[ELSA-2020-2082] kernel security and bug fix update
[3.10.0-1127.8.2.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
[3.10.0-1127.8.2]
- [net] netlabel: cope with NULL catmap (Paolo Abeni) [1827239 1827240] {CVE-2020-10711}
[3.10.0-1127.8.1]
- [scsi] scsi: qla2xxx: initialize fc4_type_priority (Nilesh Javali) [1827274 1808129]
[3.10.0-1127.7.1]
- [net] sched: flower: insert new filter to idr after setting its mask (Davide Caratti) [1824548 1785141]
- [netdrv] r8169: fix network stalls due to missing bit TXCFG_AUTO_FIFO (Corinna Vinschen) [1822548 1787263]
- [net] net_sched: remove a bogus warning in hfsc (Davide Caratti) [1821262 1781323]
- [net] tcp: make tcp_space() aware of socket backlog (Guillaume Nault) [1817499 1790840]
- [scsi] iscsi: Avoid potential deadlock in iscsi_if_rx func (Oleksandr Natalenko) [1817497 1715986]
- [scsi] scsi: avoid repetitive logging of device offline messages (Nilesh Javali) [1815596 1798042]
- [scsi] qla2xxx: Fix I/Os being passed down when FC device is being deleted (Nilesh Javali) [1815596 1798042]
- [scsi] scsi: qla2xxx: Fix unbound sleep in fcport delete path (Nilesh Javali) [1815596 1798042]
- [scsi] scsi: qla2xxx: Fix hang in fcport delete path (Nilesh Javali) [1815596 1798042]
- [scsi] scsi: qla2xxx: Fix stuck session in GNL (Nilesh Javali) [1815596 1798042]
- [scsi] scsi: qla2xxx: Correct fcport flags handling (Nilesh Javali) [1815596 1798042]
- [scsi] scsi: qla2xxx: Remove defer flag to indicate immeadiate port loss (Nilesh Javali) [1815596 1798042]
- [scsi] scsi: megaraid_sas: fixup MSIx interrupt setup during resume (Tomas Henzl) [1813249 1807077]
- [md] dm mpath: call clear_request_fn_mpio() in multipath_release_clone() (Mike Snitzer) [1812937 1806400]
- [scsi] scsi: implement .cleanup_rq callback (Mike Snitzer) [1812937 1806400]
- [md] blk-mq: add callback of .cleanup_rq (Mike Snitzer) [1812937 1806400]
- [md] dm rq: fix checking of dm_dispatch_clone_request's return value (Ming Lei) [1814537 1805401]
[3.10.0-1127.6.1]
- [x86] x86/debug: Extend the lower bound of crash kernel low reservations (Pingfan Liu) [1817502 1811511]
[3.10.0-1127.5.1]
- [netdrv] hv/netvsc: Fix NULL dereference at single queue mode fallback (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv/netvsc: fix handling of fallback to single queue mode (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix unwanted rx_table reset (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix tx_table init in rndis_set_subchannel() (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: fix typos in code comments (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix hash key value reset after other ops (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Refactor assignments of struct netvsc_device_info (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: split sub-channel setup into async and sync (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix send_table offset in case of a host bug (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Add NetVSP v6 and v6.1 into version negotiation (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix offset usage in netvsc_send_table() (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: simplify receive side calling arguments (Mohammed Gamal) [1817935 1806488]
[3.10.0-1127.4.1]
- [x86] kvm: x86: do not reset microcode version on INIT or RESET (Paolo Bonzini) [1814003 1801852]
- [x86] kvm: x86: list MSR_IA32_UCODE_REV as an emulated MSR (Paolo Bonzini) [1814003 1801852]
- [x86] kvm: x86: Allow userspace to define the microcode version (Paolo Bonzini) [1814003 1801852]
[3.10.0-1127.3.1]
- [md] md/raid6: Set R5_ReadError when there is read failure on parity disk (Xiao Ni) [1810062 1804569]
- [kernel] blktrace: fix dereference after null check (Ming Lei) [1806367 1798318] {CVE-2019-19768}
- [kernel] blktrace: Protect q->blk_trace with RCU (Ming Lei) [1806367 1798318] {CVE-2019-19768}
- [kernel] blktrace: fix trace mutex deadlock (Ming Lei) [1806367 1798318] {CVE-2019-19768}
- [kernel] blktrace: fix unlocked registration of tracepoints (Ming Lei) [1806367 1798318] {CVE-2019-19768}
- [kernel] blktrace: fix unlocked access to init/start-stop/teardown (Ming Lei) [1806367 1798318] {CVE-2019-19768}
[3.10.0-1127.2.1]
- [kernel] tick-sched: Update nohz load even if tick already stopped (Scott Wood) [1808030 1694877]
[3.10.0-1127.1.1]
- [net] openvswitch: support asymmetric conntrack (Aaron Conole) [1806447 1757759]
- [kernel] audit: CONFIG_CHANGE don't log internal bookkeeping as an event (Richard Guy Briggs) [1806430 1777239]
- [kernel] tracing: Fix possible double free on failure of allocating trace buffer (Jerome Marchand) [1803010 1803011] {CVE-2017-18595}
- [kernel] tracing: Fix crash when it fails to alloc ring buffer (Jerome Marchand) [1803010 1803011] {CVE-2017-18595}
- [base] of: to support binding numa node to specified device in devicetree (Jeff Moyer) [1801699 1791883]
- [ptp] ptp: free ptp device pin descriptors properly (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: fix the race between the release of ptp_clock and cdev (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: Fix pass zero to ERR_PTR() in ptp_clock_register (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: create 'pins' together with the rest of attributes (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: use is_visible method to hide unused attributes (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: use kcalloc when allocating arrays (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: do not explicitly set drvdata in ptp_clock_register() (Vladis Dronov) [1798396 1774657]
- [ptp] drivers/ptp: Fix kernel memory disclosure (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: Fix resource leak in case of error (Vladis Dronov) [1798396 1774657]
- [netdrv] ptp: drivers: set the number of programmable pins (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: expose the programmable pins via sysfs (Vladis Dronov) [1798396 1774657]
- [documentation] ptp: add the pin GET/SETFUNC ioctls to the testptp program (Vladis Dronov) [1798396 1774657]
- [documentation] ptp: Allow selecting trigger/event index in testptp (Vladis Dronov) [1798396 1774657]
- [documentation] ptp: add the PTP_SYS_OFFSET ioctl to the testptp program (Vladis Dronov) [1798396 1774657]
- [netdrv] ixgbevf: Use cached link state instead of re-reading the value for ethtool (Ken Cox) [1796799 1794812]
- [kernel] sched: Fix schedule_tail() to disable preemption (Phil Auld) [1796262 1771094]
- ID
- ELSA-2020-2082
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2020-2082.html
- Published
-
2020-05-14T00:00:00
(4 years ago) - Modified
-
2020-05-14T00:00:00
(4 years ago) - Rights
- Copyright 2020 Oracle, Inc.
