[Oraclevm-errata] OVMSA-2021-0022 Important: Oracle VM 3 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Wed Jul 7 11:30:06 PDT 2021


Oracle VM Security Advisory OVMSA-2021-0022

The following updated rpms for Oracle VM 3 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-4.1.12-124.52.4.el6uek.x86_64.rpm
kernel-uek-firmware-4.1.12-124.52.4.el6uek.noarch.rpm



Related CVEs:

CVE-2020-12352
CVE-2020-36386
CVE-2021-31916
CVE-2021-33034




Description of changes:

[4.1.12-124.52.4.el6uek]
- IB/core: Only update PKEY and GID caches on respective events (Håkon Bugge)  [Orabug: 32816368]
- Revert "Allow mce to reset instead of panic on UE" (William Roche)  [Orabug: 32820278]
- Bluetooth: verify AMP hci_chan before amp_destroy (Archie Pusaka)  [Orabug: 32912103]  {CVE-2021-33034}
- Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() (Peilin Ye)  [Orabug: 33013890]  {CVE-2020-36386}
- qla2xxx: update version to 9.00.00.00.42.0-k1-v5 (Quinn Tran)  [Orabug: 33015884]
- scsi: qla2xxx: v2: Fix login retry count (Quinn Tran)  [Orabug: 29411891] [Orabug: 33015884]
- scsi: qla2xxx: Properly extract ADISC error codes (Quinn Tran)  [Orabug: 33015884]
- scsi: qla2xxx: Replace GPDB with async ADISC command (Quinn Tran)  [Orabug: 33015884]
- qla2xxx: update version to 9.00.00.00.42.0-k1-v4 (Quinn Tran)  [Orabug: 33015884]
- qla2xxx: fix relogin stalled. (Quinn Tran)  [Orabug: 27700529] [Orabug: 33015884]
- net/mlx4: Treat VFs fair when handling comm_channel_events (Hans Westgaard Ry)  [Orabug: 33017263]

[4.1.12-124.52.3.el6uek]
- iommu/vt-d: Don't dereference iommu_device if IOMMU_API is not built (Bartosz Golaszewski)  [Orabug: 32974492]
- iommu/vt-d: Gracefully handle DMAR units with no supported address widths (David Woodhouse)  [Orabug: 32974492]
- secureboot: make sure kernel-signing.cer is copied to kernel-keys dir (Brian Maly)  [Orabug: 32978042]

[4.1.12-124.52.2.el6uek]
- Bluetooth: A2MP: Fix not initializing all members (Luiz Augusto von Dentz)  [Orabug: 32021289]  {CVE-2020-12352}
- RDS tcp loopback connection can hang (Rao Shoaib)  [Orabug: 32926868]

[4.1.12-124.52.1.el6uek]
- dm ioctl: fix out of bounds array access when no devices (Mikulas Patocka)  [Orabug: 32860494]  {CVE-2021-31916}




More information about the Oraclevm-errata mailing list