OVMSA-2021-0010

OVMSA-2021-0010 - Unbreakable Enterprise kernel security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2021-04-27

Description


[4.1.12-124.49.3.1]
- SecureBoot Digicert 2021 certificates update (Brian Maly) [Orabug: 32532671]

[4.1.12-124.49.3]
- xen/netback: avoid race in xenvif_rx_ring_slots_available() (Juergen Gross) [Orabug: 32485156]
- audit: fix error handling in audit_data_to_entry() (Paul Moore) [Orabug: 32608451] {CVE-2020-0444}

[4.1.12-124.49.2]
- scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [Orabug: 32640641]
- scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [Orabug: 32640641] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365}
- scsi: iscsi: Report connection state in sysfs (Gabriel Krisman Bertazi) [Orabug: 32640641] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365}
- sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output (Joe Perches) [Orabug: 32640641]
- scsi: iscsi: Restrict sessions and handles to admin capabilities (Lee Duncan) [Orabug: 32640641] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365}

[4.1.12-124.49.1]
- hsr: use netdev_err() instead of WARN_ONCE() (Taehee Yoo) [Orabug: 32576074]

[4.1.12-124.48.5]
- kernel/acct.c: fix the acct->needcheck check in check_free_space() (Oleg Nesterov) [Orabug: 31587485]
- HID: hid-input: clear unmapped usages (Dmitry Torokhov) [Orabug: 32464790] {CVE-2020-0431}
- tcp: fix to update snd_wl1 in bulk receiver fast path (Neal Cardwell) [Orabug: 32498826]

[4.1.12-124.48.4]
- xen-blkback: fix error handling in xen_blkbk_map() (Jan Beulich) [Orabug: 32520758] {CVE-2021-26930}
- xen-scsiback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32520750] {CVE-2021-26931}
- xen-netback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32520750] {CVE-2021-26931}
- xen-blkback: don't 'handle' error by BUG() (Jan Beulich) [Orabug: 32520750] {CVE-2021-26931}
- Xen/gntdev: correct error checking in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32520717] {CVE-2021-26932}
- Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32520717] {CVE-2021-26932}
- Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32520717] {CVE-2021-26932}
- Xen/x86: don't bail early from clear_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32520717] {CVE-2021-26932}

[4.1.12-124.48.3]
- bnxt_en: Fix ethtool -x crash when device is down. (Michael Chan) [Orabug: 32466092]

[4.1.12-124.48.2]
- vhost scsi: alloc vhost_scsi with kvzalloc() to avoid delay (Dongli Zhang) [Orabug: 32471166]

[4.1.12-124.48.1]
- nfs: Fix security label length not being reset (Jeffrey Mitchell) [Orabug: 32350996]
- rds: Add code to debug rds_tcp loopback hang (Rao Shoaib) [Orabug: 32382656]

[4.1.12-124.47.3]
- sysctl: handle overflow in proc_get_long (Christian Brauner) [Orabug: 31588015]

[4.1.12-124.47.2]
- mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() (Qing Xu) [Orabug: 31350932] {CVE-2020-12653}
- lockd: don't use interval-based rebinding over TCP (Calum Mackay) [Orabug: 31435700]
- ALSA: rawmidi: Fix racy buffer resize under concurrent accesses (Takashi Iwai) [Orabug: 32240688] {CVE-2020-27786}
- xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) [Orabug: 32247942] {CVE-2020-29568}
- xen/xenbus: Count pending messages for each watch (SeongJae Park) [Orabug: 32247942] {CVE-2020-29568}
- xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park) [Orabug: 32247942] {CVE-2020-29568}
- xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (SeongJae Park) [Orabug: 32247942] {CVE-2020-29568}
- xen/xenbus: Allow watches discard events before queueing (SeongJae Park) [Orabug: 32247942] {CVE-2020-29568}
- KVM: x86: clflushopt should be treated as a no-op by emulation (David Edmondson) [Orabug: 32251907]
- tty: Fix ->session locking (Jann Horn) [Orabug: 32266682] {CVE-2020-29660}
- tty: Fix ->pgrp locking in tiocspgrp() (Jann Horn) [Orabug: 32266682] {CVE-2020-29660}
- tty: core: Use correct spinlock flavor in tiocspgrp() (Peter Hurley) [Orabug: 32266682] {CVE-2020-29660}
- mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui) [Orabug: 32349208] {CVE-2020-36158}

[4.1.12-124.47.1]
- target: fix XCOPY NAA identifier lookup (Mike Christie) [Orabug: 32374139] {CVE-2020-28374}

[4.1.12-124.46.4]
- xen/events: block rogue events for some time (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673}
- xen/events: defer eoi in case of excessive number of events (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673}
- xen/events: use a common cpu hotplug hook for event channels (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673}
- xen/events: switch user event channels to lateeoi model (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673}
- xen/pciback: use lateeoi irq binding (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673}
- xen/scsiback: use lateeoi irq binding (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673}
- xen/netback: use lateeoi irq binding (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673}
- xen/blkback: use lateeoi irq binding (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673}
- xen/events: add a new 'late EOI' evtchn framework (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673}
- xen/events: fix race in evtchn_fifo_unmask() (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673}
- xen/events: add a proper barrier to 2-level uevent unmasking (Juergen Gross) [Orabug: 31984335] {CVE-2020-27673}
- xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel Wieczorkiewicz) [Orabug: 32223358] {CVE-2020-29569}

[4.1.12-124.46.3]
- mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (Ganapathi Bhat) [Orabug: 30781859] {CVE-2019-14895} {CVE-2019-14895}
- ext4: fix ext4_empty_dir() for directories with holes (Jan Kara) [Orabug: 31265320] {CVE-2019-19037} {CVE-2019-19037}
- netlabel: cope with NULL catmap (Paolo Abeni) [Orabug: 31350493] {CVE-2020-10711}
- scsi: mptfusion: Fix double fetch bug in ioctl (Dan Carpenter) [Orabug: 31350941] {CVE-2020-12652}
- scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() (Dan Carpenter) [Orabug: 31350941] {CVE-2020-12652}
- USB: core: Fix free-while-in-use bug in the USB S-Glibrary (Alan Stern) [Orabug: 31350967] {CVE-2020-12464}
- drivers: usb: core: Minimize irq disabling in usb_sg_cancel() (David Mosberger) [Orabug: 31350967] {CVE-2020-12464}
- drivers: usb: core: Don't disable irqs in usb_sg_wait() during URB submit. (David Mosberger) [Orabug: 31350967] {CVE-2020-12464}
- ext4: work around deleting a file with i_nlink == 0 safely (Theodore Ts'o) [Orabug: 31351014] {CVE-2019-19447}
- xen/events: avoid removing an event channel while handling it (Juergen Gross) [Orabug: 31984319]
- xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage (Josh Abraham) [Orabug: 31984319]
- ext4: fix fencepost in s_first_meta_bg validation (Theodore Ts'o) [Orabug: 32197511]


Related CVEs


CVE-2020-0444
CVE-2021-27363
CVE-2021-27364
CVE-2021-27365

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle VM 3 (x86_64) kernel-uek-4.1.12-124.49.3.1.el6uek.src.rpmf696ad5667c65701ea4c7383c3a6af75OVMSA-2021-0016
kernel-uek-4.1.12-124.49.3.1.el6uek.x86_64.rpm00428803685bc8d964fac7c410e2db8cOVMSA-2021-0016
kernel-uek-firmware-4.1.12-124.49.3.1.el6uek.noarch.rpm7b71305579ce6de21287ea0763dc1bc2OVMSA-2021-0016



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete