An unbreakable Enterprise kernel security update has been released for Oracle Linux 6.

El-errata: ELSA-2021-9395 Important: Oracle Linux 6 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2021-9395

  http://linux.oracle.com/errata/ELSA-2021-9395.html

The following updated rpms for Oracle Linux 6 Extended Lifecycle Support (ELS) have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.53.5.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.53.5.el6uek.noarch.rpm
kernel-uek-4.1.12-124.53.5.el6uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.53.5.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.53.5.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.53.5.el6uek.x86_64.rpm


Related CVEs:

CVE-2020-14304
CVE-2021-22555
CVE-2021-32399
CVE-2021-33909



Description of changes:

[4.1.12-124.53.5.el6uek]
- seq_file: disallow extremely large seq buffer allocations (Eric Sandeen) [Orabug: 33143006] {CVE-2021-33909}

[4.1.12-124.53.3.el6uek]
- net/mlx4: Fix EEPROM dump support (Vladyslav Tarasiuk) [Orabug: 31895301] {CVE-2020-14304}
- net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query (Erez Alfasi) [Orabug: 31895301] {CVE-2020-14304}
- netfilter: x_tables: fix compat match/target pad out-of-bound write (Florian Westphal) [Orabug: 33093028] {CVE-2021-22555}
- xen/blkback: Make sure all vbd fields are initialized (Boris Ostrovsky) [Orabug: 33131620]

[4.1.12-124.53.2.el6uek]
- scsi: lpfc: Fix driver crash in target reset handler (James Smart) [Orabug: 33048899]

[4.1.12-124.53.1.el6uek]
- xfs: fix lockup issue (Junxiao Bi) [Orabug: 32836026]
- bluetooth: eliminate the potential race condition when removing the HCI controller (Lin Ma) [Orabug: 32912036] {CVE-2021-32399} {CVE-2021-32399}