Oracle Linux 6277 Published by

An unbreakable Enterprise kernel security update has been released for Oracle Linux 5



Oracle Linux Security Advisory ELSA-2019-4872

http://linux.oracle.com/errata/ELSA-2019-4872.html

The following updated rpms for Oracle Linux 5 Extended Lifecycle Support
(ELS) have been uploaded to the Unbreakable Linux Network:

i386:
kernel-uek-2.6.39-400.317.1.el5uek.i686.rpm
kernel-uek-debug-2.6.39-400.317.1.el5uek.i686.rpm
kernel-uek-debug-devel-2.6.39-400.317.1.el5uek.i686.rpm
kernel-uek-devel-2.6.39-400.317.1.el5uek.i686.rpm
kernel-uek-doc-2.6.39-400.317.1.el5uek.noarch.rpm
kernel-uek-firmware-2.6.39-400.317.1.el5uek.noarch.rpm

x86_64:
kernel-uek-firmware-2.6.39-400.317.1.el5uek.noarch.rpm
kernel-uek-doc-2.6.39-400.317.1.el5uek.noarch.rpm
kernel-uek-2.6.39-400.317.1.el5uek.x86_64.rpm
kernel-uek-devel-2.6.39-400.317.1.el5uek.x86_64.rpm
kernel-uek-debug-devel-2.6.39-400.317.1.el5uek.x86_64.rpm
kernel-uek-debug-2.6.39-400.317.1.el5uek.x86_64.rpm


Description of changes:

[2.6.39-400.317.1.el5uek]
- ieee802154: enforce CAP_NET_RAW for raw sockets (Allen Pais) [Orabug:
30444948] {CVE-2019-17053}
- mISDN: enforce CAP_NET_RAW for raw sockets (Ori Nimron) [Orabug:
30445161] {CVE-2019-17055}
- net: sit: fix memory leak in sit_init_net() (Mao Wenan) [Orabug:
30445309] {CVE-2019-16994}
- media: dvb: usb: fix use after free in dvb_usb_device_exit (Oliver
Neukum) [Orabug: 30490493] {CVE-2019-15213}
- media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in
zr364xx_vidioc_querycap (Vandana BN) [Orabug: 30532776] {CVE-2019-15217}
- USB: sisusbvga: fix oops in error path of sisusb_probe (Oliver Neukum)
[Orabug: 30548567] {CVE-2019-15219}