El-errata: ELSA-2020-5706 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
Oracle Linux Security Advisory ELSA-2020-5706
http://linux.oracle.com/errata/ELSA-2020-5706.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-firmware-3.8.13-118.46.1.el7uek.noarch.rpm
kernel-uek-doc-3.8.13-118.46.1.el7uek.noarch.rpm
kernel-uek-3.8.13-118.46.1.el7uek.x86_64.rpm
kernel-uek-devel-3.8.13-118.46.1.el7uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-118.46.1.el7uek.x86_64.rpm
kernel-uek-debug-3.8.13-118.46.1.el7uek.x86_64.rpm
dtrace-modules-3.8.13-118.46.1.el7uek-0.4.5-3.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-3.8.13-118.46.1.el7uek.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/dtrace-modules-3.8.13-118.46.1.el7uek-0.4.5-3.el7.src.rpm
Description of changes:
kernel-uek
[3.8.13-118.46.1.el7uek]
- ipv6: only static routes qualify for equal cost multipathing (Hannes
Frederic Sowa) [Orabug: 30977687] {CVE-2013-4125}
- USB: adutux: fix use-after-free on disconnect (Johan Hovold) [Orabug:
31240296] {CVE-2019-19523}
- USB: core: Fix races in character device registration and
deregistraion (Alan Stern) [Orabug: 31317668] {CVE-2019-19537}
- USB: iowarrior: fix use-after-free on disconnect (Johan Hovold)
[Orabug: 31351063] {CVE-2019-19528}
- usb: iowarrior: fix deadlock on disconnect (Oliver Neukum) [Orabug:
31351063] {CVE-2019-19528}
- mremap: properly flush TLB before releasing the page (Linus Torvalds)
[Orabug: 31352012] {CVE-2018-18281}
An Unbreakable Enterprise kernel security update has been released for Oracle Linux 7.