[El-errata] ELSA-2024-12700 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Oct 2 17:08:00 UTC 2024
Oracle Linux Security Advisory ELSA-2024-12700
http://linux.oracle.com/errata/ELSA-2024-12700.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
x86_64:
kernel-uek-doc-4.1.12-124.90.3.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.90.3.el7uek.noarch.rpm
kernel-uek-4.1.12-124.90.3.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.90.3.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.90.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.90.3.el7uek.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-4.1.12-124.90.3.el7uek.src.rpm
Related CVEs:
CVE-2024-26931
CVE-2024-35877
CVE-2024-35886
CVE-2024-35930
CVE-2024-35935
CVE-2024-35947
CVE-2024-36004
Description of changes:
[4.1.12-124.90.3.el7uek]
- SUNRPC: increase size of rpc_wait_queue.qlen from unsigned short to unsigned int (Dai Ngo) [Orabug: 37055439]
[4.1.12-124.90.2.el7uek]
- scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (Justin Tee) [Orabug: 36643241] {CVE-2024-35930}
- scsi: qla2xxx: Fix command flush on cable pull (Quinn Tran) [Orabug: 36596617] {CVE-2024-26931}
- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (David Fernandez Gonzalez) [Orabug: 33917166]
[4.1.12-124.90.1.el7uek]
- i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (Sindhu Devale) [Orabug: 36643519] {CVE-2024-36004}
- dyndbg: fix old BUG_ON in >control parser (Jim Cromie) [Orabug: 36643340] {CVE-2024-35947}
- btrfs: send: handle path ref underflow in header iterate_inode_ref() (David Sterba) [Orabug: 36643269] {CVE-2024-35935}
- ipv6: Fix infinite recursion in fib6_dump_done(). (Kuniyuki Iwashima) [Orabug: 36643095] {CVE-2024-35886}
- x86/mm/pat: fix VM_PAT handling in COW mappings (David Hildenbrand) [Orabug: 36643059] {CVE-2024-35877}
More information about the El-errata
mailing list