An Unbreakable Enterprise kernel security update has been released for Oracle Linux 7.
Oracle Linux Security Advisory ELSA-2020-5535
http://linux.oracle.com/errata/ELSA-2020-5535.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-doc-4.1.12-124.36.1.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.36.1.el7uek.noarch.rpm
kernel-uek-4.1.12-124.36.1.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.36.1.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.36.1.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.36.1.el7uek.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.36.1.el7uek.src.rpm
Description of changes:
[4.1.12-124.36.1.el7uek]
- iscsi-target: graceful disconnect on invalid mapping to iovec (Imran
Haider) [Orabug: 30459537] - x86/microcode: Issue update message only
once (Borislav Petkov) [Orabug: 30528904] - x86/microcode/intel: Issue
the revision updated message only on the BSP (Borislav Petkov) [Orabug:
30528904] - KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID
(CVE-2019-19332) (Paolo Bonzini) [Orabug: 30658695] {CVE-2019-19332}
- rtlwifi: Fix potential overflow on P2P code (Laura Abbott) [Orabug:
30807748] {CVE-2019-17666}
[4.1.12-124.35.5.el7uek]
- x86: microcode: propagate return value to siblings (Mihai Carabas)
[Orabug: 30557086] - x86/bugs: TSX not disabled at late loading (Mihai
Carabas) [Orabug: 30557086] - mlx5: lock mlx5_core to prevent module
unload (Brian Maly) [Orabug: 30566775] - rds: RDS/TCP does not initiate
a connection (Ka-Cheong Poon) [Orabug: 30576433] - x86: bugs: replace
static_ with boot_ for CPU bugs mitigations (Mihai Carabas) [Orabug:
30649400]