Oracle delivers enhanced security and performance with the Unbreakable Enterprise Kernel Release 7 Update 2

November 3, 2023 | 2 minute read
Simon Coter
Director, Oracle Linux and Virtualization Product Management
Text Size 100%:

Oracle is pleased to announce the availability of the Unbreakable Enterprise Kernel (UEK) Release 7 Update 2 (UEK R7U2) for Oracle Linux. This release introduces innovations in areas of NVMe, improved support for AMD CPUs, driver updates from key partners including Intel, Mellanox, Broadcom, Marvell, and Microsoft, and several important security improvements and bug fixes from the upstream community. Oracle Linux with UEK delivers reliability and performance for the most demanding workloads, including Oracle Cloud Infrastructure (OCI), Oracle Database, and Oracle Exadata, bringing the same features used by Oracle to Oracle Linux customers.

UEK R7U2 for Oracle Linux is based on the mainline kernel version 5.15 and is identified by the release number ending in -200 (5.15.0-200). For additional details on these and other new features and changes, please review the Release Notes.

What's New?

NVMe In-Band Authentication for Data Protection

NVMe In-Band authentication is a security feature for NVMe over fabrics configurations. It provides an authentication protocol that uses a "shared secret" and doesn't require the transmission of a password between the host and controller. The functionality is added to both the host and target side and is driven by the user space nvme-cli application.

AMD Last Branch Record Extension Version 2

This UEK release implements AMD Last Branch Record Extension Version 2 (LbrExtV2), which is used for determining and analyzing the control flow of software by logging branch information into registers in real time. The branch information allows the system to decide what paths "hot code" should be directed to and is useful for areas like profile-guided compiler optimizations and other application-based tuning.

Kernel SYN Flood Messages Include the Listening Address

Kernel SYN flood messages are enhanced to include both the listening IP address and port to easily identify the affected socket when many processes are bound to the same port on different IP addresses.

Security (CVE) Fixes

A full list of CVEs fixed in this release can be found in the Release Notes for UEK R7U2.

Oracle Linux Resources

Oracle Linux is an ideal choice for all production, development, and test systems and can be downloaded, used, and distributed free of charge, with all updates and errata freely available.

Downloads

Documentation, Training and Hands-on Labs

GitHub Projects

Social Media

Simon Coter

Director, Oracle Linux and Virtualization Product Management

A 19-year Oracle veteran, Simon Coter is an experienced product manager and open source community member. He leads a team responsible for several Oracle Linux and Virtualization offerings, including Oracle Linux, the Unbreakable Enterprise Kernel for Oracle Linux, Oracle Cloud Native Environment, Oracle Linux KVM, Oracle Linux Virtualization Manager, Oracle Linux Automation Manager, Gluster, Oracle VM, and VirtualBox. Prior to this, Simon was a technical consultant focused on project management, architectures definition, sizing and implementation, best practices, and technical references for customers.


Previous Post

Keep Linux Open and Free - OpenELA Marks Major Milestones in Governance and Code Availability

Honglin Su | 2 min read

Next Post


Learn to deploy Oracle OS Management Hub with the video training series

Nicolas Pares | 3 min read