[ol7_UEKR4] kernel-uek-devel-4.1.12-124.54.6.1.el7uek.x86_64

Name:	kernel-uek-devel
Version:	4.1.12
Release:	124.54.6.1.el7uek
Architecture:	x86_64
Group:	System Environment/Kernel
Size:	40916908
License:	GPLv2
RPM:	kernel-uek-devel-4.1.12-124.54.6.1.el7uek.x86_64.rpm
Source RPM:	kernel-uek-4.1.12-124.54.6.1.el7uek.src.rpm
Build Date:	Fri Sep 17 2021
Build Host:	host-100-100-224-60.blddevtest1iad.osdevelopmeniad.oraclevcn.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	Development package for building kernel modules to match the kernel
Description:	This package provides kernel headers and makefiles sufficient to build modules against the kernel package.

Changelog (Show File list) (Show related packages)

Fri Sep 17 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.54.6.1.el7uek]

- fs/namespace.c: fix mountpoint reference counter race (Piotr Krysiuk)  [Orabug: 33369433]  {CVE-2020-12114} {CVE-2020-12114} 
- btrfs: only search for left_info if there is no right_info in try_merge_free_space (Josef Bacik)  [Orabug: 33369414]  {CVE-2019-19448} {CVE-2019-19448} 
- cfg80211: wext: avoid copying malformed SSIDs (Will Deacon)  [Orabug: 33369390]  {CVE-2019-17133} 
- vhost_net: fix possible infinite loop (Jason Wang)  [Orabug: 33369374]  {CVE-2019-3900} {CVE-2019-3900} 
- vhost: introduce vhost_exceeds_weight() (Jason Wang)  [Orabug: 33369374]  {CVE-2019-3900} 
- vhost_net: introduce vhost_exceeds_weight() (Jason Wang)  [Orabug: 33369374]  {CVE-2019-3900} 
- vhost_net: use packet weight for rx handler, too (Paolo Abeni)  [Orabug: 33369374]  {CVE-2019-3900} 
- vhost-net: set packet weight of tx polling to 2 * vq size (haibinzhang(张海斌))  [Orabug: 33369374]  {CVE-2019-3900} 
- mac80211: extend protection against mixed key and fragment cache attacks (Wen Gong)  [Orabug: 33369361]  {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24586} {CVE-2020-24587} 
- mac80211: do not accept/forward invalid EAPOL frames (Johannes Berg)  [Orabug: 33369361]  {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} 
- mac80211: prevent attacks on TKIP/WEP as well (Johannes Berg)  [Orabug: 33369361]  {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} 
- mac80211: check defrag PN against current frame (Johannes Berg)  [Orabug: 33369361]  {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} 
- mac80211: add fragment cache to sta_info (Johannes Berg)  [Orabug: 33369361]  {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} 
- mac80211: drop A-MSDUs on old ciphers (Johannes Berg)  [Orabug: 33369361]  {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24588} 
- cfg80211: mitigate A-MSDU aggregation attacks (Mathy Vanhoef)  [Orabug: 33369361]  {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24588} 
- mac80211: properly handle A-MSDUs that start with an RFC 1042 header (Mathy Vanhoef)  [Orabug: 33369361]  {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} 
- mac80211: prevent mixed key and fragment cache attacks (Mathy Vanhoef)  [Orabug: 33369361]  {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24587} {CVE-2020-24586} 
- mac80211: assure all fragments are encrypted (Mathy Vanhoef)  [Orabug: 33369361]  {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-26147} 
- sctp: validate from_addr_param return (Marcelo Ricardo Leitner)  [Orabug: 33369303]  {CVE-2021-3655} 
- virtio_console: Assure used length from device is limited (Xie Yongji)  [Orabug: 33369276]  {CVE-2021-38160} 
- net_sched: cls_route: remove the right filter from hashtable (Cong Wang)  [Orabug: 33369231]  {CVE-2021-3715} 
- HID: make arrays usage and value to be the same (Will McVicker)  [Orabug: 33369121]  {CVE-2021-0512} 
- ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Ts'o)  [Orabug: 33369043]  {CVE-2021-40490}

Thu Aug 26 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.54.6.el7uek]

- xen-netback: do not kfree_skb() when irq is disabled (Dongli Zhang)  [Orabug: 33282046]

Tue Aug 24 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.54.5.el7uek]

