[Oraclevm-errata] OVMSA-2021-0005 Important: Oracle VM 3.4 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Thu Feb 4 17:51:22 PST 2021

Oracle VM Security Advisory OVMSA-2021-0005

The following updated rpms for Oracle VM 3.4 have been uploaded to the Unbreakable Linux Network:



Description of changes:

- sysctl: handle overflow in proc_get_long (Christian Brauner)  [Orabug: 31588015]

- mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() (Qing Xu)  [Orabug: 31350932]  {CVE-2020-12653}
- lockd: don't use interval-based rebinding over TCP (Calum Mackay)  [Orabug: 31435700] 
- ALSA: rawmidi: Fix racy buffer resize under concurrent accesses (Takashi Iwai)  [Orabug: 32240688]  {CVE-2020-27786}
- xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park)  [Orabug: 32247942]  {CVE-2020-29568}
- xen/xenbus: Count pending messages for each watch (SeongJae Park)  [Orabug: 32247942]  {CVE-2020-29568}
- xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park)  [Orabug: 32247942]  {CVE-2020-29568}
- xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (SeongJae Park)  [Orabug: 32247942]  {CVE-2020-29568}
- xen/xenbus: Allow watches discard events before queueing (SeongJae Park)  [Orabug: 32247942]  {CVE-2020-29568}
- KVM: x86: clflushopt should be treated as a no-op by emulation (David Edmondson)  [Orabug: 32251907] 
- tty: Fix ->session locking (Jann Horn)  [Orabug: 32266682]  {CVE-2020-29660}
- tty: Fix ->pgrp locking in tiocspgrp() (Jann Horn)  [Orabug: 32266682]  {CVE-2020-29660}
- tty: core: Use correct spinlock flavor in tiocspgrp() (Peter Hurley)  [Orabug: 32266682]  {CVE-2020-29660}
- mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui)  [Orabug: 32349208]  {CVE-2020-36158}

- target: fix XCOPY NAA identifier lookup (Mike Christie)  [Orabug: 32374139]  {CVE-2020-28374}

More information about the Oraclevm-errata mailing list