Oracle alert ELSA-2021-9002 (kernel)

From:
             
 
Errata Announcements for Oracle Linux <el-errata@oss.oracle.com>
To:
             
 
el-errata@oss.oracle.com
Subject:
             
 
[El-errata] ELSA-2021-9002 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
Date:
             
 
Fri, 08 Jan 2021 08:50:14 -0800
Message-ID:
             
 
<6b57842a-7f3e-a015-b5d7-2f00287f3726@oracle.com>
Oracle Linux Security Advisory ELSA-2021-9002

http://linux.oracle.com/errata/ELSA-2021-9002.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.46.3.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.46.3.el7uek.noarch.rpm
kernel-uek-4.1.12-124.46.3.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.46.3.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.46.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.46.3.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12...



Description of changes:

Description of changes:

[4.1.12-124.46.3.el7uek]
- mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (Ganapathi Bhat)  [Orabug:
30781859]  {CVE-2019-14895} {CVE-2019-14895}
- ext4: fix ext4_empty_dir() for directories with holes (Jan Kara)  [Orabug: 31265320]
{CVE-2019-19037} {CVE-2019-19037}
- netlabel: cope with NULL catmap (Paolo Abeni)  [Orabug: 31350493]  {CVE-2020-10711}
- scsi: mptfusion: Fix double fetch bug in ioctl (Dan Carpenter)  [Orabug: 31350941]
{CVE-2020-12652}
- scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() (Dan Carpenter)  [Orabug: 31350941]
{CVE-2020-12652}
- USB: core: Fix free-while-in-use bug in the USB S-Glibrary (Alan Stern)  [Orabug: 31350967]
{CVE-2020-12464}
- drivers: usb: core: Minimize irq disabling in usb_sg_cancel() (David Mosberger)  [Orabug:
31350967]  {CVE-2020-12464}
- drivers: usb: core: Don't disable irqs in usb_sg_wait() during URB submit. (David Mosberger)
[Orabug: 31350967]  {CVE-2020-12464}
- ext4: work around deleting a file with i_nlink == 0 safely (Theodore Ts'o)  [Orabug: 31351014]
{CVE-2019-19447}
- xen/events: avoid removing an event channel while handling it (Juergen Gross)  [Orabug:
31984319]
- xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage (Josh Abraham)  [Orabug:
31984319]
- ext4: fix fencepost in s_first_meta_bg validation (Theodore Ts'o)  [Orabug: 32197511]
- dm crypt: Allow unaligned bio buffer lengths for skcipher devices (Sudhakar Panneerselvam)
[Orabug: 32202000]
- sched/fair: Don't free p->numa_faults with concurrent readers (Jann Horn)  [Orabug: 32212524]
{CVE-2019-20934}
- netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6 (Vasily Averin)  [Orabug:
32222844]  {CVE-2020-14305}
- perf/core: Fix race in the perf_mmap_close() function (Jiri Olsa)  [Orabug: 32233360]
{CVE-2020-14351}
- ext4: fix calculation of meta_bg descriptor backups (Andy Leiserson)  [Orabug: 32245133]

[4.1.12-124.46.2.el7uek]
- ocfs2: initialize ip_next_orphan (Wengang Wang)  [Orabug: 31780626]
- Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts (Peilin Ye)  [Orabug: 32176264]
{CVE-2020-28915}
- fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h (Peilin Ye)  [Orabug:
32176264]  {CVE-2020-28915}
- page_frag: Recover from memory pressure (Dongli Zhang)  [Orabug: 32177993]
- vt: Disable KD_FONT_OP_COPY (Daniel Vetter)  [Orabug: 32187749]  {CVE-2020-28974}
- block: Fix use-after-free in blkdev_get() (Jason Yan)  [Orabug: 32194609]  {CVE-2020-15436}
- icmp: randomize the global rate limiter (Eric Dumazet)  [Orabug: 32227971]  {CVE-2020-25705}

[4.1.12-124.46.1.el7uek]
- KVM: x86: minor code refactor and comments fixup around dirty logging (Anthony Yznaga)  [Orabug:
31722767]
- KVM: x86: Manually flush collapsible SPTEs only when toggling flags (Sean Christopherson)
[Orabug: 31722767]
- KVM: x86: avoid unnecessary rmap walks when creating/moving slots (Anthony Yznaga)  [Orabug:
31722767]
- KVM: x86: remove unnecessary rmap walk of read-only memslots (Anthony Yznaga)  [Orabug:
31722767]
- xfs: catch inode allocation state mismatch corruption (Gautham Ananthakrishna)  [Orabug:
32071488]
- tty: make FONTX ioctl use the tty pointer they were actually passed (Linus Torvalds)  [Orabug:
32122731]  {CVE-2020-25668}
- IB/mlx4: Adjust delayed work when a dup is observed (Håkon Bugge)  [Orabug: 32136900]
- IB/mlx4: Add support for REJ due to timeout (Håkon Bugge)  [Orabug: 32136900]
- IB/mlx4: Fix starvation in paravirt mux/demux (Håkon Bugge)  [Orabug: 32136900]
- IB/mlx4: Separate tunnel and wire bufs parameters (Håkon Bugge)  [Orabug: 32136900]
- IB/mlx4: Add support for MRA (Håkon Bugge)  [Orabug: 32136900]
- IB/mlx4: Add and improve logging (Håkon Bugge)  [Orabug: 32136900]


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata