat] Data corruption on ext4 filesystem when moving data to a donor file.
Install [35ls1brl] Memory leak in the ALSA audio driver on concurrent writes to the sequencer device.
Install [c9asia8l] Kernel crash when handling vmalloc page faults on large pages.
Install [ual35d59] Kernel deadlock in ALSA sound driver when handling pulse code modulation.
Install [v5sm9atv] Data loss in ext4 with concurrent direct IO operations.
Install [m8ktv3pc] Kernel panic when starting fastopen TCP connections.
Install [gex6ku8y] Memory leak when reading from AF_UNIX socket.
Install [jaqkvgea] Memory leak when sending IPv4 data with ancillary data.
Install [w3ucr08q] Information leak in the ATA 32 bits compat ioctl.
Install [sj71njz2] Memory leak in device mapper when requeuing requests.
Install [q720zpzm] Memory corruption when parsing numbers from NFS requests.
Install [vaqyzjze] Kernel deadlock in JFFS2 filesystem when writing.
Install [fmam69o9] Kernel panic when handling signals under Intel MPX.
Install [ggdqj0av] Kernel panic when failing to open file.
Install [4ugtzaij] Kernel panic when parsing filenames.
Install [cm5yw39p] Out of bounds memory access on reading a file from a SMB server.
Install [8ouqh5s2] Kernel hang when the function graph tracer is enabled on suspend.
Install [nejd813f] Heap overflow in the Unsorted Block Images (UBI) on volume update.
Install [0em64mbp] Kernel panic when using receive aggregation on WiFi.
Install [yyy44gmu] Possible frame injection on encrypted WiFi using Galois/Counter Mode Protocol.
Install [ul0r053a] Denial-of-service in JFFS2 when recovering a halfway failed rename.
Install [7i25yfkl] Information leak to KVM guests when the the host is using PEBS tracing.
Install [iqjcnvc9] Denial-of-service when running KVM guest with Extended Page Table disabled.
Install [el6110l4] Kernel deadlock in the USB HID stack on interrupt.
Install [be452d8p] Memory leak in btrfs superblock validation.
Install [csyikupa] Kernel panic when writing a single page to a btrfs filesystem.
Install [58tj7xii] Kernel panic when accessing symlinks on btrfs volume.
Install [dnxjh1as] Memory leak when creating hard link on btrfs volume.
Install [wt6hbic0] Use-after-free when tracing a work queueing in Btrfs filesystem.
Install [tofygh65] CVE-2015-7513: Divide-by-zero in KVM when reloading the programmable interrupt timer.
Install [erxi8kn0] Denial-of-service when updating a negatively instantiated user cryptographic key.
Install [19xdhl89] NULL pointer dereference in TTY line discipline reception.
Install [j4hdfxbf] Filesystem corruption in EXT4 extent moving.
Install [6pkvalrk] Denial-of-service in NFS server buffer decoding.
Install [etmgkfsh] Kernel crash in disk quota initialization.
Install [msycyr7w] Kernel crash in block cache device initialization.
Install [mze2l7t6] NULL pointer dereference in block cache registration failure.
Install [ubidlkf9] Journalling filesystem corruption on unmount under memory pressure.
Install [19qbp1kt] Use-after-free in FUSE filesystems with direct, asynchronous I/O.
Install [zx03u41m] CVE-2016-2186: Denial of service in Griffin PowerMate USB descriptor parsing.
Install [n6vjz8o9] CVE-2016-2184: Denial of service in ALSA USB audio descriptor parsing.
Install [hcyy40ng] Denial-of-service in NFS secinfo+readdir operations.
Install [5fc7zave] CVE-2016-2188: Denial of service in IO Warrior USB descriptor parsing.
Install [rdlmjqs1] Denial of service in generic USB interface management.
Install [7vibanga] CVE-2016-3138: Denial of service in CDC ADM USB descriptor parsing.
Install [zlsqcgw5] Denial-of-service in pipe splicing with no pages.
Install [3jde7dfg] Denial-of-service in KVM invept instruction emulation.
Install [cbx8wk7c] Denial-of-service in KVM VCPU creation.
Install [gcml7smx] Denial-of-service in coredump writing.
Install [1gdy967x] CVE-2016-2185: Denial of service in ATI/Philips USB RF remote descriptor parsing.
Install [nik5wgnt] Kernel hang in OCFS2 Distributed Lock Manager convert and recovery operations.
Install [0wk20x0r] Kernel crash in OCFS2 Distributed Lock Manager during master loss.
Install [i8dl229b] CVE-2016-3136: Denial of service in MCT Serial USB descriptor parsing.
Install [pwd2bjm4] CVE-2016-3137: Denial of service in USB Cypress M8 descriptor parsing.
Install [4ioo8hzw] Memory corruption when inserting data into associative arrays.
Install [qr9r8r5u] Use after free when disabling a USB XHCI device.
Install [7nmjtbf9] Kernel crash when remapping file pages of a removed IPC ID.
