[ELSA-2021-9442] Unbreakable Enterprise kernel security update
[4.1.12-124.54.6]
- xen-netback: do not kfree_skb() when irq is disabled (Dongli Zhang) [Orabug: 33282046]
[4.1.12-124.54.5]
- l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall() (Guillaume Nault) [Orabug: 33113975] {CVE-2020-0429}
- l2tp: ensure sessions are freed after their PPPOL2TP socket (Guillaume Nault) [Orabug: 33113975] {CVE-2020-0429}
- l2tp: Refactor the codes with existing macros instead of literal number (Gao Feng) [Orabug: 33113975] {CVE-2020-0429}
- l2tp: fix duplicate session creation (Guillaume Nault) [Orabug: 33113975] {CVE-2020-0429}
- l2tp: ensure session can't get removed during pppol2tp_session_ioctl() (Guillaume Nault) [Orabug: 33113975] {CVE-2020-0429}
- l2tp: fix race in l2tp_recv_common() (Guillaume Nault) [Orabug: 33113975] {CVE-2020-0429}
- net: l2tp: Make l2tp_ip6 namespace aware (Shmulik Ladkani) [Orabug: 33113975] {CVE-2020-0429}
- l2tp: Correctly return -EBADF from pppol2tp_getname. (phil.turnbull@oracle.com) [Orabug: 33113975] {CVE-2020-0429}
[4.1.12-124.54.4]
- USB: mon: Use scnprintf() for avoiding potential buffer overflow (Takashi Iwai) [Orabug: 33113260] {CVE-2019-9456}
- usb: usbmon: Read text within supplied buffer size (Pete Zaitcev) [Orabug: 33113260] {CVE-2019-9456}
[4.1.12-124.54.3]
- uek-rpm: mark /etc/ld.so.conf.d/ files as %config (Stephen Brennan) [Orabug: 32060376]
- config: remove CONFIG_VGACON_SOFT_SCROLLBACK from kernel configs (Brian Maly) [Orabug: 33047770] {CVE-2020-28097} {CVE-2020-28097}
- vgacon: remove software scrollback support (Linus Torvalds) [Orabug: 33047770] {CVE-2020-28097}
- can: bcm: delay release of struct bcm_op after synchronize_rcu() (Thadeu Lima de Souza Cascardo) [Orabug: 33114649] {CVE-2021-3609}
- iommu/vt-d: Use plain writeq() for dmar_writeq() where available (David Woodhouse) [Orabug: 33199774]
[4.1.12-124.54.2]
- qla2xxx: update version to 9.00.00.00.42.0-k1-v6 (Quinn Tran) [Orabug: 33196002]
- qla2xxx: add heartbeat check (Quinn Tran) [Orabug: 33196002]
[4.1.12-124.54.1]
- can: bcm: fix infoleak in struct bcm_msg_head (Norbert Slusarek) [Orabug: 33030701] {CVE-2021-34693}
- CIFS: 511c54a2f691 adds a check for session expiry (Aruna Ramakrishna) [Orabug: 33063858]
- CIFS: Reconnect expired SMB sessions (Pavel Shilovsky) [Orabug: 33063858]
- media: v4l: event: Add subscription to list before calling 'add' operation (Sakari Ailus) [Orabug: 33113344] {CVE-2019-9458}
- media: v4l: event: Prevent freeing event subscriptions while accessed (Sakari Ailus) [Orabug: 33113344] {CVE-2019-9458}
- chardev: Avoid potential use-after-free in 'chrdev_open()' (Will Deacon) [Orabug: 33113412] {CVE-2020-0305}
- kobject: Export kobject_get_unless_zero() (Jan Kara) [Orabug: 33113412] {CVE-2020-0305}
- cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE (Sergey Matyukevich) [Orabug: 33114443] {CVE-2020-27068}
- ID
- ELSA-2021-9442
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2021-9442.html
- Published
-
2021-09-08T00:00:00
(3 years ago) - Modified
-
2021-09-08T00:00:00
(3 years ago) - Rights
- Copyright 2021 Oracle, Inc.
