Synopsis
The remote Oracle Linux host is missing one or more security updates.
Description
Description of changes:
[4.1.12-124.38.1.el7uek]
- rds: transport module should be auto loaded when transport is set (Rao Shoaib) [Orabug: 31031928]
- KVM: X86: Fix NULL deref in vcpu_scan_ioapic (Wanpeng Li) [Orabug: 31078882]
- vhost: Check docket sk_family instead of call getname (Eugenio Pé rez) [Orabug: 31085993] {CVE-2020-10942}
- Revert 'oled: give panic handler chance to run before kexec' (Wengang Wang) [Orabug: 31098797]
[4.1.12-124.37.3.el7uek]
- kernel: cpu.c: fix return in void function cpu_smt_disable (Mihai Carabas) [Orabug: 31047871]
- net: qlogic: Fix memory leak in ql_alloc_large_buffers (Navid Emamdoost) [Orabug: 31055327] {CVE-2019-18806}
- swiotlb: clean up reporting (Kees Cook) [Orabug: 31085017] {CVE-2018-5953}
- KVM: x86: Expose more Intel AVX512 feature to guest (Luwei Kang) [Orabug: 31085086]
- x86/cpufeature: Enable new AVX-512 features (Fenghua Yu) [Orabug: 31085086]
[4.1.12-124.37.2.el7uek]
- xenbus: req->err should be updated before req->state (Dongli Zhang) [Orabug: 30705030]
- xenbus: req->body should be updated before req->state (Dongli Zhang) [Orabug: 30705030]
Solution
Update the affected unbreakable enterprise kernel packages.