Install [xyxen72s] Use-after-free when processing switchdev events.
Install [83ojhh6s] Divide-by-zero in the ALSA RME Hammerfall audio driver.
Install [rc0xc3c4] Privilege escalation when chowning files on overlayfs mount.
Install [t1bu1des] Use-after-free in the perf subsystem on error in the perf_event_open syscall.
Install [38s4ghcb] SMAP bypass in 32bit compatibility syscall handler.
Install [xya10lbt] BTRFS filesystem xattr data corruption during fast fsync().
Install [05qej9zi] BTRFS filesystem data corruption with no_holes and multiple truncates.
Install [ewgh3nwa] BTRFS filesystem data loss during fsync() after rename and inode creation.
Install [zogv6y7s] Multiple crashes with RDS (Reliable Datagram Sockets) over TCP.
Install [j5fknf63] NULL pointer dereference in RDS over TCP during accept().
Install [htkan8zo] Use-after-free in Xen network device teardown.
Install [kns889dc] Heap buffer overflow in internal Xen reply queue.
Install [7uflvnij] Denial of service in BTRFS filesystem driver.
Install [rgd2u0nb] Multiple data corruption issues in BTRFS filesystem driver.
Install [56dpbu10] Kernel crash in HP Smart Array SAS Controller driver.
Install [6q4o006n] Kernel infinite loop in SCSI disk driver.
Install [93rz5hgf] Kernel panic in IPv6 forwarding of timewait sockets.
Install [3e59ivmc] Kernel hang with Xen under nested virtualization.
Install [rb7w6d57] Kernel crash in Xen block-device backend driver.
Install [3gbuztol] Kernel BUG during scrub of BTRFS filesystem.
Install [sjsw0zz6] CVE-2015-7833: Crash in USB vision driver when malicious device is connected.
Install [27ea8xs6] CVE-2016-4913: Information leak in ISO9660 filename parsing.
Install [ndqo6xfi] CVE-2016-4581: Denial-of-service in slave mount propagation.
Install [mfbni72l] Memory leak in virtio balloon driver during inflation and deflation.
Install [vjivzetn] Kernel deadlock in Emulex 10Gbps iSCSI driver.
Install [bzg4r3ye] Kernel panic on machine check exception with offline cpu.
Install [yfm9dr51] Memory leak in Broadcom QLogic bnx2 driver on initialization failure.
Install [2mv564et] NULL pointer dereference in Brocade Fiber Channel driver on disconnection.
Install [s6fw2dpk] Kernel memory corruption in Btrfs direct IO reads and writes.
Install [k7r9m5v0] Denial-of-service when accepting userspace cryptographic sockets.
Install [6cysves6] Permission bypass when checking credentials for filesystem accesses.
Install [xji221sd] Denial of service in Emulex LightPulse device reset.
Install [4efqsldi] Heap overflow in block driver on flush.
Install [c0h2rik7] CVE-2016-4997, CVE-2016-4998: Privilege escalation in the Netfilter driver.

Go ahead [y/N]? n
Aborting.
[root@ovm ~]#

安装Updates
[root@ovm ~]# uptrack-upgrade -y
The following steps will be taken:
Install [mdovvlwf] Improve the interface to freeze tasks.
Install [nhdxempm] CVE-2016-4565: Privilege escalation in Infiniband ioctl.
Install [uadmmjua] CVE-2016-2117: Information leak in Atheros ATL2 transmission.
Install [u4qw4jdx] CVE-2016-6197, CVE-2016-6198: Denial-of-service in OverlayFS on XFS.
Install [j0o0d238] CVE-2015-8660: Permission bypass on overlayfs when setting file extended attributes.
Install [in658n2y] CVE-2016-4470: Denial-of-service in the keyring subsystem.
Install [lp3b4vzo] CVE-2016-5696: Session hijacking in TCP connections.
Install [g5n10jro] CVE-2015-8785: Infinite loop when submitting invalid io vectors to FUSE filesystem.
Install [qvypln00] CVE-2016-2069: Race condition in the TLB flush logic on multi-processors.
Install [fubymn3l] CVE-2015-8787: NULL pointer dereference in Netfilter NAT redirection.
Install [29shzoeu] CVE-2016-0723: Denial-of-service in TTY TIOCGETD ioctl().
Install [iyyf5mc3] Stack buffer overflow in the HP Smart Array SCSI driver.
Install [p9jkup8d] Denial-of-service in ALSA SNDRV_SEQ_IOCTL_REMOVE_EVENTS ioctl().
Install [5trmadhz] Use-after-free in ALSA sequencer timers.
Install [0kemd3n0] Privilege escalation in ALSA compatibility ioctl().
Install [g5kga5kw] Denial-of-service in ALSA timer management.
Install [kghekfwi] Denial-of-service in ALSA TLV controls.
Install [y1fivdl9] Use-after-free in Intel audio device removal.
Install [wf4987ap] Use-after-free when taking a reference on an IPv6 label.
