The following updates has been released for Oracle Linux:

ELSA-2019-0022 Important: Oracle Linux 7 keepalived security update
ELSA-2019-4316 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
ELSA-2019-4316 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELBA-2019-4314)

ELSA-2019-0022 Important: Oracle Linux 7 keepalived security update

Oracle Linux Security Advisory ELSA-2019-0022

http://linux.oracle.com/errata/ELSA-2019-0022.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
keepalived-1.3.5-8.el7_6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/keepalived-1.3.5-8.el7_6.src.rpm



Description of changes:

[1.3.5-8]
- Fixed patch that was incorrectly removed (#1652694)

[1.3.5-7]
- Fix buffer overflow when parsing HTTP status codes (#1652694)

ELSA-2019-4316 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2019-4316

http://linux.oracle.com/errata/ELSA-2019-4316.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-firmware-3.8.13-118.29.1.el6uek.noarch.rpm
kernel-uek-doc-3.8.13-118.29.1.el6uek.noarch.rpm
kernel-uek-3.8.13-118.29.1.el6uek.x86_64.rpm
kernel-uek-devel-3.8.13-118.29.1.el6uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-118.29.1.el6uek.x86_64.rpm
kernel-uek-debug-3.8.13-118.29.1.el6uek.x86_64.rpm
dtrace-modules-3.8.13-118.29.1.el6uek-0.4.5-3.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-3.8.13-118.29.1.el6uek.src.rpm
http://oss.oracle.com/ol6/SRPMS-updates/dtrace-modules-3.8.13-118.29.1.el6uek-0.4.5-3.el6.src.rpm



Description of changes:

kernel-uek
[3.8.13-118.29.1.el6uek]
- Copy secure_boot flag in boot params across kexec reboot (Dave Young)
[Orabug: 22066352] {CVE-2015-7837}
- ipv6: tcp: add rcu locking in tcp_v6_send_synack() (Eric Dumazet)
[Orabug: 25059183] {CVE-2016-3841}
- ipv6: add complete rcu protection around np->opt (Eric Dumazet)
[Orabug: 25059183] {CVE-2016-3841}
- scsi: qla2xxx: Fix an integer overflow in sysfs code (Dan Carpenter)
[Orabug: 28220420] {CVE-2017-14051}
- ext4: fail ext4_iget for root directory if unallocated (Theodore Ts'o)
[Orabug: 28220433] {CVE-2018-1092} {CVE-2018-1092}
- certs: Add Oracle's new X509 cert into the kernel keyring (Eric
Snowberg) [Orabug: 28926205] - ALSA: seq: Fix regression by incorrect
ioctl_mutex usages (Takashi Iwai) [Orabug: 29005190] {CVE-2018-1000004}
- netfilter: xt_osf: Add missing permission checks (Kevin Cernekee)
[Orabug: 29037832] {CVE-2017-17450}
- wil6210: missing length check in wmi_set_ie (Lior David) [Orabug:
29060697] {CVE-2018-5848}
- HID: debug: check length before copy_to_user() (Daniel Rosenberg)
[Orabug: 29128167] {CVE-2018-9516}
- x86/MCE: Serialize sysfs changes (Seunghun Han) [Orabug: 29152249]
{CVE-2018-7995}
- Input: i8042 - fix crash at boot time (Chen Hong) [Orabug: 29152329]
{CVE-2017-18079}

ELSA-2019-4316 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2019-4316

http://linux.oracle.com/errata/ELSA-2019-4316.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-firmware-3.8.13-118.29.1.el7uek.noarch.rpm
kernel-uek-doc-3.8.13-118.29.1.el7uek.noarch.rpm
kernel-uek-3.8.13-118.29.1.el7uek.x86_64.rpm
kernel-uek-devel-3.8.13-118.29.1.el7uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-118.29.1.el7uek.x86_64.rpm
kernel-uek-debug-3.8.13-118.29.1.el7uek.x86_64.rpm
dtrace-modules-3.8.13-118.29.1.el7uek-0.4.5-3.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-3.8.13-118.29.1.el7uek.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/dtrace-modules-3.8.13-118.29.1.el7uek-0.4.5-3.el7.src.rpm



