An unbreakable Enterprise kernel security update has been released for Oracle Linux 6
Oracle Linux Security Advisory ELSA-2019-4871
http://linux.oracle.com/errata/ELSA-2019-4871.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-firmware-3.8.13-118.41.1.el6uek.noarch.rpm
kernel-uek-doc-3.8.13-118.41.1.el6uek.noarch.rpm
kernel-uek-3.8.13-118.41.1.el6uek.x86_64.rpm
kernel-uek-devel-3.8.13-118.41.1.el6uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-118.41.1.el6uek.x86_64.rpm
kernel-uek-debug-3.8.13-118.41.1.el6uek.x86_64.rpm
dtrace-modules-3.8.13-118.41.1.el6uek-0.4.5-3.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-3.8.13-118.41.1.el6uek.src.rpm
http://oss.oracle.com/ol6/SRPMS-updates/dtrace-modules-3.8.13-118.41.1.el6uek-0.4.5-3.el6.src.rpm
Description of changes:
kernel-uek
[3.8.13-118.41.1.el6uek]
- x86/speculation: Determine swapgs before alternative instructions are
set (Patrick Colp) [Orabug: 30379626]
- ieee802154: enforce CAP_NET_RAW for raw sockets (Allen Pais) [Orabug:
30444947] {CVE-2019-17053}
- mISDN: enforce CAP_NET_RAW for raw sockets (Ori Nimron) [Orabug:
30445159] {CVE-2019-17055}
- net: sit: fix memory leak in sit_init_net() (Mao Wenan) [Orabug:
30445307] {CVE-2019-16994}
- media: dvb: usb: fix use after free in dvb_usb_device_exit (Oliver
Neukum) [Orabug: 30490492] {CVE-2019-15213}
- media: cpia2_usb: first wake up, then free in disconnect (Oliver
Neukum) [Orabug: 30511742] {CVE-2019-15215}
- media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in
zr364xx_vidioc_querycap (Vandana BN) [Orabug: 30532775] {CVE-2019-15217}
- USB: sisusbvga: fix oops in error path of sisusb_probe (Oliver Neukum)
[Orabug: 30548566] {CVE-2019-15219}