Oracle Linux Security Advisory ELSA-2021-9474

https://linux.oracle.com/errata/ELSA-2021-9474.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:


aarch64:
kernel-uek-5.4.17-2102.206.1.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2102.206.1.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2102.206.1.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2102.206.1.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2102.206.1.el8uek.noarch.rpm


SRPMS:
https://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2102.206.1.el8uek.src.rpm

Related CVEs:

CVE-2021-37159
CVE-2021-3739
CVE-2021-3743
CVE-2021-38198
CVE-2021-40490




Description of changes:

[5.4.17-2102.206.1.el8uek]
- Revert "scsi: core: Cap scsi_host cmd_per_lun at can_queue" (Jack Vogel)  [Orabug: 33403144]

[5.4.17-2102.206.0.el8uek]
- Revert "uek-rpm: Don't recompute build-ids for kernel-uek-debuginfo" (Jack Vogel)  [Orabug: 33245043]
- integrity: Load mokx variables into the blacklist keyring (Eric Snowberg)  [Orabug: 33418496]
- perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest (Like Xu)  [Orabug: 33359395]
- xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32 (Dongli Zhang)  [Orabug: 33352679]
- Revert "uek-rpm: mark /etc/ld.so.conf.d/ files as %config" (aloktiw)  [Orabug: 33311489]
- IB/core: Read subnet_prefix in ib_query_port via cache. (Anand Khoje)  [Orabug: 33134286]
- IB/core: Shifting initialization of device->cache_lock (Anand Khoje)  [Orabug: 33134286]
- IB/core: Updating cache for subnet_prefix in config_non_roce_gid_cache() (Anand Khoje)  [Orabug: 33134286]
- IB/core: Shuffle locks in ib_port_data to save memory (Anand Khoje)  [Orabug: 33134286]
- IB/core: Removed port validity check from ib_get_cached_subnet_prefix (Anand Khoje)  [Orabug: 33134286]
- btrfs: fix NULL pointer dereference when deleting device by invalid id (Qu Wenruo)  [Orabug: 33281078]  {CVE-2021-3739}
- btrfs: fix race between marking inode needs to be logged and log syncing (Filipe Manana)  [Orabug: 33349276]
- net: qrtr: fix another OOB Read in qrtr_endpoint_post (Xiaolong Huang)  [Orabug: 33284937]  {CVE-2021-3743}
- ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Ts'o)  [Orabug: 33327177]  {CVE-2021-40490}
- xfs: remove unused variable (Wengang Wang)  [Orabug: 33313442]
- RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn)  [Orabug: 33306518]
- uek-rpm: Don't recompute build-ids for kernel-uek-debuginfo (Somasundaram Krishnasamy)  [Orabug: 33245043]
- xen-acpi-processor: fix coordination type mismatch (Elena Ufimtseva) 
- KVM: X86: MMU: Use the correct inherited permissions to get shadow page (Lai Jiangshan)  [Orabug: 33209458]  {CVE-2021-38198}
- usb: hso: fix error handling code of hso_create_net_device (Dongliang Mu)  [Orabug: 33174795]  {CVE-2021-37159}
- hso: fix bailout in error case of probe (Oliver Neukum)  [Orabug: 33174795]  {CVE-2021-37159}

_______________________________________________
El-errata mailing list
[email protected]
https://oss.oracle.com/mailman/listinfo/el-errata