Oracle Linux Security Advisory ELSA-2021-9442

https://linux.oracle.com/errata/ELSA-2021-9442.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.54.6.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.54.6.el7uek.noarch.rpm
kernel-uek-4.1.12-124.54.6.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.54.6.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.54.6.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.54.6.el7uek.x86_64.rpm


SRPMS:
https://oss.oracle.com:443/ol7/SRPMS-updates/kernel-uek-4.1.12-124.54.6.el7uek.src.rpm

Related CVEs:

CVE-2019-9456
CVE-2019-9458
CVE-2020-0305
CVE-2020-0429
CVE-2020-27068
CVE-2020-28097
CVE-2021-34693
CVE-2021-3609




Description of changes:

[4.1.12-124.54.6.el7uek]
- xen-netback: do not kfree_skb() when irq is disabled (Dongli Zhang)  [Orabug: 33282046]

[4.1.12-124.54.5.el7uek]
- l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall() (Guillaume Nault)  [Orabug: 33113975]  {CVE-2020-0429}
- l2tp: ensure sessions are freed after their PPPOL2TP socket (Guillaume Nault)  [Orabug: 33113975]  {CVE-2020-0429}
- l2tp: Refactor the codes with existing macros instead of literal number (Gao Feng)  [Orabug: 33113975]  {CVE-2020-0429}
- l2tp: fix duplicate session creation (Guillaume Nault)  [Orabug: 33113975]  {CVE-2020-0429}
- l2tp: ensure session can't get removed during pppol2tp_session_ioctl() (Guillaume Nault)  [Orabug: 33113975]  {CVE-2020-0429}
- l2tp: fix race in l2tp_recv_common() (Guillaume Nault)  [Orabug: 33113975]  {CVE-2020-0429}
- net: l2tp: Make l2tp_ip6 namespace aware (Shmulik Ladkani)  [Orabug: 33113975]  {CVE-2020-0429}
- l2tp: Correctly return -EBADF from pppol2tp_getname. (phil.turnbull@oracle.com)  [Orabug: 33113975]  {CVE-2020-0429}

[4.1.12-124.54.4.el7uek]
- USB: mon: Use scnprintf() for avoiding potential buffer overflow (Takashi Iwai)  [Orabug: 33113260]  {CVE-2019-9456}
- usb: usbmon: Read text within supplied buffer size (Pete Zaitcev)  [Orabug: 33113260]  {CVE-2019-9456}

[4.1.12-124.54.3.el7uek]
- uek-rpm: mark /etc/ld.so.conf.d/ files as %config (Stephen Brennan)  [Orabug: 32060376]
- config: remove CONFIG_VGACON_SOFT_SCROLLBACK from kernel configs (Brian Maly)  [Orabug: 33047770]  {CVE-2020-28097} {CVE-2020-28097}
- vgacon: remove software scrollback support (Linus Torvalds)  [Orabug: 33047770]  {CVE-2020-28097}
- can: bcm: delay release of struct bcm_op after synchronize_rcu() (Thadeu Lima de Souza Cascardo)  [Orabug: 33114649]  {CVE-2021-3609}
- iommu/vt-d: Use plain writeq() for dmar_writeq() where available (David Woodhouse)  [Orabug: 33199774]

[4.1.12-124.54.2.el7uek]
- qla2xxx: update version to 9.00.00.00.42.0-k1-v6 (Quinn Tran)  [Orabug: 33196002]
- qla2xxx: add heartbeat check (Quinn Tran)  [Orabug: 33196002]

[4.1.12-124.54.1.el7uek]
- can: bcm: fix infoleak in struct bcm_msg_head (Norbert Slusarek)  [Orabug: 33030701]  {CVE-2021-34693}
- CIFS: 511c54a2f691 adds a check for session expiry (Aruna Ramakrishna)  [Orabug: 33063858]
- CIFS: Reconnect expired SMB sessions (Pavel Shilovsky)  [Orabug: 33063858]
- media: v4l: event: Add subscription to list before calling "add" operation (Sakari Ailus)  [Orabug: 33113344]  {CVE-2019-9458}
- media: v4l: event: Prevent freeing event subscriptions while accessed (Sakari Ailus)  [Orabug: 33113344]  {CVE-2019-9458}
- chardev: Avoid potential use-after-free in 'chrdev_open()' (Will Deacon)  [Orabug: 33113412]  {CVE-2020-0305}
- kobject: Export kobject_get_unless_zero() (Jan Kara)  [Orabug: 33113412]  {CVE-2020-0305}
- cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE (Sergey Matyukevich)  [Orabug: 33114443]  {CVE-2020-27068}


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle7: ELSA-2021-9442: kernel Important Security Update

