[El-errata] ELSA-2021-9005 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update (aarch64)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Jan 12 15:06:37 PST 2021


Oracle Linux Security Advisory ELSA-2021-9005

http://linux.oracle.com/errata/ELSA-2021-9005.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

aarch64:
kernel-uek-4.14.35-2025.404.1.1.el7uek.aarch64.rpm
kernel-uek-debug-4.14.35-2025.404.1.1.el7uek.aarch64.rpm
kernel-uek-debug-devel-4.14.35-2025.404.1.1.el7uek.aarch64.rpm
kernel-uek-devel-4.14.35-2025.404.1.1.el7uek.aarch64.rpm
kernel-uek-tools-4.14.35-2025.404.1.1.el7uek.aarch64.rpm
kernel-uek-tools-libs-4.14.35-2025.404.1.1.el7uek.aarch64.rpm
kernel-uek-tools-libs-devel-4.14.35-2025.404.1.1.el7uek.aarch64.rpm
perf-4.14.35-2025.404.1.1.el7uek.aarch64.rpm
python-perf-4.14.35-2025.404.1.1.el7uek.aarch64.rpm
kernel-uek-headers-4.14.35-2025.404.1.1.el7uek.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.14.35-2025.404.1.1.el7uek.src.rpm



Description of changes:

[4.14.35-2025.404.1.1.el7uek]
- target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 
32248040] {CVE-2020-28374}

[4.14.35-2025.404.1.el7uek]
- xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) 
[Orabug: 32253412] {CVE-2020-29568}
- xen/xenbus: Count pending messages for each watch (SeongJae Park) 
[Orabug: 32253412] {CVE-2020-29568}
- xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae 
Park) [Orabug: 32253412] {CVE-2020-29568}
- xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() 
(SeongJae Park) [Orabug: 32253412] {CVE-2020-29568}
- xen/xenbus: Allow watches discard events before queueing (SeongJae 
Park) [Orabug: 32253412] {CVE-2020-29568}
- xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel 
Wieczorkiewicz) [Orabug: 32260256] {CVE-2020-29569}

[4.14.35-2025.404.0.el7uek]
- vhost scsi: Add support for LUN resets. (Mike Christie) [Orabug: 32201584]
- vhost/scsi: Use copy_to_iter() to send control queue response (Bijan 
Mottahedeh) [Orabug: 32201584]
- vhost scsi: add lun parser helper (Mike Christie) [Orabug: 32201584]
- scsi: sd: Allow user to configure command retries (Mike Christie) 
[Orabug: 32201584]
- scsi: core: Add limitless cmd retry support (Mike Christie) [Orabug: 
32201584]

[4.14.35-2025.403.5.el7uek]
- dm crypt: Allow unaligned bio buffer lengths for skcipher devices 
(Sudhakar Panneerselvam) [Orabug: 32210463]
- mm: thp: make the THP mapcount atomic against 
__split_huge_pmd_locked() (Andrea Arcangeli) [Orabug: 32212583] 
{CVE-2020-29368}
- perf/core: Fix race in the perf_mmap_close() function (Jiri Olsa) 
[Orabug: 32233358] {CVE-2020-14351}

[4.14.35-2025.403.4.el7uek]
- icmp: randomize the global rate limiter (Eric Dumazet) [Orabug: 
32227961] {CVE-2020-25705}
- ocfs2: initialize ip_next_orphan (Wengang Wang) [Orabug: 32159055]
- hv_netvsc: make recording RSS hash depend on feature flag (Stephen 
Hemminger) [Orabug: 32159975]
- hv_netvsc: record hardware hash in skb (Stephen Hemminger) [Orabug: 
32159975]
- Fonts: Support FONT_EXTRA_WORDS macros for built-in fonts (Peilin Ye) 
[Orabug: 32176263] {CVE-2020-28915}
- fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h 
(Peilin Ye) [Orabug: 32176263] {CVE-2020-28915}
- block: Fix use-after-free in blkdev_get() (Jason Yan) [Orabug: 
32194608] {CVE-2020-15436}
- serial: 8250: fix null-ptr-deref in serial8250_start_tx() (Yang 
Yingliang) [Orabug: 32194712] {CVE-2020-15437}
- staging: rts5208: rename SG_END macro (Arnd Bergmann) [Orabug: 32218496]
- misc: rtsx: rename SG_END macro (Arnd Bergmann) [Orabug: 32218496]





More information about the El-errata mailing list