Synopsis: ELSA-2021-9486 can now be patched using Ksplice CVEs: CVE-2020-16119 CVE-2020-29372 CVE-2021-28951 CVE-2021-29657 CVE-2021-3491
Users with Oracle Linux Premier Support can now use Ksplice to patch against the latest Oracle Linux Security Advisory, ELSA-2021-9486. More information about this errata can be found at https://linux.oracle.com/errata/ELSA-2021-9486.html INSTALLING THE UPDATES We recommend that all users of Ksplice Uptrack running UEKR6 5.4.17 on OL7 and OL8 install these updates. On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf, these updates will be installed automatically and you do not need to take any action. Alternatively, you can install these updates by running: # /usr/sbin/uptrack-upgrade -y DESCRIPTION * Denial-of-service in block device subsystem. A logic error whilst removing a gendisk device may lead to a deadlock in the block device subsystem. This could cause an denial-of-service. Orabug: 33396355 * CVE-2020-29372: Denial-of-service in Memory Management subsystem due to a race condition. A race condition in Memory Management subsystem could result in loss of availability. A local user could use this flaw to cause a denial-of-service. Orabug: 33042559 * Note: Oracle has determined that CVE-2020-16119 is not applicable. Oracle has determined that CVE-2020-16119 is not applicable to the running kernel. Applying the patch has no resulting changes in the generated object files. Orabug: 33408808 * Note: Oracle has determined that CVE-2021-3491 is not applicable. Oracle has determined that CVE-2021-3491 is not applicable to the running kernel. The vulnerable patch was introduced only starting from 5.4.17-2136.300.7 kernel version. Orabug: 33042559 * Note: Oracle has determined that CVE-2021-28951 is not applicable. Oracle has determined that CVE-2021-28951 is not applicable to the running kernel. The vulnerable patch was introduced only starting from 5.4.17-2136.300.7 kernel version. Orabug: 33042559 * Note: Oracle has determined that CVE-2021-29657 is not applicable. Oracle has determined that CVE-2021-29657 is not applicable to the running kernel. The vulnerable patch was introduced only starting from 5.4.17-2136.300.7 kernel version. Orabug: 32490237 SUPPORT Ksplice support is available at [email protected]. _______________________________________________ El-errata mailing list [email protected] https://oss.oracle.com/mailman/listinfo/el-errata
