Oracle Linux Cloud Native: ELSA-2021-9458 Important Security Update
oracle
September 22, 2021
The following updated rpms for Oracle Linux Cloud Native Environment 1.1 have been uploaded to the Unbreakable Linux Network:
Summary
[4.14.35-2047.507.7.5.el7] - Bluetooth: defer cleanup of resources in hci_unregister_dev() (Tetsuo Handa) [Orabug: 33369947] {CVE-2021-3573} - Bluetooth: use correct lock to prevent UAF of hdev object (Lin Ma) [Orabug: 33369947] - Bluetooth: fix the erroneous flush_work() order (Lin Ma) [Orabug: 33369947] {CVE-2021-3564} - ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Ts'o) [Orabug: 33369956] {CVE-2021-40490} - fuse: fix bad inode (Miklos Szeredi) [Orabug: 33369955] {CVE-2020-36322} - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. (Haoran Luo) [Orabug: 33369954] {CVE-2021-3679} - virtio_console: Assure used length from device is limited (Xie Yongji) [Orabug: 33369953] {CVE-2021-38160} - sctp: validate from_addr_param return (Marcelo Ricardo Leitner) [Orabug: 33369952] {CVE-2021-3655}
SRPMs
https://oss.oracle.com:443/ol7/SRPMS-updates/kernel-uek-container-4.14.35-2047.507.7.5.el7.src.rpm
x86_64
kernel-uek-container-4.14.35-2047.507.7.5.el7.x86_64.rpm
aarch64
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Related CVEs:
CVE-2020-36322
CVE-2021-3564
CVE-2021-3573
CVE-2021-3655
CVE-2021-3679
CVE-2021-38160
CVE-2021-40490
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!