[El-errata] ELSA-2019-4316 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Jan 4 13:03:11 PST 2019 

Oracle Linux Security Advisory ELSA-2019-4316

http://linux.oracle.com/errata/ELSA-2019-4316.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
kernel-uek-firmware-3.8.13-118.29.1.el7uek.noarch.rpm
kernel-uek-doc-3.8.13-118.29.1.el7uek.noarch.rpm
kernel-uek-3.8.13-118.29.1.el7uek.x86_64.rpm
kernel-uek-devel-3.8.13-118.29.1.el7uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-118.29.1.el7uek.x86_64.rpm
kernel-uek-debug-3.8.13-118.29.1.el7uek.x86_64.rpm
dtrace-modules-3.8.13-118.29.1.el7uek-0.4.5-3.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-3.8.13-118.29.1.el7uek.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/dtrace-modules-3.8.13-118.29.1.el7uek-0.4.5-3.el7.src.rpm



Description of changes:

kernel-uek
[3.8.13-118.29.1.el7uek]
- Copy secure_boot flag in boot params across kexec reboot (Dave Young) 
[Orabug: 22066352] {CVE-2015-7837}
- ipv6: tcp: add rcu locking in tcp_v6_send_synack() (Eric Dumazet) 
[Orabug: 25059183] {CVE-2016-3841}
- ipv6: add complete rcu protection around np->opt (Eric Dumazet) 
[Orabug: 25059183] {CVE-2016-3841}
- scsi: qla2xxx: Fix an integer overflow in sysfs code (Dan Carpenter) 
[Orabug: 28220420] {CVE-2017-14051}
- ext4: fail ext4_iget for root directory if unallocated (Theodore Ts'o) 
[Orabug: 28220433] {CVE-2018-1092} {CVE-2018-1092}
- certs: Add Oracle's new X509 cert into the kernel keyring (Eric 
Snowberg) [Orabug: 28926205] - ALSA: seq: Fix regression by incorrect 
ioctl_mutex usages (Takashi Iwai) [Orabug: 29005190] {CVE-2018-1000004}
- netfilter: xt_osf: Add missing permission checks (Kevin Cernekee) 
[Orabug: 29037832] {CVE-2017-17450}
- wil6210: missing length check in wmi_set_ie (Lior David) [Orabug: 
29060697] {CVE-2018-5848}
- HID: debug: check length before copy_to_user() (Daniel Rosenberg) 
[Orabug: 29128167] {CVE-2018-9516}
- x86/MCE: Serialize sysfs changes (Seunghun Han) [Orabug: 29152249] 
{CVE-2018-7995}
- Input: i8042 - fix crash at boot time (Chen Hong) [Orabug: 29152329] 
{CVE-2017-18079}

More information about the El-errata mailing list