Oracle Linux 6277 Published by

An Unbreakable Enterprise kernel security update has been released for Oracle Linux 7.



El-errata: ELSA-2020-5837 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2020-5837

  http://linux.oracle.com/errata/ELSA-2020-5837.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.42.3.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.42.3.el7uek.noarch.rpm
kernel-uek-4.1.12-124.42.3.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.42.3.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.42.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.42.3.el7uek.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.42.3.el7uek.src.rpm


Description of changes:

[4.1.12-124.42.3.el7uek]
- can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices (Tomas
Bortoli) [Orabug: 31351221] {CVE-2019-19535}
- media: hdpvr: Fix an error handling path in hdpvr_probe() (Arvind
Yadav) [Orabug: 31352053] {CVE-2017-16644}
- fs/binfmt_misc.c: do not allow offset overflow (Thadeu Lima de Souza
Cascardo) [Orabug: 31588258]
- clear inode and truncate pages before enqueuing for async inactivation
(Gautham Ananthakrishna) [Orabug: 31744270]

[4.1.12-124.42.2.el7uek]
- mm: create alloc_last_chance debugfs entries (Mike Kravetz) [Orabug:
31295499]
- mm: perform 'last chance' reclaim efforts before allocation failure
(Mike Kravetz) [Orabug: 31295499]
- mm: let page allocation slowpath retry 'order' times (Mike Kravetz)
[Orabug: 31295499]
- fix kABI breakage from "netns: provide pure entropy for
net_hash_mix()" (Dan Duval) [Orabug: 31351904] {CVE-2019-10638}
{CVE-2019-10639}
- netns: provide pure entropy for net_hash_mix() (Eric Dumazet) [Orabug:
31351904] {CVE-2019-10638} {CVE-2019-10639}
- hrtimer: Annotate lockless access to timer->base (Eric Dumazet)
[Orabug: 31380495]
- rds: ib: Revert "net/rds: Avoid stalled connection due to CM REQ
retries" (Håkon Bugge) [Orabug: 31648141]
- rds: Clear reconnect pending bit (Håkon Bugge) [Orabug: 31648141]
- RDMA/netlink: Do not always generate an ACK for some netlink
operations (Håkon Bugge) [Orabug: 31666975]
- genirq/proc: Return proper error code when irq_set_affinity() fails
(Wen Yaxng) [Orabug: 31723450]

[4.1.12-124.42.1.el7uek]
- fs/binfmt_elf.c: allocate initialized memory in
fill_thread_core_info() (Alexander Potapenko) [Orabug: 31350639]
{CVE-2020-10732}
- crypto: user - fix memory leak in crypto_report (Navid Emamdoost)
[Orabug: 31351640] {CVE-2019-19062}
- of: unittest: fix memory leak in unittest_data_add (Navid Emamdoost)
[Orabug: 31351702] {CVE-2019-19049}
- IB/sa: Resolv use-after-free in ib_nl_make_request() (Divya Indi)
[Orabug: 31656992]
- net-sysfs: call dev_hold if kobject_init_and_add success (YueHaibing)
[Orabug: 31687545] {CVE-2019-20811}