Install [pmxhuk5h] Denial-of-service in IPv6 stable_secret sysctl writing.
Install [6cng3h9y] Denial-of-service in SCTP protocol under memory pressure.
Install [9j8uda3z] Denial-of-service in Connector callback implementation.
Install [fizhyy51] Privilege escalation in network bridge startup.
Install [0sdd9nt0] Use-after-free in network destination cache removal.
Install [015zv6zt] Out-of-bounds access in SCTP cookie_hmac_alg sysctl writing.
Install [o1sqdmgn] Use-after-free in IPv6 SYNACK retransmission.
Install [czz300rq] Denial-of-service in SO_NO_CHECK sockets.
Install [7al0itnm] NULL pointer dereference in PhoNet packet reception.
Install [chhvzpr5] CVE-2016-2383: Undefined behaviour in Berkeley Packet Filter constant shifts.
Install [sfg3qe62] Denial-of-service in ISDN PPP device opening.
Install [vecx9mji] CVE-2015-7799: Denial-of-service in PPP compression slot parameters.
Install [ywge2v76] Information leak in HID core when connecting device.
Install [h1fzcvjn] Denial of service in Topro USB Camera ioctl.
Install [rk5fbc49] Memory leak in Realtek USB Wireless adapter when receiving malformed frames.
Install [v1j86ako] Privilege escalation in overlayfs extended attributes.
Install [2svmlu1o] Kernel panic when removing directory from overlay filesystem.
Install [kxuwfxw5] Memory leak when requeuing priority inversion futex.
Install [0l6ygvrj] Denial-of-service when parsing UDF indirect extents.
Install [izqgc784] Denial-of-service in block cache driver on device removal.
Install [4dojfzjt] Memory corruption when processing multibyte unicode filenames on UDF.
Install [7r0srh9n] Denial-of-service in BTRFS device array reading.
Install [nnx4ymjw] Memory corruption in Nouveau driver during connector hotplug.
Install [lytrplwr] Use-after-free in virtio balloon driver during compaction.
Install [l8dzuqb4] Information leak when reading directory entries on CIFS mount.
Install [anhwn031] Use-after-free in OCFS2 distributed lock manager.
Install [p53zywd9] Kernel panic when soft-offlining memory.
Install [we9rx462] Use-after-free when unregistering events in memory control group.
Install [tkxnuvw7] Use-after-free when failing to accept userspace cryptographic sockets.
Install [vwij25nr] Memory corruption when sending data to userspace cryptographic socket.
Install [tfadz0yc] Kernel panic when setting prctl MM values.
Install [0jvyx87q] Data loss in USB Modem driver during suspend and resume.
Install [hqqwruse] Crash in USB hub driver during device reset.
Install [p3c9p7tn] Crash in USB serial driver when malicious Treo device is connected.
Install [lcwxn667] CVE-2015-7566: Denial-of-service in USB Handspring Visor driver.
Install [rtmduzgc] Use-after-free when removing virtio PCI devices.
Install [36sz5euf] Crash in SCSI driver during power management suspend and resume.
Install [xgwvni1u] Deadlock when reading from rfkill sysfs file.
Install [nn2hvj9p] Kernel crash in userspace interface for hash algorithm when sending a message.
Install [pt45ej4e] Kernel log buffer flood in ALSA rawmidi driver.
Install [7d8frpop] Multiple kernel deadlocks in ALSA OSS emulation.
Install [cy1wkzmz] Multiple use-after-free in ALSA sequencers when closing the device.
Install [urmrrm0f] Memory corruption in ALSA rawmidi driver on concurrent read/write.
Install [j81y9jaz] Use-after-free when unloading xHCI host driver.
Install [3ic8chog] Denial-of-service in ALSA timer handling.
Install [1ag47m1z] Kernel deadlock when dumping the call stack on multiple CPUs.
Install [p66d24gh] Infinite loop when unmounting an OCFS2 filesystem using the kernel distributed lock manager.
Install [d7wae6pw] Kernel deadlock when validating a memory context.
Install [z3tqbzvk] Kernel panic when handling interrupts for SATA devices.
Install [nn8yh1r8] Kernel hang in Btrfs filesystem when using the BTRFS_IOC_INO_PATHS ioctl.
Install [trwlwuhf] Information leak in ALSA sound sub-system when parsing the HDMI EDID-Like-Data (ELD).
Install [x0wv59yr] Use-after-free in the kernel list library on concurrent hotplug events.
Install [halioyqa] Kernel panic when parsing VBT in Intel integrated graphics.
Install [5jsms2s6] Integer overflow in ext4 buffer allocation.
Install [zavamdat] Data corruption on ext4 filesystem when moving data to a donor file.
Install [35ls1brl] Memory leak in the ALSA audio driver on concurrent writes to the sequencer device.
Install [c9asia8l] Kernel crash when handling vmalloc page faults on large pages.
Install [ual35d59] Kernel deadlock in ALSA sound driver when handling pulse code modulation.
Install [v5sm9atv] Data loss in ext4 with concurrent direct IO operations.
Install [m8ktv3pc] Kernel panic when starting fastopen TCP connections.
Install [gex6ku8y] Memory leak when reading from AF_UNIX socket.
Install [jaqkvgea] Memory leak when sending IPv4 data with ancillary data.
Install [w3ucr08q] Information leak in the ATA 32 bits compat ioctl.
Install [sj71njz2] Memory leak in device mapper when requeuing requests.
Install [q720zpzm] Memory corruption when parsing numbers from NFS requests.
Install [vaqyzjze] Kernel deadlock in JFFS2 filesystem when writing.
Install [fmam69o9] Kernel panic when handling signals under Intel MPX.
Install [ggdqj0av] Kernel panic when failing to open file.
Install [4ugtzaij] Kernel panic when parsing filenames.
Install [cm5yw39p] Out of bounds memory access on reading a file from a SMB server.
Install [8ouqh5s2] Kernel hang when the function graph tracer is enabled on suspend.
Install [nejd813f] Heap overflow in the Unsorted Block Images (UBI) on volume update.
Install [0em64mbp] Kernel panic when using receive aggregation on WiFi.
Install [yyy44gmu] Possible frame injection on encrypted WiFi using Galois/Counter Mode Protocol.
Install [ul0r053a] Denial-of-service in JFFS2 when recovering a halfway failed rename.
Install [7i25yfkl] Information leak to KVM guests when the the host is using PEBS tracing.
Install [iqjcnvc9] Denial-of-service when running KVM guest with Extended Page Table disabled.
Install [el6110l4] Kernel deadlock in the USB HID stack on interrupt.
Install [be452d8p] Memory leak in btrfs superblock validation.
Install [csyikupa] Kernel panic when writing a single page to a btrfs filesystem.
Install [58tj7xii] Kernel panic when accessing symlinks on btrfs volume.
Install [dnxjh1as] Memory leak when creating hard link on btrfs volume.
Install [wt6hbic0] Use-after-free when tracing a work queueing in Btrfs filesystem.
Install [tofygh65] CVE-2015-7513: Divide-by-zero in KVM when reloading the programmable interrupt timer.
Install [erxi8kn0] Denial-of-service when updating a negatively instantiated user cryptographic key.
Install [19xdhl89] NULL pointer dereference in TTY line discipline reception.
Install [j4hdfxbf] Filesystem corruption in EXT4 extent moving.
Install [6pkvalrk] Denial-of-service in NFS server buffer decoding.
Install [etmgkfsh] Kernel crash in disk quota initialization.
Install [msycyr7w] Kernel crash in block cache device initialization.
Install [mze2l7t6] NULL pointer dereference in block cache registration failure.
Install [ubidlkf9] Journalling filesystem corruption on unmount under memory pressure.
Install [19qbp1kt] Use-after-free in FUSE filesystems with direct, asynchronous I/O.
Install [zx03u41m] CVE-2016-2186: Denial of service in Griffin PowerMate USB descriptor parsing.
Install [n6vjz8o9] CVE-2016-2184: Denial of service in ALSA USB audio descriptor parsing.
Install [hcyy40ng] Denial-of-service in NFS secinfo+readdir operations.
Install [5fc7zave] CVE-2016-2188: Denial of service in IO Warrior USB descriptor parsing.
Install [rdlmjqs1] Denial of service in generic USB interface management.
Install [7vibanga] CVE-2016-3138: Denial of service in CDC ADM USB descriptor parsing.
Install [zlsqcgw5] Denial-of-service in pipe splicing with no pages.
Install [3jde7dfg] Denial-of-service in KVM invept instruction emulation.
Install [cbx8wk7c] Denial-of-service in KVM VCPU creation.
Install [gcml7smx] Denial-of-service in coredump writing.
Install [1gdy967x] CVE-2016-2185: Denial of service in ATI/Philips USB RF remote descriptor parsing.
Install [nik5wgnt] Kernel hang in OCFS2 Distributed Lock Manager convert and recovery operations.
Install [0wk20x0r] Kernel crash in OCFS2 Distributed Lock Manager during master loss.
Install [i8dl229b] CVE-2016-3136: Denial of service in MCT Serial USB descriptor parsing.
Install [pwd2bjm4] CVE-2016-3137: Denial of service in USB Cypress M8 descriptor parsing.
Install [4ioo8hzw] Memory corruption when inserting data into associative arrays.
Install [qr9r8r5u] Use after free when disabling a USB XHCI device.
Install [7nmjtbf9] Kernel crash when remapping file pages of a removed IPC ID.
Install [xyxen72s] Use-after-free when processing switchdev events.
Install [83ojhh6s] Divide-by-zero in the ALSA RME Hammerfall audio driver.
Install [rc0xc3c4] Privilege escalation when chowning files on overlayfs mount.
Install [t1bu1des] Use-after-free in the perf subsystem on error in the perf_event_open syscall.
Install [38s4ghcb] SMAP bypass in 32bit compatibility syscall handler.
Install [xya10lbt] BTRFS filesystem xattr data corruption during fast fsync().
Install [05qej9zi] BTRFS filesystem data corruption with no_holes and multiple truncates.
Install [ewgh3nwa] BTRFS filesystem data loss during fsync() after rename and inode creation.
Install [zogv6y7s] Multiple crashes with RDS (Reliable Datagram Sockets) over TCP.
Install [j5fknf63] NULL pointer dereference in RDS over TCP during accept().
Install [htkan8zo] Use-after-free in Xen network device teardown.
Install [kns889dc] Heap buffer overflow in internal Xen reply queue.
Install [7uflvnij] Denial of service in BTRFS filesystem driver.
Install [rgd2u0nb] Multiple data corruption issues in BTRFS filesystem driver.
Install [56dpbu10] Kernel crash in HP Smart Array SAS Controller driver.
Install [6q4o006n] Kernel infinite loop in SCSI disk driver.
Install [93rz5hgf] Kernel panic in IPv6 forwarding of timewait sockets.
Install [3e59ivmc] Kernel hang with Xen under nested virtualization.
Install [rb7w6d57] Kernel crash in Xen block-device backend driver.
Install [3gbuztol] Kernel BUG during scrub of BTRFS filesystem.
Install [sjsw0zz6] CVE-2015-7833: Crash in USB vision driver when malicious device is connected.
Install [27ea8xs6] CVE-2016-4913: Information leak in ISO9660 filename parsing.
Install [ndqo6xfi] CVE-2016-4581: Denial-of-service in slave mount propagation.
Install [mfbni72l] Memory leak in virtio balloon driver during inflation and deflation.
Install [vjivzetn] Kernel deadlock in Emulex 10Gbps iSCSI driver.
Install [bzg4r3ye] Kernel panic on machine check exception with offline cpu.
Install [yfm9dr51] Memory leak in Broadcom QLogic bnx2 driver on initialization failure.
Install [2mv564et] NULL pointer dereference in Brocade Fiber Channel driver on disconnection.
Install [s6fw2dpk] Kernel memory corruption in Btrfs direct IO reads and writes.
Install [k7r9m5v0] Denial-of-service when accepting userspace cryptographic sockets.
Install [6cysves6] Permission bypass when checking credentials for filesystem accesses.
Install [xji221sd] Denial of service in Emulex LightPulse device reset.
Install [4efqsldi] Heap overflow in block driver on flush.
Install [c0h2rik7] CVE-2016-4997, CVE-2016-4998: Privilege escalation in the Netfilter driver.
Installing [mdovvlwf] Improve the interface to freeze tasks.
Installing [nhdxempm] CVE-2016-4565: Privilege escalation in Infiniband ioctl.
Installing [uadmmjua] CVE-2016-2117: Information leak in Atheros ATL2 transmission.
Installing [u4qw4jdx] CVE-2016-6197, CVE-2016-6198: Denial-of-service in OverlayFS on XFS.
Installing [j0o0d238] CVE-2015-8660: Permission bypass on overlayfs when setting file extended attributes.
Installing [in658n2y] CVE-2016-4470: Denial-of-service in the keyring subsystem.
Installing [lp3b4vzo] CVE-2016-5696: Session hijacking in TCP connections.
Installing [g5n10jro] CVE-2015-8785: Infinite loop when submitting invalid io vectors to FUSE filesystem.
Installing [qvypln00] CVE-2016-2069: Race condition in the TLB flush logic on multi-processors.
Installing [fubymn3l] CVE-2015-8787: NULL pointer dereference in Netfilter NAT redirection.
Installing [29shzoeu] CVE-2016-0723: Denial-of-service in TTY TIOCGETD ioctl().
Installing [iyyf5mc3] Stack buffer overflow in the HP Smart Array SCSI driver.
Installing [p9jkup8d] Denial-of-service in ALSA SNDRV_SEQ_IOCTL_REMOVE_EVENTS ioctl().
Installing [5trmadhz] Use-after-free in ALSA sequencer timers.
Installing [0kemd3n0] Privilege escalation in ALSA compatibility ioctl().
Installing [g5kga5kw] Denial-of-service in ALSA timer management.
Installing [kghekfwi] Denial-of-service in ALSA TLV controls.
Installing [y1fivdl9] Use-after-free in Intel audio device removal.
Installing [wf4987ap] Use-after-free when taking a reference on an IPv6 label.
Installing [pmxhuk5h] Denial-of-service in IPv6 stable_secret sysctl writing.
Installing [6cng3h9y] Denial-of-service in SCTP protocol under memory pressure.
Installing [9j8uda3z] Denial-of-service in Connector callback implementation.
Installing [fizhyy51] Privilege escalation in network bridge startup.
Installing [0sdd9nt0] Use-after-free in network destination cache removal.
Installing [015zv6zt] Out-of-bounds access in SCTP cookie_hmac_alg sysctl writing.
Installing [o1sqdmgn] Use-after-free in IPv6 SYNACK retransmission.
Installing [czz300rq] Denial-of-service in SO_NO_CHECK sockets.
Installing [7al0itnm] NULL pointer dereference in PhoNet packet reception.
Installing [chhvzpr5] CVE-2016-2383: Undefined behaviour in Berkeley Packet Filter constant shifts.
Installing [sfg3qe62] Denial-of-service in ISDN PPP device opening.
Installing [vecx9mji] CVE-2015-7799: Denial-of-service in PPP compression slot parameters.
Installing [ywge2v76] Information leak in HID core when connecting device.
Installing [h1fzcvjn] Denial of service in Topro USB Camera ioctl.
Installing [rk5fbc49] Memory leak in Realtek USB Wireless adapter when receiving malformed frames.
Installing [v1j86ako] Privilege escalation in overlayfs extended attributes.
Installing [2svmlu1o] Kernel panic when removing directory from overlay filesystem.
Installing [kxuwfxw5] Memory leak when requeuing priority inversion futex.
Installing [0l6ygvrj] Denial-of-service when parsing UDF indirect extents.
Installing [izqgc784] Denial-of-service in block cache driver on device removal.
Installing [4dojfzjt] Memory corruption when processing multibyte unicode filenames on UDF.
Installing [7r0srh9n] Denial-of-service in BTRFS device array reading.
Installing [nnx4ymjw] Memory corruption in Nouveau driver during connector hotplug.
Installing [lytrplwr] Use-after-free in virtio balloon driver during compaction.
Installing [l8dzuqb4] Information leak when reading directory entries on CIFS mount.
Installing [anhwn031] Use-after-free in OCFS2 distributed lock manager.
Installing [p53zywd9] Kernel panic when soft-offlining memory.
Installing [we9rx462] Use-after-free when unregistering events in memory control group.
Installing [tkxnuvw7] Use-after-free when failing to accept userspace cryptographic sockets.
Installing [vwij25nr] Memory corruption when sending data to userspace cryptographic socket.
Installing [tfadz0yc] Kernel panic when setting prctl MM values.
Installing [0jvyx87q] Data loss in USB Modem driver during suspend and resume.
Installing [hqqwruse] Crash in USB hub driver during device reset.
Installing [p3c9p7tn] Crash in USB serial driver when malicious Treo device is connected.
Installing [lcwxn667] CVE-2015-7566: Denial-of-service in USB Handspring Visor driver.
Installing [rtmduzgc] Use-after-free when removing virtio PCI devices.
Installing [36sz5euf] Crash in SCSI driver during power management suspend and resume.
Installing [xgwvni1u] Deadlock when reading from rfkill sysfs file.
Installing [nn2hvj9p] Kernel crash in userspace interface for hash algorithm when sending a message.
Installing [pt45ej4e] Kernel log buffer flood in ALSA rawmidi driver.
Installing [7d8frpop] Multiple kernel deadlocks in ALSA OSS emulation.
Installing [cy1wkzmz] Multiple use-after-free in ALSA sequencers when closing the device.
Installing [urmrrm0f] Memory corruption in ALSA rawmidi driver on concurrent read/write.
Installing [j81y9jaz] Use-after-free when unloading xHCI host driver.
Installing [3ic8chog] Denial-of-service in ALSA timer handling.
Installing [1ag47m1z] Kernel deadlock when dumping the call stack on multiple CPUs.
Installing [p66d24gh] Infinite loop when unmounting an OCFS2 filesystem using the kernel distributed lock manager.
Installing [d7wae6pw] Kernel deadlock when validating a memory context.
Installing [z3tqbzvk] Kernel panic when handling interrupts for SATA devices.
Installing [nn8yh1r8] Kernel hang in Btrfs filesystem when using the BTRFS_IOC_INO_PATHS ioctl.
Installing [trwlwuhf] Information leak in ALSA sound sub-system when parsing the HDMI EDID-Like-Data (ELD).
Installing [x0wv59yr] Use-after-free in the kernel list library on concurrent hotplug events.
Installing [halioyqa] Kernel panic when parsing VBT in Intel integrated graphics.
Installing [5jsms2s6] Integer overflow in ext4 buffer allocation.
Installing [zavamdat] Data corruption on ext4 filesystem when moving data to a donor file.
Installing [35ls1brl] Memory leak in the ALSA audio driver on concurrent writes to the sequencer device.
Installing [c9asia8l] Kernel crash when handling vmalloc page faults on large pages.
Installing [ual35d59] Kernel deadlock in ALSA sound driver when handling pulse code modulation.
Installing [v5sm9atv] Data loss in ext4 with concurrent direct IO operations.
Installing [m8ktv3pc] Kernel panic when starting fastopen TCP connections.
Installing [gex6ku8y] Memory leak when reading from AF_UNIX socket.
Installing [jaqkvgea] Memory leak when sending IPv4 data with ancillary data.
Installing [w3ucr08q] Information leak in the ATA 32 bits compat ioctl.
