ELSA-2021-9459
- ULN >
- Oracle Linux Errata repository >
- ELSA-2021-9459
ELSA-2021-9459 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2021-09-22 |
Description
[4.1.12-124.54.6.1]
- fs/namespace.c: fix mountpoint reference counter race (Piotr Krysiuk) [Orabug: 33369433] {CVE-2020-12114} {CVE-2020-12114}
- btrfs: only search for left_info if there is no right_info in try_merge_free_space (Josef Bacik) [Orabug: 33369414] {CVE-2019-19448} {CVE-2019-19448}
- cfg80211: wext: avoid copying malformed SSIDs (Will Deacon) [Orabug: 33369390] {CVE-2019-17133}
- vhost_net: fix possible infinite loop (Jason Wang) [Orabug: 33369374] {CVE-2019-3900} {CVE-2019-3900}
- vhost: introduce vhost_exceeds_weight() (Jason Wang) [Orabug: 33369374] {CVE-2019-3900}
- vhost_net: introduce vhost_exceeds_weight() (Jason Wang) [Orabug: 33369374] {CVE-2019-3900}
- vhost_net: use packet weight for rx handler, too (Paolo Abeni) [Orabug: 33369374] {CVE-2019-3900}
- vhost-net: set packet weight of tx polling to 2 * vq size (haibinzhang) [Orabug: 33369374] {CVE-2019-3900}
- mac80211: extend protection against mixed key and fragment cache attacks (Wen Gong) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24586} {CVE-2020-24587}
- mac80211: do not accept/forward invalid EAPOL frames (Johannes Berg) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147}
- mac80211: prevent attacks on TKIP/WEP as well (Johannes Berg) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147}
- mac80211: check defrag PN against current frame (Johannes Berg) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147}
- mac80211: add fragment cache to sta_info (Johannes Berg) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147}
- mac80211: drop A-MSDUs on old ciphers (Johannes Berg) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24588}
- cfg80211: mitigate A-MSDU aggregation attacks (Mathy Vanhoef) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24588}
- mac80211: properly handle A-MSDUs that start with an RFC 1042 header (Mathy Vanhoef) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147}
- mac80211: prevent mixed key and fragment cache attacks (Mathy Vanhoef) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24587} {CVE-2020-24586}
- mac80211: assure all fragments are encrypted (Mathy Vanhoef) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-26147}
- sctp: validate from_addr_param return (Marcelo Ricardo Leitner) [Orabug: 33369303] {CVE-2021-3655}
- virtio_console: Assure used length from device is limited (Xie Yongji) [Orabug: 33369276] {CVE-2021-38160}
- net_sched: cls_route: remove the right filter from hashtable (Cong Wang) [Orabug: 33369231] {CVE-2021-3715}
- HID: make arrays usage and value to be the same (Will McVicker) [Orabug: 33369121] {CVE-2021-0512}
- ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Ts'o) [Orabug: 33369043] {CVE-2021-40490}
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 6 (x86_64) | kernel-uek-4.1.12-124.54.6.1.el6uek.src.rpm | 14794cf09810cfe708b26db8fa31d3f54decb8b9ca327abfe70b7e52caf82409 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS |
| kernel-uek-4.1.12-124.54.6.1.el6uek.x86_64.rpm | 2f3289d34a82862333068d59f9edd92835290438dc0c6e1781c361d081008297 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| kernel-uek-debug-4.1.12-124.54.6.1.el6uek.x86_64.rpm | 96df54e252187782afa14330b9c56c66e0d9b0fd0079ac8babcd0a6688908e01 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| kernel-uek-debug-devel-4.1.12-124.54.6.1.el6uek.x86_64.rpm | 38b86da4f7a124d0bb8e4a4013746db06d3ae1bd0b92d4991bd71132afccf968 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| kernel-uek-devel-4.1.12-124.54.6.1.el6uek.x86_64.rpm | edad385d2fb55c09896acdf8a7c252f907df9d651c7b40c1b40ce9a5de64cd10 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| kernel-uek-doc-4.1.12-124.54.6.1.el6uek.noarch.rpm | 0350e857e675eccc2e84109e568c8e2517980115e21b4c8ba36a00a179b95800 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| kernel-uek-firmware-4.1.12-124.54.6.1.el6uek.noarch.rpm | 8e8eab94e2cada0b9b3383514ff655f31534a15b18d53105dc1195b8e104a31b | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| Oracle Linux 7 (x86_64) | kernel-uek-4.1.12-124.54.6.1.el7uek.src.rpm | 9d95009322427bb7f0234759dcd04fc4f632773e13910f4d12955a61a1d41733 | ELSA-2025-20190 | ol7_x86_64_UEKR4 |
| kernel-uek-4.1.12-124.54.6.1.el7uek.x86_64.rpm | b996d42dd5514b8cf89477cd53ab0755d1a36053bc36b9e8676f1eb536d8aa2f | ELSA-2025-20190 | ol7_x86_64_UEKR4 | |
| kernel-uek-debug-4.1.12-124.54.6.1.el7uek.x86_64.rpm | 2612081517deaf4ec254a60633969d5f8527b28b80888ca28fbc2e8ba538e629 | ELSA-2025-20190 | ol7_x86_64_UEKR4 | |
| kernel-uek-debug-devel-4.1.12-124.54.6.1.el7uek.x86_64.rpm | 945bb8275fa71c9223bb9271fd266fa71a1d625fb2d799b6789141c38366a26b | ELSA-2025-20190 | ol7_x86_64_UEKR4 | |
| kernel-uek-devel-4.1.12-124.54.6.1.el7uek.x86_64.rpm | 2bd344c3efbc794e45638b0447828169b6f2646c9587cfc91c04ef5f1f0652a1 | ELSA-2025-20190 | ol7_x86_64_UEKR4 | |
| kernel-uek-doc-4.1.12-124.54.6.1.el7uek.noarch.rpm | 8ce2c12fa22724d3dfcb9dff71c8f645869ce18b29c69070b084168760b127e3 | ELSA-2025-20190 | ol7_x86_64_UEKR4 | |
| kernel-uek-firmware-4.1.12-124.54.6.1.el7uek.noarch.rpm | 8b49fc0b39b6fba30a429de349661efb160d42c8a4f6bdab9af6ed31c2cc463a | ELSA-2025-20007 | ol7_x86_64_UEKR4 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
