[El-errata] ELSA-2021-9346 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Jul 2 08:18:59 PDT 2021


Oracle Linux Security Advisory ELSA-2021-9346

http://linux.oracle.com/errata/ELSA-2021-9346.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.52.4.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.52.4.el7uek.noarch.rpm
kernel-uek-4.1.12-124.52.4.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.52.4.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.52.4.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.52.4.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.52.4.el7uek.src.rpm

Related CVEs:

CVE-2020-12352
CVE-2020-36386
CVE-2021-31916
CVE-2021-33034




Description of changes:

[4.1.12-124.52.4.el7uek]
- IB/core: Only update PKEY and GID caches on respective events (Håkon Bugge)  [Orabug: 32816368]
- Revert "Allow mce to reset instead of panic on UE" (William Roche)  [Orabug: 32820278]
- Bluetooth: verify AMP hci_chan before amp_destroy (Archie Pusaka)  [Orabug: 32912103]  {CVE-2021-33034}
- Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() (Peilin Ye)  [Orabug: 33013890]  {CVE-2020-36386}
- qla2xxx: update version to 9.00.00.00.42.0-k1-v5 (Quinn Tran)  [Orabug: 33015884]
- scsi: qla2xxx: v2: Fix login retry count (Quinn Tran)  [Orabug: 29411891] [Orabug: 33015884]
- scsi: qla2xxx: Properly extract ADISC error codes (Quinn Tran)  [Orabug: 33015884]
- scsi: qla2xxx: Replace GPDB with async ADISC command (Quinn Tran)  [Orabug: 33015884]
- qla2xxx: update version to 9.00.00.00.42.0-k1-v4 (Quinn Tran)  [Orabug: 33015884]
- qla2xxx: fix relogin stalled. (Quinn Tran)  [Orabug: 27700529] [Orabug: 33015884]
- net/mlx4: Treat VFs fair when handling comm_channel_events (Hans Westgaard Ry)  [Orabug: 33017263]

[4.1.12-124.52.3.el7uek]
- iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built (Bartosz Golaszewski)  [Orabug: 32974492]
- iommu/vt-d: Gracefully handle DMAR units with no supported address widths (David Woodhouse)  [Orabug: 32974492]
- secureboot: make sure kernel-signing.cer is copied to kernel-keys dir (Brian Maly)  [Orabug: 32978042]

[4.1.12-124.52.2.el7uek]
- Bluetooth: A2MP: Fix not initializing all members (Luiz Augusto von Dentz)  [Orabug: 32021289]  {CVE-2020-12352}
- RDS tcp loopback connection can hang (Rao Shoaib)  [Orabug: 32926868]

[4.1.12-124.52.1.el7uek]
- dm ioctl: fix out of bounds array access when no devices (Mikulas Patocka)  [Orabug: 32860494]  {CVE-2021-31916}




More information about the El-errata mailing list