[ELSA-2020-2427] kernel security and bug fix update
[4.18.0-193.6.3_2.OL8]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
[4.18.0-193.6.3_2]
- rebuild to enable xt_u32 module (Jiri Benc) [1840800 1840799 1834769 1838190]
[4.18.0-193.6.2_2]
- [documentation] x86/speculation: Add Ivy Bridge to affected list (Josh Poimboeuf) [1827191 1827192] {CVE-2020-0543}
- [documentation] x86/speculation: Add SRBDS vulnerability and mitigation documentation (Josh Poimboeuf) [1827191 1827192] {CVE-2020-0543}
- [x86] x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Josh Poimboeuf) [1827191 1827192] {CVE-2020-0543}
- [x86] x86/cpu: Add 'table' argument to cpu_matches() (Josh Poimboeuf) [1827191 1827192] {CVE-2020-0543}
- [x86] x86/cpu: Add a steppings field to struct x86_cpu_id (Josh Poimboeuf) [1827191 1827192] {CVE-2020-0543}
[4.18.0-193.6.1_2]
- [char] tpm: ibmvtpm: retry on H_CLOSED in tpm_ibmvtpm_send() (Steve Best) [1827632 1808048]
- [netdrv] bonding: fix active-backup transition after link failure (Jarod Wilson) [1838477 1819408]
- [netdrv] bonding: fix state transition issue in link monitoring (Jarod Wilson) [1838477 1819408]
- [kernel] sched/fair: Allow a per-CPU kthread waking a task to stack on the same CPU, to fix XFS performance regression (Phil Auld) [1834517 1745111]
- [block] block, bfq: fix use-after-free in bfq_idle_slice_timer_body (Ming Lei) [1835531 1835532] {CVE-2020-12657}
- [kvm] KVM: x86: use raw clock values consistently (Marcelo Tosatti) [1822498 1768622]
- [kvm] KVM: x86: reorganize pvclock_gtod_data members (Marcelo Tosatti) [1822498 1768622]
- [kvm] KVM: x86: switch KVMCLOCK base to monotonic raw clock (Marcelo Tosatti) [1822498 1768622]
[4.18.0-193.5.1_2]
- [fs] nfs: fix NULL deference in nfs4_get_valid_delegation ('J. Bruce Fields') [1837969 1831553]
[4.18.0-193.4.1_2]
- [bluetooth] Revert 'Bluetooth: btusb: driver to enable the usb-wakeup feature' (Gopal Tiwari) [1827620 1811534]
- [net] netlabel: cope with NULL catmap (Paolo Abeni) [1827249 1827251] {CVE-2020-10711}
- [mm] s390/mm: fix page table upgrade vs 2ndary address mode accesses (Vladis Dronov) [1828153 1828154] {CVE-2020-11884}
[4.18.0-193.3.1_2]
- [kernel] sched/isolation: Allow 'isolcpus=' to skip unknown sub-parameters (Peter Xu) [1832367 1799014]
- [firmware] efi: fix a mistype in comments mentioning efivar_entry_iter_begin() (Vladis Dronov) [1829527 1804417]
- [firmware] efi: add a sanity check to efivar_store_raw() (Vladis Dronov) [1829527 1804417]
- [firmware] efi: fix a race and a buffer overflow while reading efivars via sysfs (Vladis Dronov) [1829527 1804417]
- [net] net/smc: keep vlan_id for SMC-R in smc_listen_work() (Philipp Rudo) [1827631 1796890]
[4.18.0-193.2.1_2]
- [net] vti[6]: fix packet tx through bpf_redirect() in XinY cases (Sabrina Dubroca) [1821375 1795145]
- [net] xfrm interface: fix packet tx through bpf_redirect() (Sabrina Dubroca) [1821375 1795145]
- [net] vti[6]: fix packet tx through bpf_redirect() (Sabrina Dubroca) [1821375 1795145]
- [scripts] redhat: fix modpost.c prerequisites (Frantisek Hrbata) [1828229 1818499]
- [infiniband] IB/core: Avoid deadlock during netlink message handling (Kamal Heib) [1821381 1818986]
- [infiniband] RDMA/core: Support netlink commands in non init_net net namespaces (Kamal Heib) [1821381 1818986]
- [misc] mei: me: add comet point (lake) H device ids (Ken Cox) [1825262 1815355]
- [misc] mei: me: add comet point (lake) LP device ids (Ken Cox) [1825262 1815355]
- [misc] mei: define dma ring buffer sizes for PCH12 HW and newer (Ken Cox) [1825262 1815355]
- [misc] mei: hbm: define dma ring setup protocol (Ken Cox) [1825262 1815355]
- [net] SUNRPC: fix krb5p mount to provide large enough buffer in rq_rcvsize (Steve Dickson) [1826219 1825388]
