Oracle Linux Security Advisory ELSA-2021-9534

https://linux.oracle.com/errata/ELSA-2021-9534.html

The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.57.1.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.57.1.el6uek.noarch.rpm
kernel-uek-4.1.12-124.57.1.el6uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.57.1.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.57.1.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.57.1.el6uek.x86_64.rpm



Related CVEs:

CVE-2018-1000026
CVE-2019-10207
CVE-2019-19813
CVE-2021-3564




Description of changes:

[4.1.12-124.57.1.el6uek]
- target; fix print statement warning (John Donnelly)  [Orabug: 33495661]
- enic;: fix warning on module_param disable_vlan0, (John Donnelly)  [Orabug: 33495661]
- bnx2fc: correct BNX2FC_TM_TIMEOUT to be 60 sec (John Donnelly)  [Orabug: 33495661]
- target: Fix linux-4.1.y specific compile warning (Nicholas Bellinger)  [Orabug: 33495661]
- net/mlx4: Fixing warning in mlx4_get_module_info() (John Donnelly)  [Orabug: 33495661]
- rds: Avoid compiler warning in ib_send.c: opcode (John Donnelly)  [Orabug: 33495661]
- RDMA/mad: correct build warning (John Donnelly)  [Orabug: 33495661]
- dtrace: Fix warning in dtrace_sync() (Tomas Jedlicka)  [Orabug: 33495661]
- virtio: Silence uninitialized variable warning (Dan Carpenter)  [Orabug: 33495661]
- scsi: correct uninitialized variable (John Donnelly)  [Orabug: 33495661]
- media: smsusb: better handle optional alignment (Mauro Carvalho Chehab)  [Orabug: 33495661]
- media: usb: siano: Fix false-positive "uninitialized variable" warning (Alan Stern)  [Orabug: 33495661]
- toshiba_acpi: correct build warning (John Donnelly)  [Orabug: 33495661]
- RDS/IB: corrects build warning (John Donnelly)  [Orabug: 33495661]
- x86/mce: correct return warning (John Donnelly)  [Orabug: 33495661]
- x86/asm/msr: Make wrmsrl_safe() a function (Andy Lutomirski)  [Orabug: 33495661]
- x86/mitigations: fix warnings in taa_select_mitigation() (John Donnelly)  [Orabug: 33495661]
- mm: correct build warning with pgprot (John Donnelly)  [Orabug: 33495661]
- Thermal: remove unused variable (John Donnelly)  [Orabug: 33495661]
- ixgbe: remove unused variables and functions (John Donnelly)  [Orabug: 33495661]
- i40e: remove unused variables and functions (John Donnelly)  [Orabug: 33495661]
- mlx4: remove unused variables and functions, (John Donnelly)  [Orabug: 33495661]
- nvme: remove unused variables and functions (John Donnelly)  [Orabug: 33495661]
- ocfs2: remove unused function: ocfs2_prepare_inode_for_refcount() (John Donnelly)  [Orabug: 33495661]
- ipv6: remove unused variable: payload_len (John Donnelly)  [Orabug: 33495661]
- Revert "efi: Fix out-of-bounds read in variable_matches()" (John Donnelly)  [Orabug: 33495661]
- dtrace: remove unused variable "iph" (John Donnelly)  [Orabug: 33495661]
- ext4: remove unused function ext4_init_inode_bitmap() (John Donnelly)  [Orabug: 33495661]
- cpuidle: remove unused function: call_cpuidle() (John Donnelly)  [Orabug: 33495661]
- cifs: remove unused label (John Donnelly)  [Orabug: 33495661]
- block: remove unused out: label (John Donnelly)  [Orabug: 33495661]
- Bluetooth: hci_uart: check for missing tty operations (Vladis Dronov)  [Orabug: 30244627]  {CVE-2019-10207} {CVE-2019-10207}
- Bluetooth: hci_uart: Add basic support for Intel Lightning Peak devices (Loic Poulain)  [Orabug: 30244627]  {CVE-2019-10207}
- Bluetooth: hci_uart: Add new line discipline enhancements (Ilya Faenson)  [Orabug: 30244627]  {CVE-2019-10207}
- Bluetooth: hci_uart: Support operational speed during setup (Frederic Danis)  [Orabug: 30244627]  {CVE-2019-10207}

[4.1.12-124.56.2.el6uek]
- btrfs: fix return value mixup in btrfs_get_extent (Pavel Machek)  [Orabug: 31864610]  {CVE-2019-19813}
- btrfs: inode: Verify inode mode to avoid NULL pointer dereference (Qu Wenruo)  [Orabug: 31864610]  {CVE-2019-19813}
- net: create skb_gso_validate_mac_len() (Daniel Axtens)  [Orabug: 28094432]  {CVE-2018-1000026}
- bnx2x: disable GSO where gso_size is too big for hardware (Daniel Axtens)  [Orabug: 28094432]  {CVE-2018-1000026}
- Bluetooth: fix the erroneous flush_work() order (Lin Ma)  [Orabug: 33014035]  {CVE-2021-3564} {CVE-2021-3564}
- l2tp: Avoid schedule while atomic in exit_net (Ridge Kennedy)  [Orabug: 33360013]
- l2tp: remove skb_dst_set() from l2tp_xmit_skb() (Xin Long)  [Orabug: 33360013]
- dtrace: remove unused variables (John Donnelly)  [Orabug: 33387203]
- scsi: treat lun as 64-bit in scsi_report_lun_scan() error message (Henry Willard)  [Orabug: 33387203]


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata