Oracle Linux Security Advisory ELSA-2021-9475

https://linux.oracle.com/errata/ELSA-2021-9475.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-container-5.4.17-2102.206.1.el7.x86_64.rpm
kernel-uek-container-debug-5.4.17-2102.206.1.el7.x86_64.rpm


SRPMS:
https://oss.oracle.com:443/ol7/SRPMS-updates/kernel-uek-container-5.4.17-2102.206.1.el7.src.rpm

Related CVEs:

CVE-2021-37159
CVE-2021-3739
CVE-2021-3743
CVE-2021-38198
CVE-2021-40490




Description of changes:

[5.4.17-2102.206.1.el7]
- Revert "scsi: core: Cap scsi_host cmd_per_lun at can_queue" (Jack Vogel)
  [Orabug: 33403144]

[5.4.17-2102.206.0.el7]
- Revert "uek-rpm: Don't recompute build-ids for kernel-uek-debuginfo" (Jack Vogel)  [Orabug: 33245043]
- integrity: Load mokx variables into the blacklist keyring (Eric Snowberg)  [Orabug: 33418496]
- perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest (Like Xu)  [Orabug: 33359395]
- xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32 (Dongli Zhang)  [Orabug: 33352679]
- Revert "uek-rpm: mark /etc/ld.so.conf.d/ files as %config" (aloktiw)  [Orabug: 33311489]
- IB/core: Read subnet_prefix in ib_query_port via cache. (Anand Khoje)  [Orabug: 33134286]
- IB/core: Shifting initialization of device->cache_lock (Anand Khoje)  [Orabug: 33134286]
- IB/core: Updating cache for subnet_prefix in config_non_roce_gid_cache() (Anand Khoje)  [Orabug: 33134286]
- IB/core: Shuffle locks in ib_port_data to save memory (Anand Khoje)  [Orabug: 33134286]
- IB/core: Removed port validity check from ib_get_cached_subnet_prefix (Anand Khoje)  [Orabug: 33134286]
- btrfs: fix NULL pointer dereference when deleting device by invalid id (Qu Wenruo)  [Orabug: 33281078]  {CVE-2021-3739}
- btrfs: fix race between marking inode needs to be logged and log syncing (Filipe Manana)  [Orabug: 33349276]
- net: qrtr: fix another OOB Read in qrtr_endpoint_post (Xiaolong Huang)  [Orabug: 33284937]  {CVE-2021-3743}
- ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Ts'o)  [Orabug: 33327177]  {CVE-2021-40490}
- xfs: remove unused variable (Wengang Wang)  [Orabug: 33313442]
- RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn)  [Orabug: 33306518]
- xen-acpi-processor: fix coordination type mismatch (Elena Ufimtseva)  [Orabug: 33296812]
- KVM: X86: MMU: Use the correct inherited permissions to get shadow page (Lai Jiangshan)  [Orabug: 33209458]  {CVE-2021-38198}
- usb: hso: fix error handling code of hso_create_net_device (Dongliang Mu)  [Orabug: 33174795]  {CVE-2021-37159}
- hso: fix bailout in error case of probe (Oliver Neukum)  [Orabug: 33174795]  {CVE-2021-37159}

_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle7: ELSA-2021-9475: kernel Important Security Update

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

Summary

[5.4.17-2102.206.1.el7] - Revert "scsi: core: Cap scsi_host cmd_per_lun at can_queue" (Jack Vogel) [Orabug: 33403144] [5.4.17-2102.206.0.el7] - Revert "uek-rpm: Don't recompute build-ids for kernel-uek-debuginfo" (Jack Vogel) [Orabug: 33245043] - integrity: Load mokx variables into the blacklist keyring (Eric Snowberg) [Orabug: 33418496] - perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest (Like Xu) [Orabug: 33359395] - xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32 (Dongli Zhang) [Orabug: 33352679] - Revert "uek-rpm: mark /etc/ld.so.conf.d/ files as %config" (aloktiw) [Orabug: 33311489] - IB/core: Read subnet_prefix in ib_query_port via cache. (Anand Khoje) [Orabug: 33134286] - IB/core: Shifting initialization of device->cache_lock (Anand Khoje) [Orabug: 33134286] - IB/core: Updating cache for subnet_prefix in config_non_roce_gid_cache() (Anand Khoje) [Orabug: 33134286] - IB/core: Shuffle locks in ib_port_data to save memory (Anand Khoje) [Orabug: 33134286] - IB/core: Removed port validity check from ib_get_cached_subnet_prefix (Anand Khoje) [Orabug: 33134286] - btrfs: fix NULL pointer dereference when deleting device by invalid id (Qu Wenruo) [Orabug: 33281078] {CVE-2021-3739} - btrfs: fix race between marking inode needs to be logged and log syncing (Filipe Manana) [Orabug: 33349276] - net: qrtr: fix another OOB Read in qrtr_endpoint_post (Xiaolong Huang) [Orabug: 33284937] {CVE-2021-3743} - ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Ts'o) [Orabug: 33327177] {CVE-2021-40490} - xfs: remove unused variable (Wengang Wang) [Orabug: 33313442] - RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn) [Orabug: 33306518] - xen-acpi-processor: fix coordination type mismatch (Elena Ufimtseva) [Orabug: 33296812] - KVM: X86: MMU: Use the correct inherited permissions to get shadow page (Lai Jiangshan) [Orabug: 33209458] {CVE-2021-38198} - usb: hso: fix error handling code of hso_create_net_device (Dongliang Mu) [Orabug: 33174795] {CVE-2021-37159} - hso: fix bailout in error case of probe (Oliver Neukum) [Orabug: 33174795] {CVE-2021-37159}

SRPMs

https://oss.oracle.com:443/ol7/SRPMS-updates/kernel-uek-container-5.4.17-2102.206.1.el7.src.rpm

x86_64

kernel-uek-container-5.4.17-2102.206.1.el7.x86_64.rpm kernel-uek-container-debug-5.4.17-2102.206.1.el7.x86_64.rpm

aarch64

i386

Severity
Related CVEs: CVE-2021-37159 CVE-2021-3739 CVE-2021-3743 CVE-2021-38198 CVE-2021-40490

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved