[ELSA-2020-2427] kernel security and bug fix update

Severity Important

Affected Packages 20

CVEs 1

[4.18.0-193.6.3_2.OL8]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]

[4.18.0-193.6.3_2]
- rebuild to enable xt_u32 module (Jiri Benc) [1840800 1840799 1834769 1838190]

[4.18.0-193.6.2_2]
- [documentation] x86/speculation: Add Ivy Bridge to affected list (Josh Poimboeuf) [1827191 1827192] {CVE-2020-0543}
- [documentation] x86/speculation: Add SRBDS vulnerability and mitigation documentation (Josh Poimboeuf) [1827191 1827192] {CVE-2020-0543}
- [x86] x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Josh Poimboeuf) [1827191 1827192] {CVE-2020-0543}
- [x86] x86/cpu: Add 'table' argument to cpu_matches() (Josh Poimboeuf) [1827191 1827192] {CVE-2020-0543}
- [x86] x86/cpu: Add a steppings field to struct x86_cpu_id (Josh Poimboeuf) [1827191 1827192] {CVE-2020-0543}

[4.18.0-193.6.1_2]
- [char] tpm: ibmvtpm: retry on H_CLOSED in tpm_ibmvtpm_send() (Steve Best) [1827632 1808048]
- [netdrv] bonding: fix active-backup transition after link failure (Jarod Wilson) [1838477 1819408]
- [netdrv] bonding: fix state transition issue in link monitoring (Jarod Wilson) [1838477 1819408]
- [kernel] sched/fair: Allow a per-CPU kthread waking a task to stack on the same CPU, to fix XFS performance regression (Phil Auld) [1834517 1745111]
- [block] block, bfq: fix use-after-free in bfq_idle_slice_timer_body (Ming Lei) [1835531 1835532] {CVE-2020-12657}
- [kvm] KVM: x86: use raw clock values consistently (Marcelo Tosatti) [1822498 1768622]
- [kvm] KVM: x86: reorganize pvclock_gtod_data members (Marcelo Tosatti) [1822498 1768622]
- [kvm] KVM: x86: switch KVMCLOCK base to monotonic raw clock (Marcelo Tosatti) [1822498 1768622]

[4.18.0-193.5.1_2]
- [fs] nfs: fix NULL deference in nfs4_get_valid_delegation ('J. Bruce Fields') [1837969 1831553]

[4.18.0-193.4.1_2]
- [bluetooth] Revert 'Bluetooth: btusb: driver to enable the usb-wakeup feature' (Gopal Tiwari) [1827620 1811534]
- [net] netlabel: cope with NULL catmap (Paolo Abeni) [1827249 1827251] {CVE-2020-10711}
- [mm] s390/mm: fix page table upgrade vs 2ndary address mode accesses (Vladis Dronov) [1828153 1828154] {CVE-2020-11884}

[4.18.0-193.3.1_2]
- [kernel] sched/isolation: Allow 'isolcpus=' to skip unknown sub-parameters (Peter Xu) [1832367 1799014]
- [firmware] efi: fix a mistype in comments mentioning efivar_entry_iter_begin() (Vladis Dronov) [1829527 1804417]
- [firmware] efi: add a sanity check to efivar_store_raw() (Vladis Dronov) [1829527 1804417]
- [firmware] efi: fix a race and a buffer overflow while reading efivars via sysfs (Vladis Dronov) [1829527 1804417]
- [net] net/smc: keep vlan_id for SMC-R in smc_listen_work() (Philipp Rudo) [1827631 1796890]