- Other Advisories
-
- ALAS-2020-1366
- ALAS-2020-1377
- ALAS-2020-1382
- ALAS2-2020-1425
- ALAS2-2020-1431
- DSA-4698-1
- DSA-4699-1
- ELSA-2020-1769
- ELSA-2020-2102
- ELSA-2020-2103
- ELSA-2020-5508
- ELSA-2020-5663
- ELSA-2020-5676
- ELSA-2020-5755
- ELSA-2020-5756
- ELSA-2020-5866
- ELSA-2021-9002
- FEDORA-2020-203ffedeb5
- FEDORA-2020-4336d63533
- FEDORA-2020-5a69decc0c
- FEDORA-2020-c6b9fff7f8
- FEDORA-2020-e47d28bc2b
- MS:CVE-2020-10711
- openSUSE-SU-2019:2307-1
- openSUSE-SU-2019:2308-1
- openSUSE-SU-2020:0388-1
- openSUSE-SU-2020:0801-1
- openSUSE-SU-2020:0935-1
- openSUSE-SU-2021:0242-1
- RHSA-2020:1567
- RHSA-2020:1769
- RHSA-2020:2082
- RHSA-2020:2085
- RHSA-2020:2102
- RHSA-2020:2103
- RHSA-2020:2125
- RHSA-2020:2171
- SSA:2020-163-01
- SUSE-SU-2019:2648-1
- SUSE-SU-2019:2651-1
- SUSE-SU-2019:2658-1
- SUSE-SU-2019:2706-1
- SUSE-SU-2019:2710-1
- SUSE-SU-2019:2756-1
- SUSE-SU-2019:2879-1
- SUSE-SU-2019:2949-1
- SUSE-SU-2019:2950-1
- SUSE-SU-2019:2984-1
- SUSE-SU-2019:3200-1
- SUSE-SU-2019:3295-1
- SUSE-SU-2020:0093-1
- SUSE-SU-2020:0836-1
- SUSE-SU-2020:1084-1
- SUSE-SU-2020:1085-1
- SUSE-SU-2020:1087-1
- SUSE-SU-2020:1118-1
- SUSE-SU-2020:1119-1
- SUSE-SU-2020:1123-1
- SUSE-SU-2020:1141-1
- SUSE-SU-2020:1142-1
- SUSE-SU-2020:1255-1
- SUSE-SU-2020:1275-1
- SUSE-SU-2020:1587-1
- SUSE-SU-2020:1599-1
- SUSE-SU-2020:1602-1
- SUSE-SU-2020:1603-1
- SUSE-SU-2020:1604-1
- SUSE-SU-2020:1605-1
- SUSE-SU-2020:1663-1
- SUSE-SU-2020:2027-1
- SUSE-SU-2020:2105-1
- SUSE-SU-2020:2134-1
- SUSE-SU-2020:2152-1
- SUSE-SU-2020:2156-1
- SUSE-SU-2020:2478-1
- SUSE-SU-2020:2487-1
- USN-4342-1
- USN-4344-1
- USN-4345-1
- USN-4346-1
- USN-4411-1
- USN-4412-1
- USN-4413-1
- USN-4414-1
- USN-4419-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2020-2082 | https://linux.oracle.com/errata/ELSA-2020-2082.html | |
CVE | CVE-2020-10711 | https://linux.oracle.com/cve/CVE-2020-10711.html | |
CVE | CVE-2017-18595 | https://linux.oracle.com/cve/CVE-2017-18595.html | |
CVE | CVE-2019-19768 | https://linux.oracle.com/cve/CVE-2019-19768.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux | python-perf | < 3.10.0-1127.8.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux | perf | < 3.10.0-1127.8.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 | oraclelinux | kernel | < 3.10.0-1127.8.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 | oraclelinux | kernel-tools | < 3.10.0-1127.8.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs | < 3.10.0-1127.8.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs-devel | < 3.10.0-1127.8.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 | oraclelinux | kernel-headers | < 3.10.0-1127.8.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 | oraclelinux | kernel-doc | < 3.10.0-1127.8.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 | oraclelinux | kernel-devel | < 3.10.0-1127.8.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 | oraclelinux | kernel-debug | < 3.10.0-1127.8.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-debug-devel | < 3.10.0-1127.8.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 | oraclelinux | kernel-abi-whitelists | < 3.10.0-1127.8.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-7 | oraclelinux | bpftool | < 3.10.0-1127.8.2.el7 | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |