1. Home
  2. Security Advisories
  3. Oracle Linux
  4. ELSA-2020-2082

[ELSA-2020-2082] kernel security and bug fix update

Severity Important
Affected Packages 13
CVEs 3
Info Packages References Vulnerabilities

[3.10.0-1127.8.2.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]

[3.10.0-1127.8.2]
- [net] netlabel: cope with NULL catmap (Paolo Abeni) [1827239 1827240] {CVE-2020-10711}

[3.10.0-1127.8.1]
- [scsi] scsi: qla2xxx: initialize fc4_type_priority (Nilesh Javali) [1827274 1808129]

[3.10.0-1127.7.1]
- [net] sched: flower: insert new filter to idr after setting its mask (Davide Caratti) [1824548 1785141]
- [netdrv] r8169: fix network stalls due to missing bit TXCFG_AUTO_FIFO (Corinna Vinschen) [1822548 1787263]
- [net] net_sched: remove a bogus warning in hfsc (Davide Caratti) [1821262 1781323]
- [net] tcp: make tcp_space() aware of socket backlog (Guillaume Nault) [1817499 1790840]
- [scsi] iscsi: Avoid potential deadlock in iscsi_if_rx func (Oleksandr Natalenko) [1817497 1715986]
- [scsi] scsi: avoid repetitive logging of device offline messages (Nilesh Javali) [1815596 1798042]
- [scsi] qla2xxx: Fix I/Os being passed down when FC device is being deleted (Nilesh Javali) [1815596 1798042]
- [scsi] scsi: qla2xxx: Fix unbound sleep in fcport delete path (Nilesh Javali) [1815596 1798042]
- [scsi] scsi: qla2xxx: Fix hang in fcport delete path (Nilesh Javali) [1815596 1798042]
- [scsi] scsi: qla2xxx: Fix stuck session in GNL (Nilesh Javali) [1815596 1798042]
- [scsi] scsi: qla2xxx: Correct fcport flags handling (Nilesh Javali) [1815596 1798042]
- [scsi] scsi: qla2xxx: Remove defer flag to indicate immeadiate port loss (Nilesh Javali) [1815596 1798042]
- [scsi] scsi: megaraid_sas: fixup MSIx interrupt setup during resume (Tomas Henzl) [1813249 1807077]
- [md] dm mpath: call clear_request_fn_mpio() in multipath_release_clone() (Mike Snitzer) [1812937 1806400]
- [scsi] scsi: implement .cleanup_rq callback (Mike Snitzer) [1812937 1806400]
- [md] blk-mq: add callback of .cleanup_rq (Mike Snitzer) [1812937 1806400]
- [md] dm rq: fix checking of dm_dispatch_clone_request's return value (Ming Lei) [1814537 1805401]

[3.10.0-1127.6.1]
- [x86] x86/debug: Extend the lower bound of crash kernel low reservations (Pingfan Liu) [1817502 1811511]

[3.10.0-1127.5.1]
- [netdrv] hv/netvsc: Fix NULL dereference at single queue mode fallback (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv/netvsc: fix handling of fallback to single queue mode (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix unwanted rx_table reset (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix tx_table init in rndis_set_subchannel() (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: fix typos in code comments (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix hash key value reset after other ops (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Refactor assignments of struct netvsc_device_info (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: split sub-channel setup into async and sync (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix send_table offset in case of a host bug (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Add NetVSP v6 and v6.1 into version negotiation (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix offset usage in netvsc_send_table() (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: simplify receive side calling arguments (Mohammed Gamal) [1817935 1806488]

[3.10.0-1127.4.1]
- [x86] kvm: x86: do not reset microcode version on INIT or RESET (Paolo Bonzini) [1814003 1801852]
- [x86] kvm: x86: list MSR_IA32_UCODE_REV as an emulated MSR (Paolo Bonzini) [1814003 1801852]
- [x86] kvm: x86: Allow userspace to define the microcode version (Paolo Bonzini) [1814003 1801852]

[3.10.0-1127.3.1]
- [md] md/raid6: Set R5_ReadError when there is read failure on parity disk (Xiao Ni) [1810062 1804569]
- [kernel] blktrace: fix dereference after null check (Ming Lei) [1806367 1798318] {CVE-2019-19768}
- [kernel] blktrace: Protect q->blk_trace with RCU (Ming Lei) [1806367 1798318] {CVE-2019-19768}
- [kernel] blktrace: fix trace mutex deadlock (Ming Lei) [1806367 1798318] {CVE-2019-19768}
- [kernel] blktrace: fix unlocked registration of tracepoints (Ming Lei) [1806367 1798318] {CVE-2019-19768}
- [kernel] blktrace: fix unlocked access to init/start-stop/teardown (Ming Lei) [1806367 1798318] {CVE-2019-19768}