- Other Advisories
-
- ALAS-2021-1539
- ALSA-2020:4431
- ALSA-2021:3057
- ASA-202107-48
- ASA-202107-49
- ASA-202107-50
- ASA-202107-51
- DSA-4941-1
- ELSA-2020-4060
- ELSA-2021-3057
- ELSA-2021-9450
- ELSA-2021-9451
- ELSA-2021-9452
- ELSA-2021-9453
- FEDORA-2021-95f2f1cfc7
- FEDORA-2021-fe826f202e
- MS:CVE-2021-34693
- MS:CVE-2021-3609
- openSUSE-SU-2019:2173-1
- openSUSE-SU-2019:2181-1
- openSUSE-SU-2020:0543-1
- openSUSE-SU-2020:1153-1
- openSUSE-SU-2020:1236-1
- openSUSE-SU-2021:0060-1
- openSUSE-SU-2021:0075-1
- openSUSE-SU-2021:0242-1
- openSUSE-SU-2021:1076-1
- openSUSE-SU-2021:2305-1
- openSUSE-SU-2021:2352-1
- openSUSE-SU-2021:2427-1
- openSUSE-SU-2021:2645-1
- openSUSE-SU-2021:2687-1
- openSUSE-SU-2021:3876-1
- openSUSE-SU-2022:0363-1
- openSUSE-SU-2022:0370-1
- RHSA-2019:2029
- RHSA-2019:2043
- RHSA-2020:4060
- RHSA-2020:4062
- RHSA-2020:4431
- RHSA-2020:4609
- RHSA-2021:3044
- RHSA-2021:3057
- RHSA-2021:3088
- RLSA-2021:3057
- SSA:2021-202-01
- SUSE-SU-2019:2412-1
- SUSE-SU-2019:2414-1
- SUSE-SU-2019:2424-1
- SUSE-SU-2019:2648-1
- SUSE-SU-2019:2651-1
- SUSE-SU-2019:2658-1
- SUSE-SU-2019:2738-1
- SUSE-SU-2019:2756-1
- SUSE-SU-2019:2949-1
- SUSE-SU-2019:2950-1
- SUSE-SU-2019:2984-1
- SUSE-SU-2019:3200-1
- SUSE-SU-2020:0093-1
- SUSE-SU-2020:1084-1
- SUSE-SU-2020:1085-1
- SUSE-SU-2020:1087-1
- SUSE-SU-2020:1118-1
- SUSE-SU-2020:1119-1
- SUSE-SU-2020:1123-1
- SUSE-SU-2020:1141-1
- SUSE-SU-2020:1142-1
- SUSE-SU-2020:1146-1
- SUSE-SU-2020:1255-1
- SUSE-SU-2020:1275-1
- SUSE-SU-2020:1663-1
- SUSE-SU-2020:2102-1
- SUSE-SU-2020:2103-1
- SUSE-SU-2020:2105-1
- SUSE-SU-2020:2106-1
- SUSE-SU-2020:2107-1
- SUSE-SU-2020:2119-1
- SUSE-SU-2020:2121-1
- SUSE-SU-2020:2122-1
- SUSE-SU-2020:2134-1
- SUSE-SU-2020:2152-1
- SUSE-SU-2020:2487-1
- SUSE-SU-2020:2491-1
- SUSE-SU-2020:2492-1
- SUSE-SU-2020:2497-1
- SUSE-SU-2020:2498-1
- SUSE-SU-2020:2505-1
- SUSE-SU-2020:2506-1
- SUSE-SU-2020:2507-1
- SUSE-SU-2020:2513-1
- SUSE-SU-2020:2526-1
- SUSE-SU-2020:2531-1
- SUSE-SU-2020:2605-1
- SUSE-SU-2020:3219-1
- SUSE-SU-2020:3225-1
- SUSE-SU-2020:3648-1
- SUSE-SU-2020:3656-1
- SUSE-SU-2021:0094-1
- SUSE-SU-2021:0095-1
- SUSE-SU-2021:0096-1
- SUSE-SU-2021:0097-1
- SUSE-SU-2021:0098-1
- SUSE-SU-2021:0108-1
- SUSE-SU-2021:0117-1
- SUSE-SU-2021:0118-1
- SUSE-SU-2021:0133-1
- SUSE-SU-2021:0434-1
- SUSE-SU-2021:0437-1
- SUSE-SU-2021:0438-1
- SUSE-SU-2021:0452-1
- SUSE-SU-2021:0835-1
- SUSE-SU-2021:1074-1
- SUSE-SU-2021:1148-1
- SUSE-SU-2021:2026-1
- SUSE-SU-2021:2303-1
- SUSE-SU-2021:2305-1
- SUSE-SU-2021:2321-1
- SUSE-SU-2021:2324-1
- SUSE-SU-2021:2325-1
- SUSE-SU-2021:2349-1
- SUSE-SU-2021:2352-1
- SUSE-SU-2021:2406-1
- SUSE-SU-2021:2407-1
