Oracle Linux 6277 Published by

An unbreakable Enterprise kernel security update has been released for Oracle Linux 7.



El-errata: ELSA-2020-5926 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2020-5926

  http://linux.oracle.com/errata/ELSA-2020-5926.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.45.2.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.45.2.el7uek.noarch.rpm
kernel-uek-4.1.12-124.45.2.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.45.2.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.45.2.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.45.2.el7uek.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.45.2.el7uek.src.rpm


Description of changes:

[4.1.12-124.45.2.el7uek]
- powercap: restrict energy meter to root access (Kanth Ghatraju)
[Orabug: 32137965] {CVE-2020-8694} {CVE-2020-8695}

[4.1.12-124.45.1.el7uek]
- Revert "x86/efi: Initialize and display UEFI secure boot state a bit
later during init" (Eric Snowberg) [Orabug: 31887248] - xfs: fix
xfs_inode use after free (Wengang Wang) [Orabug: 31932452] - SUNRPC:
ECONNREFUSED should cause a rebind. (NeilBrown) [Orabug: 32070175] -
netfilter: nfnetlink: correctly validate length of batch messages (Phil
Turnbull) [Orabug: 30658635] {CVE-2016-7917}
- xc2028: Fix use-after-free bug properly (Takashi Iwai) [Orabug:
30658659] {CVE-2016-7913}
- [media] xc2028: avoid use after free (Mauro Carvalho Chehab) [Orabug:
30658659] {CVE-2016-7913}
- uek-rpm: Create initramfs at postinstall stage also. (Somasundaram
Krishnasamy) [Orabug: 30821411] - hdlc_ppp: add range checks in
ppp_cp_parse_cr() (Dan Carpenter) [Orabug: 31989190] {CVE-2020-25643}
- tracing: Reverse the order of trace_types_lock and event_mutex (Alan
Maguire) [Orabug: 32002706] - ocfs2/dlm: move lock to the tail of grant
queue while doing in-place convert (xuejiufei) [Orabug: 32071234]