El-errata: ELSA-2020-5926 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
Oracle Linux Security Advisory ELSA-2020-5926
http://linux.oracle.com/errata/ELSA-2020-5926.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-doc-4.1.12-124.45.2.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.45.2.el6uek.noarch.rpm
kernel-uek-4.1.12-124.45.2.el6uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.45.2.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.45.2.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.45.2.el6uek.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-4.1.12-124.45.2.el6uek.src.rpm
Description of changes:
[4.1.12-124.45.2.el6uek]
- powercap: restrict energy meter to root access (Kanth Ghatraju)
[Orabug: 32137965] {CVE-2020-8694} {CVE-2020-8695}
[4.1.12-124.45.1.el6uek]
- Revert "x86/efi: Initialize and display UEFI secure boot state a bit
later during init" (Eric Snowberg) [Orabug: 31887248] - xfs: fix
xfs_inode use after free (Wengang Wang) [Orabug: 31932452] - SUNRPC:
ECONNREFUSED should cause a rebind. (NeilBrown) [Orabug: 32070175] -
netfilter: nfnetlink: correctly validate length of batch messages (Phil
Turnbull) [Orabug: 30658635] {CVE-2016-7917}
- xc2028: Fix use-after-free bug properly (Takashi Iwai) [Orabug:
30658659] {CVE-2016-7913}
- [media] xc2028: avoid use after free (Mauro Carvalho Chehab) [Orabug:
30658659] {CVE-2016-7913}
- uek-rpm: Create initramfs at postinstall stage also. (Somasundaram
Krishnasamy) [Orabug: 30821411] - hdlc_ppp: add range checks in
ppp_cp_parse_cr() (Dan Carpenter) [Orabug: 31989190] {CVE-2020-25643}
- tracing: Reverse the order of trace_types_lock and event_mutex (Alan
Maguire) [Orabug: 32002706] - ocfs2/dlm: move lock to the tail of grant
queue while doing in-place convert (xuejiufei) [Orabug: 32071234]
An unbreakable Enterprise kernel security update has been released for Oracle Linux 6.