Oracle Linux 6278 Published by

An unbreakable Enterprise kernel-container security update has been released for Oracle Linux 7.



El-errata: ELSA-2021-9115 Important: Oracle Linux 7 Unbreakable Enterprise kernel-container security update


Oracle Linux Security Advisory ELSA-2021-9115

  http://linux.oracle.com/errata/ELSA-2021-9115.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-container-5.4.17-2036.104.5.el7.x86_64.rpm
kernel-uek-container-debug-5.4.17-2036.104.5.el7.x86_64.rpm

aarch64:

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-container-5.4.17-2036.104.5.el7.src.rpm


Description of changes:

[5.4.17-2036.104.5.el7]
- scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365}
- scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365}
- scsi: iscsi: Report connection state in sysfs (Gabriel Krisman Bertazi) [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365}
- sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output (Joe Perches) [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365}
- scsi: iscsi: Restrict sessions and handles to admin capabilities (Lee Duncan) [Orabug: 32603379] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365}