- l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall() (Guillaume Nault)  [Orabug: 33113975]  {CVE-2020-0429} 
- l2tp: ensure sessions are freed after their PPPOL2TP socket (Guillaume Nault)  [Orabug: 33113975]  {CVE-2020-0429} 
- l2tp: Refactor the codes with existing macros instead of literal number (Gao Feng)  [Orabug: 33113975]  {CVE-2020-0429} 
- l2tp: fix duplicate session creation (Guillaume Nault)  [Orabug: 33113975]  {CVE-2020-0429} 
- l2tp: ensure session can't get removed during pppol2tp_session_ioctl() (Guillaume Nault)  [Orabug: 33113975]  {CVE-2020-0429} 
- l2tp: fix race in l2tp_recv_common() (Guillaume Nault)  [Orabug: 33113975]  {CVE-2020-0429} 
- net: l2tp: Make l2tp_ip6 namespace aware (Shmulik Ladkani)  [Orabug: 33113975]  {CVE-2020-0429} 
- l2tp: Correctly return -EBADF from pppol2tp_getname. (phil.turnbull@oracle.com)  [Orabug: 33113975]  {CVE-2020-0429}

Tue Aug 17 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.54.4.el7uek]

- USB: mon: Use scnprintf() for avoiding potential buffer overflow (Takashi Iwai)  [Orabug: 33113260]  {CVE-2019-9456} 
- usb: usbmon: Read text within supplied buffer size (Pete Zaitcev)  [Orabug: 33113260]  {CVE-2019-9456}

Tue Aug 10 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.54.3.el7uek]

- uek-rpm: mark /etc/ld.so.conf.d/ files as %config (Stephen Brennan)  [Orabug: 32060376]  
- config: remove CONFIG_VGACON_SOFT_SCROLLBACK from kernel configs (Brian Maly)  [Orabug: 33047770]  {CVE-2020-28097} {CVE-2020-28097} 
- vgacon: remove software scrollback support (Linus Torvalds)  [Orabug: 33047770]  {CVE-2020-28097} 
- can: bcm: delay release of struct bcm_op after synchronize_rcu() (Thadeu Lima de Souza Cascardo)  [Orabug: 33114649]  {CVE-2021-3609} 
- iommu/vt-d: Use plain writeq() for dmar_writeq() where available (David Woodhouse)  [Orabug: 33199774]

Thu Aug 05 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.54.2.el7uek]

- qla2xxx: update version to 9.00.00.00.42.0-k1-v6 (Quinn Tran)  [Orabug: 33196002]  
- qla2xxx: add heartbeat check (Quinn Tran)  [Orabug: 33196002]

Wed Aug 04 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.54.1.el7uek]

- can: bcm: fix infoleak in struct bcm_msg_head (Norbert Slusarek)  [Orabug: 33030701]  {CVE-2021-34693} 
- CIFS: 511c54a2f691 adds a check for session expiry (Aruna Ramakrishna)  [Orabug: 33063858]  
- CIFS: Reconnect expired SMB sessions (Pavel Shilovsky)  [Orabug: 33063858]  
- media: v4l: event: Add subscription to list before calling "add" operation (Sakari Ailus)  [Orabug: 33113344]  {CVE-2019-9458} 
- media: v4l: event: Prevent freeing event subscriptions while accessed (Sakari Ailus)  [Orabug: 33113344]  {CVE-2019-9458} 
- chardev: Avoid potential use-after-free in 'chrdev_open()' (Will Deacon)  [Orabug: 33113412]  {CVE-2020-0305} 
- kobject: Export kobject_get_unless_zero() (Jan Kara)  [Orabug: 33113412]  {CVE-2020-0305} 
- cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE (Sergey Matyukevich)  [Orabug: 33114443]  {CVE-2020-27068}

Thu Jul 22 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.53.5.el7uek]

- seq_file: disallow extremely large seq buffer allocations (Eric Sandeen)  [Orabug: 33143006]  {CVE-2021-33909}

Tue Jul 20 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.53.3.el7uek]

- net/mlx4: Fix EEPROM dump support (Vladyslav Tarasiuk)  [Orabug: 31895301]  {CVE-2020-14304} 
- net/mlx4_en: ethtool, Remove unsupported SFP EEPROM high pages query (Erez Alfasi)  [Orabug: 31895301]  {CVE-2020-14304} 
- netfilter: x_tables: fix compat match/target pad out-of-bound write (Florian Westphal)  [Orabug: 33093028]  {CVE-2021-22555} 
- xen/blkback: Make sure all vbd fields are initialized (Boris Ostrovsky)  [Orabug: 33131620]

Tue Jul 13 2021 Brian Maly <brian.maly@oracle.com> [4.1.12-124.53.2.el7uek]

- scsi: lpfc: Fix driver crash in target reset handler (James Smart)  [Orabug: 33048899]