Installing [sj71njz2] Memory leak in device mapper when requeuing requests.
Installing [q720zpzm] Memory corruption when parsing numbers from NFS requests.
Installing [vaqyzjze] Kernel deadlock in JFFS2 filesystem when writing.
Installing [fmam69o9] Kernel panic when handling signals under Intel MPX.
Installing [ggdqj0av] Kernel panic when failing to open file.
Installing [4ugtzaij] Kernel panic when parsing filenames.
Installing [cm5yw39p] Out of bounds memory access on reading a file from a SMB server.
Installing [8ouqh5s2] Kernel hang when the function graph tracer is enabled on suspend.
Installing [nejd813f] Heap overflow in the Unsorted Block Images (UBI) on volume update.
Installing [0em64mbp] Kernel panic when using receive aggregation on WiFi.
Installing [yyy44gmu] Possible frame injection on encrypted WiFi using Galois/Counter Mode Protocol.
Installing [ul0r053a] Denial-of-service in JFFS2 when recovering a halfway failed rename.
Installing [7i25yfkl] Information leak to KVM guests when the the host is using PEBS tracing.
Installing [iqjcnvc9] Denial-of-service when running KVM guest with Extended Page Table disabled.
Installing [el6110l4] Kernel deadlock in the USB HID stack on interrupt.
Installing [be452d8p] Memory leak in btrfs superblock validation.
Installing [csyikupa] Kernel panic when writing a single page to a btrfs filesystem.
Installing [58tj7xii] Kernel panic when accessing symlinks on btrfs volume.
Installing [dnxjh1as] Memory leak when creating hard link on btrfs volume.
Installing [wt6hbic0] Use-after-free when tracing a work queueing in Btrfs filesystem.
Installing [tofygh65] CVE-2015-7513: Divide-by-zero in KVM when reloading the programmable interrupt timer.
Installing [erxi8kn0] Denial-of-service when updating a negatively instantiated user cryptographic key.
Installing [19xdhl89] NULL pointer dereference in TTY line discipline reception.
Installing [j4hdfxbf] Filesystem corruption in EXT4 extent moving.
Installing [6pkvalrk] Denial-of-service in NFS server buffer decoding.
Installing [etmgkfsh] Kernel crash in disk quota initialization.
Installing [msycyr7w] Kernel crash in block cache device initialization.
Installing [mze2l7t6] NULL pointer dereference in block cache registration failure.
Installing [ubidlkf9] Journalling filesystem corruption on unmount under memory pressure.
Installing [19qbp1kt] Use-after-free in FUSE filesystems with direct, asynchronous I/O.
Installing [zx03u41m] CVE-2016-2186: Denial of service in Griffin PowerMate USB descriptor parsing.
Installing [n6vjz8o9] CVE-2016-2184: Denial of service in ALSA USB audio descriptor parsing.
Installing [hcyy40ng] Denial-of-service in NFS secinfo+readdir operations.
Installing [5fc7zave] CVE-2016-2188: Denial of service in IO Warrior USB descriptor parsing.
Installing [rdlmjqs1] Denial of service in generic USB interface management.
Installing [7vibanga] CVE-2016-3138: Denial of service in CDC ADM USB descriptor parsing.
Installing [zlsqcgw5] Denial-of-service in pipe splicing with no pages.
Installing [3jde7dfg] Denial-of-service in KVM invept instruction emulation.
Installing [cbx8wk7c] Denial-of-service in KVM VCPU creation.
Installing [gcml7smx] Denial-of-service in coredump writing.
Installing [1gdy967x] CVE-2016-2185: Denial of service in ATI/Philips USB RF remote descriptor parsing.
Installing [nik5wgnt] Kernel hang in OCFS2 Distributed Lock Manager convert and recovery operations.
Installing [0wk20x0r] Kernel crash in OCFS2 Distributed Lock Manager during master loss.
Installing [i8dl229b] CVE-2016-3136: Denial of service in MCT Serial USB descriptor parsing.
Installing [pwd2bjm4] CVE-2016-3137: Denial of service in USB Cypress M8 descriptor parsing.
Installing [4ioo8hzw] Memory corruption when inserting data into associative arrays.
Installing [qr9r8r5u] Use after free when disabling a USB XHCI device.
Installing [7nmjtbf9] Kernel crash when remapping file pages of a removed IPC ID.
Installing [xyxen72s] Use-after-free when processing switchdev events.
Installing [83ojhh6s] Divide-by-zero in the ALSA RME Hammerfall audio driver.
Installing [rc0xc3c4] Privilege escalation when chowning files on overlayfs mount.
Installing [t1bu1des] Use-after-free in the perf subsystem on error in the perf_event_open syscall.
Installing [38s4ghcb] SMAP bypass in 32bit compatibility syscall handler.
Installing [xya10lbt] BTRFS filesystem xattr data corruption during fast fsync().
Installing [05qej9zi] BTRFS filesystem data corruption with no_holes and multiple truncates.
