|
|
Subscribe / Log in / New account

Oracle alert ELSA-2021-9030 (kernel)



From:
              Errata Announcements for Oracle Linux <el-errata@oss.oracle.com>


To:
              "el-errata@oss.oracle.com" <el-errata@oss.oracle.com>


Subject:
              [El-errata] ELSA-2021-9030 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update


Date:
              Thu, 04 Feb 2021 16:55:07 +0000


Message-ID:
               <MWHPR10MB1375A63F18F5D5DB1317BD209AB39@MWHPR10MB1375.namprd10.prod.outlook.com>


Oracle Linux Security Advisory ELSA-2021-9030

http://linux.oracle.com/errata/ELSA-2021-9030.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.47.3.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.47.3.el7uek.noarch.rpm
kernel-uek-4.1.12-124.47.3.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.47.3.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.47.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.47.3.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12...



Description of changes:

[4.1.12-124.47.3.el7uek]
- sysctl: handle overflow in proc_get_long (Christian Brauner)  [Orabug: 31588015]

[4.1.12-124.47.2.el7uek]
- mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() (Qing Xu)  [Orabug:
31350932]  {CVE-2020-12653}
- lockd: don't use interval-based rebinding over TCP (Calum Mackay)  [Orabug: 31435700] 
- ALSA: rawmidi: Fix racy buffer resize under concurrent accesses (Takashi Iwai)  [Orabug:
32240688]  {CVE-2020-27786}
- xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park)  [Orabug: 32247942]
{CVE-2020-29568}
- xen/xenbus: Count pending messages for each watch (SeongJae Park)  [Orabug: 32247942]
{CVE-2020-29568}
- xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park)  [Orabug: 32247942]
{CVE-2020-29568}
- xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (SeongJae Park)  [Orabug:
32247942]  {CVE-2020-29568}
- xen/xenbus: Allow watches discard events before queueing (SeongJae Park)  [Orabug: 32247942]
{CVE-2020-29568}
- KVM: x86: clflushopt should be treated as a no-op by emulation (David Edmondson)  [Orabug:
32251907] 
- tty: Fix ->session locking (Jann Horn)  [Orabug: 32266682]  {CVE-2020-29660}
- tty: Fix ->pgrp locking in tiocspgrp() (Jann Horn)  [Orabug: 32266682]  {CVE-2020-29660}
- tty: core: Use correct spinlock flavor in tiocspgrp() (Peter Hurley)  [Orabug: 32266682]
{CVE-2020-29660}
- mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui)
[Orabug: 32349208]  {CVE-2020-36158}

[4.1.12-124.47.1.el7uek]
- target: fix XCOPY NAA identifier lookup (Mike Christie)  [Orabug: 32374139]  {CVE-2020-28374}


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds