ELSA-2021-9068

ULN >
Oracle Linux Errata repository >
ELSA-2021-9068

ELSA-2021-9068 - Unbreakable Enterprise kernel-container security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2021-02-19

Description

[4.14.35-2047.500.10.el7]
- xen-blkback: fix error handling in xen_blkbk_map() (Jan Beulich) [Orabug: 32492110] {CVE-2021-26930}
- xen-scsiback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931}
- xen-netback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931}
- xen-blkback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931}
- Xen/gntdev: correct error checking in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932}
- Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932}
- Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932}
- Xen/x86: don't bail early from clear_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932}
- tap: fix use-after-free (Michael S. Tsirkin) [Orabug: 32466083]
- vhost scsi: alloc vhost_scsi with kvzalloc() to avoid delay (Dongli Zhang) [Orabug: 32471695]
- Fix double free KASAN warnings and use after free of kmalloc-32 object. (Imran Khan) [Orabug: 32480357]

Related CVEs

CVE-2021-26932

CVE-2021-26930

CVE-2021-26931

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 7 (x86_64)	kernel-uek-container-4.14.35-2047.500.10.el7.src.rpm	837868c9e21c9055a700999ee88964a6	ELSA-2021-9221
	kernel-uek-container-4.14.35-2047.500.10.el7.x86_64.rpm	c13dea6c80e194dca22461cd6534db5e	ELSA-2021-9221

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691