Описание
ELSA-2021-9475: Unbreakable Enterprise kernel-container security update (IMPORTANT)
[5.4.17-2102.206.1]
- Revert 'scsi: core: Cap scsi_host cmd_per_lun at can_queue' (Jack Vogel) [Orabug: 33403144]
[5.4.17-2102.206.0]
- Revert 'uek-rpm: Don't recompute build-ids for kernel-uek-debuginfo' (Jack Vogel) [Orabug: 33245043]
- integrity: Load mokx variables into the blacklist keyring (Eric Snowberg) [Orabug: 33418496]
- perf/x86/amd: Don't touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest (Like Xu) [Orabug: 33359395]
- xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32 (Dongli Zhang) [Orabug: 33352679]
- Revert 'uek-rpm: mark /etc/ld.so.conf.d/ files as %config' (aloktiw) [Orabug: 33311489]
- IB/core: Read subnet_prefix in ib_query_port via cache. (Anand Khoje) [Orabug: 33134286]
- IB/core: Shifting initialization of device->cache_lock (Anand Khoje) [Orabug: 33134286]
- IB/core: Updating cache for subnet_prefix in config_non_roce_gid_cache() (Anand Khoje) [Orabug: 33134286]
- IB/core: Shuffle locks in ib_port_data to save memory (Anand Khoje) [Orabug: 33134286]
- IB/core: Removed port validity check from ib_get_cached_subnet_prefix (Anand Khoje) [Orabug: 33134286]
- btrfs: fix NULL pointer dereference when deleting device by invalid id (Qu Wenruo) [Orabug: 33281078] {CVE-2021-3739}
- btrfs: fix race between marking inode needs to be logged and log syncing (Filipe Manana) [Orabug: 33349276]
- net: qrtr: fix another OOB Read in qrtr_endpoint_post (Xiaolong Huang) [Orabug: 33284937] {CVE-2021-3743}
- ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Ts'o) [Orabug: 33327177] {CVE-2021-40490}
- xfs: remove unused variable (Wengang Wang) [Orabug: 33313442]
- RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn) [Orabug: 33306518]
- xen-acpi-processor: fix coordination type mismatch (Elena Ufimtseva) [Orabug: 33296812]
- KVM: X86: MMU: Use the correct inherited permissions to get shadow page (Lai Jiangshan) [Orabug: 33209458] {CVE-2021-38198}
- usb: hso: fix error handling code of hso_create_net_device (Dongliang Mu) [Orabug: 33174795] {CVE-2021-37159}
- hso: fix bailout in error case of probe (Oliver Neukum) [Orabug: 33174795] {CVE-2021-37159}
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
kernel-uek-container
5.4.17-2102.206.1.el7
kernel-uek-container-debug
5.4.17-2102.206.1.el7
Oracle Linux 8
Oracle Linux x86_64
kernel-uek-container
5.4.17-2102.206.1.el8
kernel-uek-container-debug
5.4.17-2102.206.1.el8
Ссылки на источники
Связанные уязвимости
ELSA-2021-9474: Unbreakable Enterprise kernel security update (IMPORTANT)
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
