[El-errata] ELSA-2019-4532 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Feb 7 05:29:14 PST 2019


Oracle Linux Security Advisory ELSA-2019-4532

http://linux.oracle.com/errata/ELSA-2019-4532.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
kernel-uek-firmware-3.8.13-118.30.1.el7uek.noarch.rpm
kernel-uek-doc-3.8.13-118.30.1.el7uek.noarch.rpm
kernel-uek-3.8.13-118.30.1.el7uek.x86_64.rpm
kernel-uek-devel-3.8.13-118.30.1.el7uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-118.30.1.el7uek.x86_64.rpm
kernel-uek-debug-3.8.13-118.30.1.el7uek.x86_64.rpm
dtrace-modules-3.8.13-118.30.1.el7uek-0.4.5-3.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-3.8.13-118.30.1.el7uek.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/dtrace-modules-3.8.13-118.30.1.el7uek-0.4.5-3.el7.src.rpm



Description of changes:

[3.8.13-118.30.1.el7uek]
- ext4: validate that metadata blocks do not overlap superblock (Theodore Ts'o)  [Orabug: 28220451]  {CVE-2018-1094}
- ext4: always initialize the crc32c checksum driver (Theodore Ts'o)  [Orabug: 28220451]  {CVE-2018-1094} {CVE-2018-1094}
- vfs: Add sb_rdonly(sb) to query the MS_RDONLY flag on s_flags (David Howells)  [Orabug: 28220451]  {CVE-2018-1094}
- ocfs2: should wait dio before inode lock in ocfs2_setattr() (alex chen)  [Orabug: 28852830]  {CVE-2017-18204}
- Make file credentials available to the seqfile interfaces (Linus Torvalds)  [Orabug: 29114878]  {CVE-2018-17972}
- proc: restrict kernel stack dumps to root (Jann Horn)  [Orabug: 29114878]  {CVE-2018-17972}
- btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized (Qu Wenruo)  [Orabug: 29301105]  {CVE-2018-14609}





More information about the El-errata mailing list