An unbreakable Enterprise kernel-container security update has been released for Oracle Linux 7.

El-errata: ELSA-2021-9141 Important: Oracle Linux 7 Unbreakable Enterprise kernel-container security update

Oracle Linux Security Advisory ELSA-2021-9141

http://linux.oracle.com/errata/ELSA-2021-9141.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-container-5.4.17-2102.200.13.el7.x86_64.rpm
kernel-uek-container-debug-5.4.17-2102.200.13.el7.x86_64.rpm

aarch64:

SRPMS:

http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-container-5.4.17-2102.200.13.el7.src.rpm

Description of changes:

[5.4.17-2102.200.13.el7]
- bpf, selftests: Fix up some test_verifier cases for unprivileged (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171}
- bpf: Add sanity check for upper ptr_limit (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171}
- bpf: Simplify alu_limit masking for pointer arithmetic (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171}
- bpf: Fix off-by-one for area size in creating mask to left (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171}
- bpf: Prohibit alu ops for pointer types not defining ptr_limit (Piotr Krysiuk) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171}
- selftests/bpf: Test access to bpf map pointer (Andrey Ignatov) [Orabug: 32656761] {CVE-2020-27170} {CVE-2020-27171}
- bpf: Fix truncation handling for mod32 dst reg wrt zero (Daniel Borkmann) [Orabug: 32673813] {CVE-2021-3444}
- bpf: Fix 32 bit src register truncation on div/mod (Daniel Borkmann) [Orabug: 32673813] {CVE-2021-3444}