Oracle: ELSA-2022-9011: Oracle Important Security Update | LinuxSec...

Advisories

Oracle Linux Cloud Native Environment Security Advisory ELSA-2022-9011

https://linux.oracle.com/errata/ELSA-2022-9011.html

The following updated rpms for Oracle Linux Cloud Native Environment 1.0 ha=
ve been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-container-4.14.35-2047.510.5.2.el7.x86_64.rpm


SRPMS:
https://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-container-4.14.35-2047.5=
10.5.2.el7.src.rpm

Related CVEs:

CVE-2021-0920
CVE-2021-4155




Description of changes:

[4.14.35-2047.510.5.2.el7]
- xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate
  (Darrick J. Wong)  [Orabug: 33722441]  {CVE-2021-4155}

[4.14.35-2047.510.5.1.el7]
- fget: check that the fd still exists after getting a ref to it (Linus Tor=
valds)  [Orabug: 33679805]  {CVE-2021-0920}
- fs: add fget_many() and fput_many() (Jens Axboe)  [Orabug: 33679805]

[4.14.35-2047.510.5.el7]
- net/rds: RDS connection shutdown stuck after CQ access violation error (a=
ru kolappan)  [Orabug: 33585476]
- ocfs2: fix race between searching chunks and release journal_head from bu=
ffer_head (Gautham Ananthakrishna)  [Orabug: 33501677]
- rds: ib: Ack seq not always received in monotonic increasing order (H=E5k=
on Bugge)  [Orabug: 33620419]
- net/rds: Refactor rds_ib_recv_refill_one (Freddy Carrillo)  [Orabug: 3326=
5955]
- arm64: pcie: Intercept Pensando specific SError (Henry Willard)  [Orabug:=
 33590080]
- arm64: pcie: Change bad_mode hook to cap_pciep_access_in_progress() (Henr=
y Willard)  [Orabug: 33590080]
- arm64: pcie: Remove Pensando SError trapping patch (Henry Willard)  [Orab=
ug: 33590080]
- take care multiple extents in CoW extent converting (Wengang Wang)  [Orab=
ug: 33473949]
- net/mlx5e: ethtool, Add support for EEPROM high pages query (Erez Alfasi)=
  [Orabug: 33525560]
- ethtool: Add SFF-8436 and SFF-8636 max EEPROM length definitions (Erez Al=
fasi)  [Orabug: 33525560]
- net/mlx5: Remove unnecessary prints from mlx5_enter_error_state. (Anand K=
hoje)  [Orabug: 33651549]
- uek-rpm: Add _raw_spin_trylock to KABI (John Donnelly)  [Orabug: 33651431]
- x86/clear_page: add alternative for clear_page_clzero() (Ankur Arora)  [O=
rabug: 33651433]
- x86/asm: add clzero based page clearing (Ankur Arora)  [Orabug: 33580825]
- x86/cpu/amd: enable X86_FEATURE_NT_GOOD on all AMD Zen models (Ankur Aror=
a)  [Orabug: 33580825]
- x86/cpu/amd: Call init_amd_zn() om Family 19h processors too (Kim Phillip=
s)  [Orabug: 33580825]
- cpufreq: intel_pstate: Add Icelake servers support in no-HWP mode (Giovan=
ni Gherdovich)  [Orabug: 33651434]
- net/rds: Don't pummel the subnet-manager (Gerd Rausch)  [Orabug: 33651436]
- uek-rpm: Add smartpqi driver module in ueknano kernel (Somasundaram Krish=
nasamy)  [Orabug: 33651437]
- rds: ib: Reduce the contention caused by the asynchronous workers to flus=
h the mr pool (Praveen Kumar Kannoju)  [Orabug: 33651440]
- net: ipv6: Discard next-hop MTU less than minimum link MTU (Georg Kohmann=
)  [Orabug: 33651444]
- RDMA/rxe: Bump up default maximum values used via uverbs (Rao Shoaib)  [O=
rabug: 33651442]

_______________________________________________
El-errata mailing list
[email protected]
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle: ELSA-2022-9011: Oracle Important Security Update

Summary

Description of changes: [4.14.35-2047.510.5.2.el7] - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate (Darrick J. Wong) [Orabug: 33722441] {CVE-2021-4155} [4.14.35-2047.510.5.1.el7] - fget: check that the fd still exists after getting a ref to it (Linus Tor= valds) [Orabug: 33679805] {CVE-2021-0920} - fs: add fget_many() and fput_many() (Jens Axboe) [Orabug: 33679805] [4.14.35-2047.510.5.el7] - net/rds: RDS connection shutdown stuck after CQ access violation error (a= ru kolappan) [Orabug: 33585476] - ocfs2: fix race between searching chunks and release journal_head from bu= ffer_head (Gautham Ananthakrishna) [Orabug: 33501677] - rds: ib: Ack seq not always received in monotonic increasing order (H=E5k= on Bugge) [Orabug: 33620419] - net/rds: Refactor rds_ib_recv_refill_one (Freddy Carrillo) [Orabug: 3326= 5955] - arm64: pcie: Intercept Pensando specific SError (Henry Willard) [Orabug:= 33590080] - arm64: pcie: Change bad_mode hook to cap_pciep_access_in_progress() (Henr= y Willard) [Orabug: 33590080] - arm64: pcie: Remove Pensando SError trapping patch (Henry Willard) [Orab= ug: 33590080] - take care multiple extents in CoW extent converting (Wengang Wang) [Orab= ug: 33473949] - net/mlx5e: ethtool, Add support for EEPROM high pages query (Erez Alfasi)= [Orabug: 33525560] - ethtool: Add SFF-8436 and SFF-8636 max EEPROM length definitions (Erez Al= fasi) [Orabug: 33525560] - net/mlx5: Remove unnecessary prints from mlx5_enter_error_state. (Anand K= hoje) [Orabug: 33651549] - uek-rpm: Add _raw_spin_trylock to KABI (John Donnelly) [Orabug: 33651431] - x86/clear_page: add alternative for clear_page_clzero() (Ankur Arora) [O= rabug: 33651433] - x86/asm: add clzero based page clearing (Ankur Arora) [Orabug: 33580825] - x86/cpu/amd: enable X86_FEATURE_NT_GOOD on all AMD Zen models (Ankur Aror= a) [Orabug: 33580825] - x86/cpu/amd: Call init_amd_zn() om Family 19h processors too (Kim Phillip= s) [Orabug: 33580825] - cpufreq: intel_pstate: Add Icelake servers support in no-HWP mode (Giovan= ni Gherdovich) [Orabug: 33651434] - net/rds: Don't pummel the subnet-manager (Gerd Rausch) [Orabug: 33651436] - uek-rpm: Add smartpqi driver module in ueknano kernel (Somasundaram Krish= nasamy) [Orabug: 33651437] - rds: ib: Reduce the contention caused by the asynchronous workers to flus= h the mr pool (Praveen Kumar Kannoju) [Orabug: 33651440] - net: ipv6: Discard next-hop MTU less than minimum link MTU (Georg Kohmann= ) [Orabug: 33651444] - RDMA/rxe: Bump up default maximum values used via uverbs (Rao Shoaib) [O= rabug: 33651442]

i386

x86_64

kernel-uek-container-4.14.35-2047.510.5.2.el7.x86_64.rpm

SRPMS

https://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-container-4.14.35-2047.5= 10.5.2.el7.src.rpm

Severity
Related CVEs: CVE-2021-0920 CVE-2021-4155

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.