Description of changes:

kernel-uek
[3.8.13-118.29.1.el7uek]
- Copy secure_boot flag in boot params across kexec reboot (Dave Young)
[Orabug: 22066352] {CVE-2015-7837}
- ipv6: tcp: add rcu locking in tcp_v6_send_synack() (Eric Dumazet)
[Orabug: 25059183] {CVE-2016-3841}
- ipv6: add complete rcu protection around np->opt (Eric Dumazet)
[Orabug: 25059183] {CVE-2016-3841}
- scsi: qla2xxx: Fix an integer overflow in sysfs code (Dan Carpenter)
[Orabug: 28220420] {CVE-2017-14051}
- ext4: fail ext4_iget for root directory if unallocated (Theodore Ts'o)
[Orabug: 28220433] {CVE-2018-1092} {CVE-2018-1092}
- certs: Add Oracle's new X509 cert into the kernel keyring (Eric
Snowberg) [Orabug: 28926205] - ALSA: seq: Fix regression by incorrect
ioctl_mutex usages (Takashi Iwai) [Orabug: 29005190] {CVE-2018-1000004}
- netfilter: xt_osf: Add missing permission checks (Kevin Cernekee)
[Orabug: 29037832] {CVE-2017-17450}
- wil6210: missing length check in wmi_set_ie (Lior David) [Orabug:
29060697] {CVE-2018-5848}
- HID: debug: check length before copy_to_user() (Daniel Rosenberg)
[Orabug: 29128167] {CVE-2018-9516}
- x86/MCE: Serialize sysfs changes (Seunghun Han) [Orabug: 29152249]
{CVE-2018-7995}
- Input: i8042 - fix crash at boot time (Chen Hong) [Orabug: 29152329]
{CVE-2017-18079}

New Ksplice updates for UEKR4 4.1.12 on OL6 and OL7 (ELBA-2019-4314)

Synopsis: ELBA-2019-4314 can now be patched using Ksplice
CVEs: CVE-2017-17450 CVE-2018-5848

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle Linux Bug Fix Advisory, ELBA-2019-4314.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running UEKR4 4.1.12 on
OL6 and OL7 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Kernel crash in Huge TLB mappings during page migration.

A race condition when migrating shared Huge TLB mappings or offlining a
huge page could result in memory corruption or a failing kernel
assertion resulting in a kernel crash.

Orabug: 28951854


* Kernel crash during Huge TLB page faults and truncation.

A race condition in Huge TLB page fault and truncation handling could
result in memory corruption or triggering a kernel assertion, leading to
a kernel crash.

Orabug: 28896255


* CVE-2017-17450: Unprivileged access to netlink namespaces.

A missing permission check in the netfilter xt_osf code allows an
unprivileged user to create user and net namespaces without the proper
permissions.

Orabug: 29037831


* CVE-2018-5848: Privilege escalation in the Wilocity Atheros driver.

Improper length validation could lead to integer overflow and undefined
behaviour. A local user could use this flaw to cause a memory corruption
and potentially escalate privileges.

Orabug: 28951265


* NULL pointer dereference during iSCSI connection reset.

A missing check when resetting an iSCSI connection which is already terminating
can result in a NULL pointer dereference, leading to a kernel crash.

Orabug: 28946207


* Improved fix to Denial-of-service when hot-removing memory on missing sections.

A logic error in the routine checking the pages in a memory zone could lead
to a kernel crash when offlining memory. A local, privileged user could
use this flaw to cause a denial-of-service.

Orabug: 29050538


* Denial-of-service when accessing valid_zones sysfs entry.

A logic error when reading valid_zones sysfs entry on a system with more
than 64GB of memory could lead to a kernel panic. A local attacker could
use this flaw to cause a denial-of-service.

Orabug: 29050538


* Address loss in ibacm during RDS failback.

Incorrect failover handling could result in confusion for ibacm when
performing failback.

Orabug: 28860366

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.