[El-errata] ELSA-2021-9395 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

[Errata Announcements for Oracle Linux]

Oracle Linux Security Advisory ELSA-2021-9395

http://linux.oracle.com/errata/ELSA-2021-9395.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.53.5.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.53.5.el7uek.noarch.rpm
kernel-uek-4.1.12-124.53.5.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.53.5.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.53.5.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.53.5.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.53.5.el7uek.src.rpm

Related CVEs:

CVE-2020-14304
CVE-2021-22555
CVE-2021-32399
CVE-2021-33909




Description of changes:

[4.1.12-124.53.5.el7uek]
- seq_file: disallow extremely large seq buffer allocations (Eric Sandeen)  [Orabug: 33143006]  {CVE-2021-33909}

[4.1.12-124.53.3.el7uek]
- net/mlx4: Fix EEPROM dump support (Vladyslav Tarasiuk)  [Orabug: 31895301]  {CVE-2020-14304}
- net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query (Erez Alfasi)  [Orabug: 31895301]  {CVE-2020-14304}
- netfilter: x_tables: fix compat match/target pad out-of-bound write (Florian Westphal)  [Orabug: 33093028]  {CVE-2021-22555}
- xen/blkback: Make sure all vbd fields are initialized (Boris Ostrovsky)  [Orabug: 33131620]

[4.1.12-124.53.2.el7uek]
- scsi: lpfc: Fix driver crash in target reset handler (James Smart)  [Orabug: 33048899]

[4.1.12-124.53.1.el7uek]
- xfs: fix lockup issue (Junxiao Bi)  [Orabug: 32836026]
- bluetooth: eliminate the potential race condition when removing the HCI controller (Lin Ma)  [Orabug: 32912036]  {CVE-2021-32399} {CVE-2021-32399}