- [mm] mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa (Rafael Aquini) [1827619 1763878]
- [mm] mm: thp: fix flags for pmd migration when split (Rafael Aquini) [1827619 1763878]
- [mm] mm: thp: relocate flush_cache_range() in migrate_misplaced_transhuge_page() (Rafael Aquini) [1827619 1763878]
- [mm] mm: thp: fix mmu_notifier in migrate_misplaced_transhuge_page() (Rafael Aquini) [1827619 1763878]
- [mm] mm: thp: fix MADV_DONTNEED vs migrate_misplaced_transhuge_page race condition (Rafael Aquini) [1827619 1763878]
- [md] Revert 'dm: always call blk_queue_split() in dm_process_bio()' (Mike Snitzer) [1821382 1820705]
- ID
- ELSA-2020-2427
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2020-2427.html
- Published
-
2020-06-10T00:00:00
(4 years ago) - Modified
-
2020-06-10T00:00:00
(4 years ago) - Rights
- Copyright 2020 Oracle, Inc.
- Other Advisories
-
- ALAS-2020-1366
- ALAS-2020-1382
- ALAS2-2020-1440
- ELSA-2020-5714
- ELSA-2020-5755
- MS:CVE-2020-12657
- openSUSE-SU-2020:0801-1
- RHSA-2020:2427
- RHSA-2020:2428
- RHSA-2020:2567
- SUSE-SU-2020:1587-1
- SUSE-SU-2020:1599-1
- SUSE-SU-2020:1602-1
- SUSE-SU-2020:1603-1
- SUSE-SU-2020:1604-1
- SUSE-SU-2020:1605-1
- SUSE-SU-2020:1663-1
- SUSE-SU-2020:2156-1
- SUSE-SU-2020:2478-1
- SUSE-SU-2020:2487-1
- USN-4363-1
- USN-4367-1
- USN-4368-1
- USN-4369-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2020-2427 | https://linux.oracle.com/errata/ELSA-2020-2427.html | |
CVE | CVE-2020-12657 | https://linux.oracle.com/cve/CVE-2020-12657.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python3-perf?distro=oraclelinux-8.2 | oraclelinux | python3-perf | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-8.2 | oraclelinux | perf | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-8.2 | oraclelinux | kernel | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-8.2 | oraclelinux | kernel-tools | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-8.2 | oraclelinux | kernel-tools-libs | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-8.2 | oraclelinux | kernel-tools-libs-devel | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-modules?distro=oraclelinux-8.2 | oraclelinux | kernel-modules | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-modules-extra?distro=oraclelinux-8.2 | oraclelinux | kernel-modules-extra | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-8.2 | oraclelinux | kernel-headers | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-8.2 | oraclelinux | kernel-doc | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-8.2 | oraclelinux | kernel-devel | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-8.2 | oraclelinux | kernel-debug | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-modules?distro=oraclelinux-8.2 | oraclelinux | kernel-debug-modules | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-modules-extra?distro=oraclelinux-8.2 | oraclelinux | kernel-debug-modules-extra | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-8.2 | oraclelinux | kernel-debug-devel | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-core?distro=oraclelinux-8.2 | oraclelinux | kernel-debug-core | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-cross-headers?distro=oraclelinux-8.2 | oraclelinux | kernel-cross-headers | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-core?distro=oraclelinux-8.2 | oraclelinux | kernel-core | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-8.2 | oraclelinux | kernel-abi-whitelists | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 | ||
Affected | pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-8.2 | oraclelinux | bpftool | < 4.18.0-193.6.3.el8_2 | oraclelinux-8.2 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |