[El-errata] ELSA-2021-9215 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu May 6 12:16:56 PDT 2021


Oracle Linux Security Advisory ELSA-2021-9215

http://linux.oracle.com/errata/ELSA-2021-9215.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.50.2.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.50.2.el7uek.noarch.rpm
kernel-uek-4.1.12-124.50.2.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.50.2.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.50.2.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.50.2.el7uek.x86_64.rpm


SRPMS:

http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.50.2.el7uek.src.rpm

Related CVEs:

CVE-2020-0465
CVE-2020-0466
CVE-2020-35508
CVE-2021-20219
CVE-2021-20261
CVE-2021-28038
CVE-2021-28688
CVE-2021-28964
CVE-2021-29650




Description of changes:

[4.1.12-124.50.2.el7uek]
- btrfs: fix race when cloning extent buffer during rewind of an old root (Filipe Manana)  [Orabug: 32669454]  {CVE-2021-28964}
- xen-blkback: don't leak persistent grants from xen_blkbk_map() (Jan Beulich)  [Orabug: 32697855]  {CVE-2021-28688}
- netfilter: x_tables: Use correct memory barriers. (Mark Tomlinson)  [Orabug: 32709125]  {CVE-2021-29650}
- netfilter: x_tables: make xt_replace_table wait until old rules are not used anymore (Florian Westphal)  [Orabug: 32709125]  {CVE-2021-29650}
- do_epoll_ctl(): clean the failure exits up a bit (Al Viro)  [Orabug: 32759496]  {CVE-2020-0466}
- epoll: Keep a reference on files added to the check list (Marc Zyngier)  [Orabug: 32759496]  {CVE-2020-0466}
- HID: core: Sanitize event code and type when mapping input (Marc Zyngier)  [Orabug: 32759553]  {CVE-2020-0465}

[4.1.12-124.50.1.el7uek]
- floppy: fix lock_fdc() signal handling (Jiri Kosina)  [Orabug: 32624116]  {CVE-2021-20261}
- Xen/gnttab: handle p2m update errors on a per-slot basis (Jan Beulich)  [Orabug: 32651478]  {CVE-2021-28038}
- n_tty: Fix stall at n_tty_receive_char_special(). (Tetsuo Handa)  [Orabug: 32656942]  {CVE-2021-20219}
- fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent (Eddy Wu)  [Orabug: 32695783]  {CVE-2020-35508}
- Return EBUSY from BLKRRPART for mounted whole-dev fs (Eric Sandeen)  [Orabug: 32696741]
- SecureBoot Digicert 2021 certificates update (Brian Maly)  [Orabug: 32734505]




More information about the El-errata mailing list