An unbreakable Enterprise kernel security update has been released for Oracle Linux 7.

El-errata: ELSA-2020-5956 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2020-5956

  http://linux.oracle.com/errata/ELSA-2020-5956.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-firmware-3.8.13-118.51.2.el7uek.noarch.rpm
kernel-uek-doc-3.8.13-118.51.2.el7uek.noarch.rpm
kernel-uek-3.8.13-118.51.2.el7uek.x86_64.rpm
kernel-uek-devel-3.8.13-118.51.2.el7uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-118.51.2.el7uek.x86_64.rpm
kernel-uek-debug-3.8.13-118.51.2.el7uek.x86_64.rpm
dtrace-modules-3.8.13-118.51.2.el7uek-0.4.5-3.el7.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-3.8.13-118.51.2.el7uek.src.rpm
  http://oss.oracle.com/ol7/SRPMS-updates/dtrace-modules-3.8.13-118.51.2.el7uek-0.4.5-3.el7.src.rpm


Description of changes:

kernel-uek
[3.8.13-118.51.2.el7uek]
- Revert "kexec: Validate pe files against the system_lacklist_keyring"
(John Donnelly) [Orabug: 32171714] {CVE-2020-26541} {CVE-2020-26541}

[3.8.13-118.51.1.el7uek]
- usb: cdc-acm: make sure a refcount is taken early enough (Oliver
Neukum) [Orabug: 31351090] {CVE-2019-19530}
- kexec: Validate pe files against the system_lacklist_keyring (Eric
Snowberg) [Orabug: 31961121] {CVE-2020-26541}
- uek-rpm: Update secure boot UEK signing certificates (Brian Maly)
[Orabug: 31974695]