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

Summary

[4.1.12-124.54.6.el7uek] - xen-netback: do not kfree_skb() when irq is disabled (Dongli Zhang) [Orabug: 33282046] [4.1.12-124.54.5.el7uek] - l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall() (Guillaume Nault) [Orabug: 33113975] {CVE-2020-0429} - l2tp: ensure sessions are freed after their PPPOL2TP socket (Guillaume Nault) [Orabug: 33113975] {CVE-2020-0429} - l2tp: Refactor the codes with existing macros instead of literal number (Gao Feng) [Orabug: 33113975] {CVE-2020-0429} - l2tp: fix duplicate session creation (Guillaume Nault) [Orabug: 33113975] {CVE-2020-0429} - l2tp: ensure session can't get removed during pppol2tp_session_ioctl() (Guillaume Nault) [Orabug: 33113975] {CVE-2020-0429} - l2tp: fix race in l2tp_recv_common() (Guillaume Nault) [Orabug: 33113975] {CVE-2020-0429} - net: l2tp: Make l2tp_ip6 namespace aware (Shmulik Ladkani) [Orabug: 33113975] {CVE-2020-0429} - l2tp: Correctly return -EBADF from pppol2tp_getname. (phil.turnbull@oracle.com) [Orabug: 33113975] {CVE-2020-0429} [4.1.12-124.54.4.el7uek] - USB: mon: Use scnprintf() for avoiding potential buffer overflow (Takashi Iwai) [Orabug: 33113260] {CVE-2019-9456} - usb: usbmon: Read text within supplied buffer size (Pete Zaitcev) [Orabug: 33113260] {CVE-2019-9456} [4.1.12-124.54.3.el7uek] - uek-rpm: mark /etc/ld.so.conf.d/ files as %config (Stephen Brennan) [Orabug: 32060376] - config: remove CONFIG_VGACON_SOFT_SCROLLBACK from kernel configs (Brian Maly) [Orabug: 33047770] {CVE-2020-28097} {CVE-2020-28097} - vgacon: remove software scrollback support (Linus Torvalds) [Orabug: 33047770] {CVE-2020-28097} - can: bcm: delay release of struct bcm_op after synchronize_rcu() (Thadeu Lima de Souza Cascardo) [Orabug: 33114649] {CVE-2021-3609} - iommu/vt-d: Use plain writeq() for dmar_writeq() where available (David Woodhouse) [Orabug: 33199774] [4.1.12-124.54.2.el7uek] - qla2xxx: update version to 9.00.00.00.42.0-k1-v6 (Quinn Tran) [Orabug: 33196002] - qla2xxx: add heartbeat check (Quinn Tran) [Orabug: 33196002] [4.1.12-124.54.1.el7uek] - can: bcm: fix infoleak in struct bcm_msg_head (Norbert Slusarek) [Orabug: 33030701] {CVE-2021-34693} - CIFS: 511c54a2f691 adds a check for session expiry (Aruna Ramakrishna) [Orabug: 33063858] - CIFS: Reconnect expired SMB sessions (Pavel Shilovsky) [Orabug: 33063858] - media: v4l: event: Add subscription to list before calling "add" operation (Sakari Ailus) [Orabug: 33113344] {CVE-2019-9458} - media: v4l: event: Prevent freeing event subscriptions while accessed (Sakari Ailus) [Orabug: 33113344] {CVE-2019-9458} - chardev: Avoid potential use-after-free in 'chrdev_open()' (Will Deacon) [Orabug: 33113412] {CVE-2020-0305} - kobject: Export kobject_get_unless_zero() (Jan Kara) [Orabug: 33113412] {CVE-2020-0305} - cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE (Sergey Matyukevich) [Orabug: 33114443] {CVE-2020-27068}

SRPMs

https://oss.oracle.com:443/ol7/SRPMS-updates/kernel-uek-4.1.12-124.54.6.el7uek.src.rpm

x86_64

kernel-uek-doc-4.1.12-124.54.6.el7uek.noarch.rpm kernel-uek-firmware-4.1.12-124.54.6.el7uek.noarch.rpm kernel-uek-4.1.12-124.54.6.el7uek.x86_64.rpm kernel-uek-devel-4.1.12-124.54.6.el7uek.x86_64.rpm kernel-uek-debug-4.1.12-124.54.6.el7uek.x86_64.rpm kernel-uek-debug-devel-4.1.12-124.54.6.el7uek.x86_64.rpm

aarch64

i386

Severity
Related CVEs: CVE-2019-9456 CVE-2019-9458 CVE-2020-0305 CVE-2020-0429 CVE-2020-27068 CVE-2020-28097 CVE-2021-34693 CVE-2021-3609

Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved