[ol7_UEKR4] kernel-uek-debug-4.1.12-124.54.6.el7uek.x86_64

Name:	kernel-uek-debug
Version:	4.1.12
Release:	124.54.6.el7uek
Architecture:	x86_64
Group:	System Environment/Kernel
Size:	170389614
License:	GPLv2
RPM:	kernel-uek-debug-4.1.12-124.54.6.el7uek.x86_64.rpm
Source RPM:	kernel-uek-4.1.12-124.54.6.el7uek.src.rpm
Build Date:	Fri Aug 27 2021
Build Host:	host-100-100-224-35.blddevtest1iad.osdevelopmeniad.oraclevcn.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	The Linux kernel compiled with extra debugging enabled
Description:	The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. This variant of the kernel has numerous debugging options enabled. It should only be installed when trying to gather additional information on kernel bugs, as some of these options impact performance noticably.

Changelog (Show File list) (Show related packages)

Thu Aug 26 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.54.6.el7uek]

- xen-netback: do not kfree_skb() when irq is disabled (Dongli Zhang)  [Orabug: 33282046]

Tue Aug 24 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.54.5.el7uek]

- l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall() (Guillaume Nault)  [Orabug: 33113975]  {CVE-2020-0429} 
- l2tp: ensure sessions are freed after their PPPOL2TP socket (Guillaume Nault)  [Orabug: 33113975]  {CVE-2020-0429} 
- l2tp: Refactor the codes with existing macros instead of literal number (Gao Feng)  [Orabug: 33113975]  {CVE-2020-0429} 
- l2tp: fix duplicate session creation (Guillaume Nault)  [Orabug: 33113975]  {CVE-2020-0429} 
- l2tp: ensure session can't get removed during pppol2tp_session_ioctl() (Guillaume Nault)  [Orabug: 33113975]  {CVE-2020-0429} 
- l2tp: fix race in l2tp_recv_common() (Guillaume Nault)  [Orabug: 33113975]  {CVE-2020-0429} 
- net: l2tp: Make l2tp_ip6 namespace aware (Shmulik Ladkani)  [Orabug: 33113975]  {CVE-2020-0429} 
- l2tp: Correctly return -EBADF from pppol2tp_getname. (phil.turnbull@oracle.com)  [Orabug: 33113975]  {CVE-2020-0429}

Tue Aug 17 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.54.4.el7uek]

- USB: mon: Use scnprintf() for avoiding potential buffer overflow (Takashi Iwai)  [Orabug: 33113260]  {CVE-2019-9456} 
- usb: usbmon: Read text within supplied buffer size (Pete Zaitcev)  [Orabug: 33113260]  {CVE-2019-9456}

Tue Aug 10 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.54.3.el7uek]

- uek-rpm: mark /etc/ld.so.conf.d/ files as %config (Stephen Brennan)  [Orabug: 32060376]  
- config: remove CONFIG_VGACON_SOFT_SCROLLBACK from kernel configs (Brian Maly)  [Orabug: 33047770]  {CVE-2020-28097} {CVE-2020-28097} 
- vgacon: remove software scrollback support (Linus Torvalds)  [Orabug: 33047770]  {CVE-2020-28097} 
- can: bcm: delay release of struct bcm_op after synchronize_rcu() (Thadeu Lima de Souza Cascardo)  [Orabug: 33114649]  {CVE-2021-3609} 
- iommu/vt-d: Use plain writeq() for dmar_writeq() where available (David Woodhouse)  [Orabug: 33199774]

Thu Aug 05 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.54.2.el7uek]

- qla2xxx: update version to 9.00.00.00.42.0-k1-v6 (Quinn Tran)  [Orabug: 33196002]  
- qla2xxx: add heartbeat check (Quinn Tran)  [Orabug: 33196002]

Wed Aug 04 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.54.1.el7uek]

- can: bcm: fix infoleak in struct bcm_msg_head (Norbert Slusarek)  [Orabug: 33030701]  {CVE-2021-34693} 
- CIFS: 511c54a2f691 adds a check for session expiry (Aruna Ramakrishna)  [Orabug: 33063858]  
- CIFS: Reconnect expired SMB sessions (Pavel Shilovsky)  [Orabug: 33063858]  
- media: v4l: event: Add subscription to list before calling "add" operation (Sakari Ailus)  [Orabug: 33113344]  {CVE-2019-9458} 
- media: v4l: event: Prevent freeing event subscriptions while accessed (Sakari Ailus)  [Orabug: 33113344]  {CVE-2019-9458} 
- chardev: Avoid potential use-after-free in 'chrdev_open()' (Will Deacon)  [Orabug: 33113412]  {CVE-2020-0305} 
- kobject: Export kobject_get_unless_zero() (Jan Kara)  [Orabug: 33113412]  {CVE-2020-0305} 
- cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE (Sergey Matyukevich)  [Orabug: 33114443]  {CVE-2020-27068}

Thu Jul 22 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.53.5.el7uek]

- seq_file: disallow extremely large seq buffer allocations (Eric Sandeen)  [Orabug: 33143006]  {CVE-2021-33909}

Tue Jul 20 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.53.3.el7uek]

- net/mlx4: Fix EEPROM dump support (Vladyslav Tarasiuk)  [Orabug: 31895301]  {CVE-2020-14304} 
- net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query (Erez Alfasi)  [Orabug: 31895301]  {CVE-2020-14304} 
- netfilter: x_tables: fix compat match/target pad out-of-bound write (Florian Westphal)  [Orabug: 33093028]  {CVE-2021-22555} 
- xen/blkback: Make sure all vbd fields are initialized (Boris Ostrovsky)  [Orabug: 33131620]

Tue Jul 13 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.53.2.el7uek]

- scsi: lpfc: Fix driver crash in target reset handler (James Smart)  [Orabug: 33048899]

Tue Jul 06 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.53.1.el7uek]

- xfs: fix lockup issue (Junxiao Bi)  [Orabug: 32836026]  
- bluetooth: eliminate the potential race condition when removing the HCI controller (Lin Ma)  [Orabug: 32912036]  {CVE-2021-32399} {CVE-2021-32399}