An unbreakable Enterprise kernel security update has been released for Oracle Linux 7.

El-errata: ELSA-2021-9164 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2021-9164

  http://linux.oracle.com/errata/ELSA-2021-9164.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.49.3.1.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.49.3.1.el7uek.noarch.rpm
kernel-uek-4.1.12-124.49.3.1.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.49.3.1.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.49.3.1.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.49.3.1.el7uek.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.49.3.1.el7uek.src.rpm


Description of changes:

[4.1.12-124.49.3.1.el7uek]
- SecureBoot Digicert 2021 certificates update (Brian Maly) [Orabug:
32532671]

[4.1.12-124.49.3.el7uek]
- xen/netback: avoid race in xenvif_rx_ring_slots_available() (Juergen
Gross) [Orabug: 32485156] - audit: fix error handling in
audit_data_to_entry() (Paul Moore) [Orabug: 32608451] {CVE-2020-0444}

[4.1.12-124.49.2.el7uek]
- scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [Orabug:
32640641] - scsi: iscsi: Ensure sysfs attributes are limited to
PAGE_SIZE (Chris Leech) [Orabug: 32640641] {CVE-2021-27363}
{CVE-2021-27364} {CVE-2021-27365}
- scsi: iscsi: Report connection state in sysfs (Gabriel Krisman
Bertazi) [Orabug: 32640641] {CVE-2021-27363} {CVE-2021-27364}
{CVE-2021-27365}
- sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output (Joe
Perches) [Orabug: 32640641] - scsi: iscsi: Restrict sessions and handles
to admin capabilities (Lee Duncan) [Orabug: 32640641] {CVE-2021-27363}
{CVE-2021-27364} {CVE-2021-27365}

[4.1.12-124.49.1.el7uek]
- hsr: use netdev_err() instead of WARN_ONCE() (Taehee Yoo) [Orabug:
32576074]