[4.18.0-193.2.1_2]
- [net] vti[6]: fix packet tx through bpf_redirect() in XinY cases (Sabrina Dubroca) [1821375 1795145]
- [net] xfrm interface: fix packet tx through bpf_redirect() (Sabrina Dubroca) [1821375 1795145]
- [net] vti[6]: fix packet tx through bpf_redirect() (Sabrina Dubroca) [1821375 1795145]
- [scripts] redhat: fix modpost.c prerequisites (Frantisek Hrbata) [1828229 1818499]
- [infiniband] IB/core: Avoid deadlock during netlink message handling (Kamal Heib) [1821381 1818986]
- [infiniband] RDMA/core: Support netlink commands in non init_net net namespaces (Kamal Heib) [1821381 1818986]
- [misc] mei: me: add comet point (lake) H device ids (Ken Cox) [1825262 1815355]
- [misc] mei: me: add comet point (lake) LP device ids (Ken Cox) [1825262 1815355]
- [misc] mei: define dma ring buffer sizes for PCH12 HW and newer (Ken Cox) [1825262 1815355]
- [misc] mei: hbm: define dma ring setup protocol (Ken Cox) [1825262 1815355]
- [net] SUNRPC: fix krb5p mount to provide large enough buffer in rq_rcvsize (Steve Dickson) [1826219 1825388]
- [mm] mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa (Rafael Aquini) [1827619 1763878]
- [mm] mm: thp: fix flags for pmd migration when split (Rafael Aquini) [1827619 1763878]
- [mm] mm: thp: relocate flush_cache_range() in migrate_misplaced_transhuge_page() (Rafael Aquini) [1827619 1763878]
- [mm] mm: thp: fix mmu_notifier in migrate_misplaced_transhuge_page() (Rafael Aquini) [1827619 1763878]
- [mm] mm: thp: fix MADV_DONTNEED vs migrate_misplaced_transhuge_page race condition (Rafael Aquini) [1827619 1763878]
- [md] Revert 'dm: always call blk_queue_split() in dm_process_bio()' (Mike Snitzer) [1821382 1820705]

Package	Affected Version
pkg:rpm/oraclelinux/python3-perf?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/perf?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-modules?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-modules-extra?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-debug-modules?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-debug-modules-extra?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-debug-core?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-cross-headers?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-core?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2
pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-8.2	< 4.18.0-193.6.3.el8_2

ID

ELSA-2020-2427

Severity

important

URL

https://linux.oracle.com/errata/ELSA-2020-2427.html

Published

2020-06-10T00:00:00
(4 years ago)

Modified

2020-06-10T00:00:00
(4 years ago)

Rights

Other Advisories

Source	# ID	Name	URL
elsa	ELSA-2020-2427		https://linux.oracle.com/errata/ELSA-2020-2427.html
CVE	CVE-2020-12657		https://linux.oracle.com/cve/CVE-2020-12657.html

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/oraclelinux/python3-perf?distro=oraclelinux-8.2	oraclelinux	python3-perf	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/perf?distro=oraclelinux-8.2	oraclelinux	perf	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel?distro=oraclelinux-8.2	oraclelinux	kernel	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-8.2	oraclelinux	kernel-tools	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-8.2	oraclelinux	kernel-tools-libs	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-8.2	oraclelinux	kernel-tools-libs-devel	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-modules?distro=oraclelinux-8.2	oraclelinux	kernel-modules	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-modules-extra?distro=oraclelinux-8.2	oraclelinux	kernel-modules-extra	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-8.2	oraclelinux	kernel-headers	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-8.2	oraclelinux	kernel-doc	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-8.2	oraclelinux	kernel-devel	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-8.2	oraclelinux	kernel-debug	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-debug-modules?distro=oraclelinux-8.2	oraclelinux	kernel-debug-modules	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-debug-modules-extra?distro=oraclelinux-8.2	oraclelinux	kernel-debug-modules-extra	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-8.2	oraclelinux	kernel-debug-devel	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-debug-core?distro=oraclelinux-8.2	oraclelinux	kernel-debug-core	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-cross-headers?distro=oraclelinux-8.2	oraclelinux	kernel-cross-headers	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-core?distro=oraclelinux-8.2	oraclelinux	kernel-core	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-8.2	oraclelinux	kernel-abi-whitelists	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2
Affected	pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-8.2	oraclelinux	bpftool	< 4.18.0-193.6.3.el8_2	oraclelinux-8.2

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date