Oracle Linux 6277 Published by

An Unbreakable Enterprise kernel security update has been released for Oracle Linux 6.



El-errata: ELSA-2020-5706 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2020-5706

  http://linux.oracle.com/errata/ELSA-2020-5706.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-firmware-3.8.13-118.46.1.el6uek.noarch.rpm
kernel-uek-doc-3.8.13-118.46.1.el6uek.noarch.rpm
kernel-uek-3.8.13-118.46.1.el6uek.x86_64.rpm
kernel-uek-devel-3.8.13-118.46.1.el6uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-118.46.1.el6uek.x86_64.rpm
kernel-uek-debug-3.8.13-118.46.1.el6uek.x86_64.rpm
dtrace-modules-3.8.13-118.46.1.el6uek-0.4.5-3.el6.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-3.8.13-118.46.1.el6uek.src.rpm
  http://oss.oracle.com/ol6/SRPMS-updates/dtrace-modules-3.8.13-118.46.1.el6uek-0.4.5-3.el6.src.rpm


Description of changes:

kernel-uek
[3.8.13-118.46.1.el6uek]
- ipv6: only static routes qualify for equal cost multipathing (Hannes
Frederic Sowa) [Orabug: 30977687] {CVE-2013-4125}
- USB: adutux: fix use-after-free on disconnect (Johan Hovold) [Orabug:
31240296] {CVE-2019-19523}
- USB: core: Fix races in character device registration and
deregistraion (Alan Stern) [Orabug: 31317668] {CVE-2019-19537}
- USB: iowarrior: fix use-after-free on disconnect (Johan Hovold)
[Orabug: 31351063] {CVE-2019-19528}
- usb: iowarrior: fix deadlock on disconnect (Oliver Neukum) [Orabug:
31351063] {CVE-2019-19528}
- mremap: properly flush TLB before releasing the page (Linus Torvalds)
[Orabug: 31352012] {CVE-2018-18281}