[3.10.0-1127.2.1]
- [kernel] tick-sched: Update nohz load even if tick already stopped (Scott Wood) [1808030 1694877]

[3.10.0-1127.1.1]
- [net] openvswitch: support asymmetric conntrack (Aaron Conole) [1806447 1757759]
- [kernel] audit: CONFIG_CHANGE don't log internal bookkeeping as an event (Richard Guy Briggs) [1806430 1777239]
- [kernel] tracing: Fix possible double free on failure of allocating trace buffer (Jerome Marchand) [1803010 1803011] {CVE-2017-18595}
- [kernel] tracing: Fix crash when it fails to alloc ring buffer (Jerome Marchand) [1803010 1803011] {CVE-2017-18595}
- [base] of: to support binding numa node to specified device in devicetree (Jeff Moyer) [1801699 1791883]
- [ptp] ptp: free ptp device pin descriptors properly (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: fix the race between the release of ptp_clock and cdev (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: Fix pass zero to ERR_PTR() in ptp_clock_register (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: create 'pins' together with the rest of attributes (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: use is_visible method to hide unused attributes (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: use kcalloc when allocating arrays (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: do not explicitly set drvdata in ptp_clock_register() (Vladis Dronov) [1798396 1774657]
- [ptp] drivers/ptp: Fix kernel memory disclosure (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: Fix resource leak in case of error (Vladis Dronov) [1798396 1774657]
- [netdrv] ptp: drivers: set the number of programmable pins (Vladis Dronov) [1798396 1774657]
- [ptp] ptp: expose the programmable pins via sysfs (Vladis Dronov) [1798396 1774657]
- [documentation] ptp: add the pin GET/SETFUNC ioctls to the testptp program (Vladis Dronov) [1798396 1774657]
- [documentation] ptp: Allow selecting trigger/event index in testptp (Vladis Dronov) [1798396 1774657]
- [documentation] ptp: add the PTP_SYS_OFFSET ioctl to the testptp program (Vladis Dronov) [1798396 1774657]
- [netdrv] ixgbevf: Use cached link state instead of re-reading the value for ethtool (Ken Cox) [1796799 1794812]
- [kernel] sched: Fix schedule_tail() to disable preemption (Phil Auld) [1796262 1771094]

Package Affected Version
pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 < 3.10.0-1127.8.2.el7
pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 < 3.10.0-1127.8.2.el7
pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 < 3.10.0-1127.8.2.el7
pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 < 3.10.0-1127.8.2.el7
pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 < 3.10.0-1127.8.2.el7
pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 < 3.10.0-1127.8.2.el7
pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 < 3.10.0-1127.8.2.el7
pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 < 3.10.0-1127.8.2.el7
pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 < 3.10.0-1127.8.2.el7
pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 < 3.10.0-1127.8.2.el7
pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 < 3.10.0-1127.8.2.el7
pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 < 3.10.0-1127.8.2.el7
pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-7 < 3.10.0-1127.8.2.el7
ID
ELSA-2020-2082
Severity
important
URL
https://linux.oracle.com/errata/ELSA-2020-2082.html
Published
2020-05-14T00:00:00
(4 years ago)
Modified
2020-05-14T00:00:00
(4 years ago)
Rights
Copyright 2020 Oracle, Inc.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 oraclelinux python-perf < 3.10.0-1127.8.2.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 oraclelinux perf < 3.10.0-1127.8.2.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 oraclelinux kernel < 3.10.0-1127.8.2.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 oraclelinux kernel-tools < 3.10.0-1127.8.2.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 oraclelinux kernel-tools-libs < 3.10.0-1127.8.2.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 oraclelinux kernel-tools-libs-devel < 3.10.0-1127.8.2.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 oraclelinux kernel-headers < 3.10.0-1127.8.2.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 oraclelinux kernel-doc < 3.10.0-1127.8.2.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 oraclelinux kernel-devel < 3.10.0-1127.8.2.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 oraclelinux kernel-debug < 3.10.0-1127.8.2.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 oraclelinux kernel-debug-devel < 3.10.0-1127.8.2.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 oraclelinux kernel-abi-whitelists < 3.10.0-1127.8.2.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-7 oraclelinux bpftool < 3.10.0-1127.8.2.el7 oraclelinux-7
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date