[El-errata] ELSA-2020-5708 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Jun 4 06:42:03 PDT 2020 

Oracle Linux Security Advisory ELSA-2020-5708

http://linux.oracle.com/errata/ELSA-2020-5708.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.39.5.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.39.5.el7uek.noarch.rpm
kernel-uek-4.1.12-124.39.5.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.39.5.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.39.5.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.39.5.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.39.5.el7uek.src.rpm



Description of changes:

[4.1.12-124.39.5.el7uek]
- Input: ff-memless - kill timer in destroy() (Oliver Neukum)  [Orabug: 31213691]  {CVE-2019-19524}
- libertas: Fix two buffer overflows at parsing bss descriptor (Wen Huang)  [Orabug: 31351307]  {CVE-2019-14896} {CVE-2019-14897} {CVE-2019-14897}
- binfmt_elf: use ELF_ET_DYN_BASE only for PIE (Kees Cook)  [Orabug: 31352068]  {CVE-2017-1000370} {CVE-2017-1000371} {CVE-2017-1000370}
- NFSv4.0: Remove transport protocol name from non-UCS client ID (Chuck Lever)  [Orabug: 31357212]
- NFSv4.0: Remove cl_ipaddr from non-UCS client ID (Chuck Lever)  [Orabug: 31357212]
- xen/manage: enable C_A_D to force reboot (Dongli Zhang)  [Orabug: 31387466]

[4.1.12-124.39.4.el7uek]
- acpi: disable erst (Wengang Wang)  [Orabug: 31194253]
- mdio_bus: Fix use-after-free on device_register fails (YueHaibing)  [Orabug: 31222292]  {CVE-2019-12819}
- rds: ib: Fix dysfunctional long address resolve timeout (Håkon Bugge)  [Orabug: 31302708]
- vxlan: dont migrate permanent fdb entries during learn (Roopa Prabhu)  [Orabug: 31325318]
- USB: iowarrior: fix use-after-free on disconnect (Johan Hovold)  [Orabug: 31351061]  {CVE-2019-19528}
- usb: iowarrior: fix deadlock on disconnect (Oliver Neukum)  [Orabug: 31351061]  {CVE-2019-19528}
- mremap: properly flush TLB before releasing the page (Linus Torvalds)  [Orabug: 31352011]  {CVE-2018-18281}

[4.1.12-124.39.3.el7uek]
- Input: add safety guards to input_set_keycode() (Dmitry Torokhov)  [Orabug: 31200558]  {CVE-2019-20636}
- media: stv06xx: add missing descriptor sanity checks (Johan Hovold)  [Orabug: 31200579]  {CVE-2020-11609}
- media: ov519: add missing endpoint sanity checks (Johan Hovold)  [Orabug: 31213758]  {CVE-2020-11608}
- media: xirlink_cit: add missing descriptor sanity checks (Johan Hovold)  [Orabug: 31213767]  {CVE-2020-11668}
- mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring (Navid Emamdoost)  [Orabug: 31263147]  {CVE-2019-19057}
- USB: core: Fix races in character device registration and deregistraion (Alan Stern)  [Orabug: 31317667]  {CVE-2019-19537}

More information about the El-errata mailing list