- SUSE-SU-2021:2408-1
- SUSE-SU-2021:2416-1
- SUSE-SU-2021:2421-1
- SUSE-SU-2021:2422-1
- SUSE-SU-2021:2426-1
- SUSE-SU-2021:2427-1
- SUSE-SU-2021:2438-1
- SUSE-SU-2021:2451-1
- SUSE-SU-2021:2599-1
- SUSE-SU-2021:2599-2
- SUSE-SU-2021:2643-1
- SUSE-SU-2021:2644-1
- SUSE-SU-2021:2645-1
- SUSE-SU-2021:2647-1
- SUSE-SU-2021:2687-1
- SUSE-SU-2021:2746-1
- SUSE-SU-2021:2842-1
- SUSE-SU-2021:2846-1
- SUSE-SU-2021:3876-1
- SUSE-SU-2021:3929-1
- SUSE-SU-2021:3935-1
- SUSE-SU-2021:3972-1
- SUSE-SU-2022:0363-1
- SUSE-SU-2022:0364-1
- SUSE-SU-2022:0370-1
- SUSE-SU-2022:0372-1
- SUSE-SU-2022:0543-1
- SUSE-SU-2022:0555-1
- USN-4997-1
- USN-4997-2
- USN-4999-1
- USN-5000-1
- USN-5000-2
- USN-5001-1
- USN-5002-1
- USN-5003-1
- USN-5045-1
- USN-5070-1
- USN-5073-1
- USN-5073-2
- USN-5073-3
- USN-5082-1
- USN-5299-1
- USN-5343-1
- USN-5505-1
- USN-5513-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2021-9442 | https://linux.oracle.com/errata/ELSA-2021-9442.html | |
CVE | CVE-2019-9458 | https://linux.oracle.com/cve/CVE-2019-9458.html | |
CVE | CVE-2020-0305 | https://linux.oracle.com/cve/CVE-2020-0305.html | |
CVE | CVE-2019-9456 | https://linux.oracle.com/cve/CVE-2019-9456.html | |
CVE | CVE-2020-27068 | https://linux.oracle.com/cve/CVE-2020-27068.html | |
CVE | CVE-2020-0429 | https://linux.oracle.com/cve/CVE-2020-0429.html | |
CVE | CVE-2020-28097 | https://linux.oracle.com/cve/CVE-2020-28097.html | |
CVE | CVE-2021-34693 | https://linux.oracle.com/cve/CVE-2021-34693.html | |
CVE | CVE-2021-3609 | https://linux.oracle.com/cve/CVE-2021-3609.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux | kernel-uek | < 4.1.12-124.54.6.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux | kernel-uek | < 4.1.12-124.54.6.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux | kernel-uek-firmware | < 4.1.12-124.54.6.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux | kernel-uek-firmware | < 4.1.12-124.54.6.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux | kernel-uek-doc | < 4.1.12-124.54.6.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux | kernel-uek-doc | < 4.1.12-124.54.6.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-devel | < 4.1.12-124.54.6.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-devel | < 4.1.12-124.54.6.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug | < 4.1.12-124.54.6.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug | < 4.1.12-124.54.6.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug-devel | < 4.1.12-124.54.6.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug-devel | < 4.1.12-124.54.6.el6uek | oraclelinux-6 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |