OVMSA-2020-0047 - Unbreakable Enterprise kernel security update

Release Date:2020-11-06


- scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS (himanshu.madhani@cavium.com) [Orabug: 32020790]

- qed: Reduce verbosity of unimplemented MFW messages (Mintz, Yuval) [Orabug: 31959299]
- kexec: validate pe files against the system_blacklist_keyring (Eric Snowberg) [Orabug: 31961119] {CVE-2020-26541}

- usb: cdc-acm: make sure a refcount is taken early enough (Oliver Neukum) [Orabug: 31351088] {CVE-2019-19530}
- net/rds: migration of a delayed initialized port present in down state (Praveen Kumar Kannoju) [Orabug: 31729995]
- net: add high_order_alloc_disable sysctl (Eric Dumazet) [Orabug: 31835223]
- mm, page_alloc: double zone's batchsize (Aaron Lu) [Orabug: 31835223]
- mm/free_pcppages_bulk: prefetch buddy while not holding lock (Aruna Ramakrishna) [Orabug: 31835223]
- mm/free_pcppages_bulk: do not hold lock when picking pages to free (Aruna Ramakrishna) [Orabug: 31835223]
- mm, page_alloc: remove unnecessary variable from free_pcppages_bulk (Mel Gorman) [Orabug: 31835223]
- netfilter: ctnetlink: add a range check for l3/l4 protonum (Will McVicker) [Orabug: 31872865] {CVE-2020-25211}
- net/rds: Extract dest qp num for displaying in rds-info (Praveen Kumar Kannoju) [Orabug: 31880144]
- uek-rpm: Update secure boot UEK signing certificates (Brian Maly) [Orabug: 31974559]

- oracleasm: Retrieve d_bdev before dropping inode (Stephen Brennan) [Orabug: 31832592]
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (Paolo Bonzini) [Orabug: 31962487]

Related CVEs


Updated Packages

Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle VM 3.4 (x86_64) kernel-uek-4.1.12-124.44.4.el6uek.src.rpmfd9e6d136add2af0b2ee091341ac725eOVMSA-2021-0016

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team