Installing [ewgh3nwa] BTRFS filesystem data loss during fsync() after rename and inode creation.
Installing [zogv6y7s] Multiple crashes with RDS (Reliable Datagram Sockets) over TCP.
Installing [j5fknf63] NULL pointer dereference in RDS over TCP during accept().
Installing [htkan8zo] Use-after-free in Xen network device teardown.
Installing [kns889dc] Heap buffer overflow in internal Xen reply queue.
Installing [7uflvnij] Denial of service in BTRFS filesystem driver.
Installing [rgd2u0nb] Multiple data corruption issues in BTRFS filesystem driver.
Installing [56dpbu10] Kernel crash in HP Smart Array SAS Controller driver.
Installing [6q4o006n] Kernel infinite loop in SCSI disk driver.
Installing [93rz5hgf] Kernel panic in IPv6 forwarding of timewait sockets.
Installing [3e59ivmc] Kernel hang with Xen under nested virtualization.
Installing [rb7w6d57] Kernel crash in Xen block-device backend driver.
Installing [3gbuztol] Kernel BUG during scrub of BTRFS filesystem.
Installing [sjsw0zz6] CVE-2015-7833: Crash in USB vision driver when malicious device is connected.
Installing [27ea8xs6] CVE-2016-4913: Information leak in ISO9660 filename parsing.
Installing [ndqo6xfi] CVE-2016-4581: Denial-of-service in slave mount propagation.
Installing [mfbni72l] Memory leak in virtio balloon driver during inflation and deflation.
Installing [vjivzetn] Kernel deadlock in Emulex 10Gbps iSCSI driver.
Installing [bzg4r3ye] Kernel panic on machine check exception with offline cpu.
Installing [yfm9dr51] Memory leak in Broadcom QLogic bnx2 driver on initialization failure.
Installing [2mv564et] NULL pointer dereference in Brocade Fiber Channel driver on disconnection.
Installing [s6fw2dpk] Kernel memory corruption in Btrfs direct IO reads and writes.
Installing [k7r9m5v0] Denial-of-service when accepting userspace cryptographic sockets.
Installing [6cysves6] Permission bypass when checking credentials for filesystem accesses.
Installing [xji221sd] Denial of service in Emulex LightPulse device reset.
Installing [4efqsldi] Heap overflow in block driver on flush.
Installing [c0h2rik7] CVE-2016-4997, CVE-2016-4998: Privilege escalation in the Netfilter driver.
Your kernel is fully up to date.
Effective kernel version is 4.1.12-61.1.10.el6uek
[root@ovm ~]#

[root@ovm ~]# uptrack-upgrade –n
Nothing to be done.
Your kernel is fully up to date.
Effective kernel version is 4.1.12-61.1.10.el6uek
[root@ovm ~]#
查看配置文件/etc/uptrack/uptrack.conf
[root@ovm ~]# ls -l /etc/uptrack/uptrack.conf
-rw-r-----. 1 root adm 2400 Oct  5 11:25 /etc/uptrack/uptrack.conf
[root@ovm ~]# egrep 'accesskey|autoinstall' /etc/uptrack/uptrack.conf
accesskey = 5cb81cb0359f6c3dcf0a9d10bfee7550a46ed4860368d615913cf30c5ef6d868
# Please note that enabling autoinstall does not mean the Uptrack
autoinstall = no
[root@ovm ~]# egrep 'accesskey|autoinstall|on_reboot' /etc/uptrack/uptrack.conf|grep -v ^#
accesskey = 5cb81cb0359f6c3dcf0a9d10bfee7550a46ed4860368d615913cf30c5ef6d868  #授权的key
install_on_reboot = yes  #是否在reboot时候安装更新
autoinstall = no         #是否自动安装更新
[root@ovm ~]# 
查看版本
[root@ovm ~]# uname -r
4.1.12-37.4.1.el6uek.x86_64
[root@ovm ~]# uptrack-uname -r
4.1.12-61.1.10.el6uek.x86_64
[root@ovm ~]#
注意:ksplice更新的是当前运行的内存内核,而uname所查看的是磁盘文件中记录的版本

从内核中移除更新

# uptrack-remove --all



Reference

http://docs.oracle.com/cd/E52668_01/E39380/html/ol_instyum_ksplice.html
http://ksplice.oracle.com/uptrack/guide
http://ksplice.oracle.com/legacy#installing-uptrack

http://baike.baidu.com/view/8133328.htm

http://www.ibm.com/developerworks/cn/aix/library/au-spunix_ksplice/



关键词:unix linux 

相关文章

Install oracle products on docker
How to enable autologin on OEL6/7
Linux的分支有多少,你知道么?
SPARC诊断工具explorer
SPARC S7-2初始化加载
Linux下配置vsftpd
如何配置HITACHI存储多路径软件
Exadata OS用户的密码策略
whats sosreport
Config xming+putty for X11 forwarding
在Linux中如何重置root密码,当你忘记时
在Oracle Enterprise Linux上使用nmon
Top