[ELSA-2020-5533] Unbreakable Enterprise kernel security update
[4.14.35-1902.10.7]
- rtlwifi: Fix potential overflow on P2P code (Laura Abbott) [Orabug: 30807747] {CVE-2019-17666}
- rds: fix an infoleak in rds_inc_info_copy (Kangjie Lu) [Orabug: 30770961] {CVE-2016-5244}
- KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) (Paolo Bonzini) [Orabug: 30658694] {CVE-2019-19332}
[4.14.35-1902.10.6]
- IB/mlx4: Fix use after free in RDMA CM disconnect code path (Manjunath Patil)
- RDMA/cma: Relax device check in cma_match_net_dev() (Hakon Bugge) [Orabug: 30809126]
- IB/mlx4: Fix leak in id_map_find_del (Hakon Bugge) [Orabug: 30805810]
- net: IP6 defrag: use rbtrees in nf_conntrack_reasm.c (Peter Oskolkov) [Orabug: 30787503]
- net: IP6 defrag: use rbtrees for IPv6 defrag (Peter Oskolkov) [Orabug: 30787503]
- ipv6: remove dependency of nf_defrag_ipv6 on ipv6 module (Florian Westphal) [Orabug: 30787503]
- net: IP defrag: encapsulate rbtree defrag code into callable functions (Peter Oskolkov) [Orabug: 30787503]
- ipv6: frags: fix a lockdep false positive (Eric Dumazet) [Orabug: 30787503]
[4.14.35-1902.10.5]
- drm/i915/cmdparser: Fix jump whitelist clearing (Ben Hutchings) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/gen8+: Add RC6 CTX corruption WA (Imre Deak) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Lower RM timeout to avoid DSI hard hangs (Uma Shankar) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/cmdparser: Ignore Length operands during command matching (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/cmdparser: Add support for backward jumps (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/cmdparser: Use explicit goto for error paths (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Add gen9 BCS cmdparsing (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Allow parsing of unsized batches (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Add support for mandatory cmdparsing (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Remove Master tables from cmdparser (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Disable Secure Batches for gen6+ (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Rename gen7 cmdparser tables (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Move engine->needs_cmd_parser to engine->flags (Tvrtko Ursulin) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Dont use GPU relocations prior to cmdparser stalls (Chris Wilson) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Silence smatch for cmdparser (Chris Wilson) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/cmdparser: Do not check past the cmd length. (Michal Srb) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/cmdparser: Check reg_table_count before derefencing. (Michal Srb) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Prevent writing into a read-only object via a GGTT mmap (Chris Wilson) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/gtt: Disable read-only support under GVT (Chris Wilson) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/gtt: Read-only pages for insert_entries on bdw+ (Vivi, Rodrigo) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/gtt: Add read only pages to gen8_pte_encode (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- blk-wbt: Avoid lock contention and thundering herd issue in wbt_wait (Anchal Agarwal) [Orabug: 30681025]
- x86: microcode: propagate return value to siblings (Mihai Carabas) [Orabug: 30557081]
- x86/bugs: TSX not disabled at late loading (Mihai Carabas) [Orabug: 30557081]
- x86/bugs: missed initconst cpu_vuln_whitelist used at late loading (Mihai Carabas) [Orabug: 30659681]
- mwifiex: Fix mem leak in mwifiex_tm_cmd (YueHaibing) [Orabug: 30732918] {CVE-2019-20095}
- fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links (YueHaibing) [Orabug: 30732937] {CVE-2019-20054}
- fjes: Handle workqueue allocation failure (Will Deacon) [Orabug: 30771875] {CVE-2019-16231}
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | < 4.14.35-1902.10.7.el7uek |
pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | < 4.14.35-1902.10.7.el7uek |
pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | < 4.14.35-1902.10.7.el7uek |
pkg:rpm/oraclelinux/kernel-uek-tools?distro=oraclelinux-7 | < 4.14.35-1902.10.7.el7uek |
pkg:rpm/oraclelinux/kernel-uek-tools-libs?distro=oraclelinux-7 | < 4.14.35-1902.10.7.el7uek |
pkg:rpm/oraclelinux/kernel-uek-tools-libs-devel?distro=oraclelinux-7 | < 4.14.35-1902.10.7.el7uek |
pkg:rpm/oraclelinux/kernel-uek-headers?distro=oraclelinux-7 | < 4.14.35-1902.10.7.el7uek |
pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | < 4.14.35-1902.10.7.el7uek |
pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | < 4.14.35-1902.10.7.el7uek |
pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | < 4.14.35-1902.10.7.el7uek |
pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | < 4.14.35-1902.10.7.el7uek |
- ID
- ELSA-2020-5533
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2020-5533.html
- Published
-
2020-02-10T00:00:00
(4 years ago) - Modified
-
2020-02-10T00:00:00
(4 years ago) - Rights
- Copyright 2020 Oracle, Inc.
- Other Advisories
-
- ALAS-2016-726
- ALAS-2020-1338
- ALAS2-2020-1392
- ALAS2-2020-1480
- ALSA-2020:4431
- ASA-201911-10
- ASA-201911-11
- ASA-201911-12
- ASA-201911-9
- DSA-3607-1
- DSA-4564-1
- DSA-4699-1
- ELSA-2019-3832
- ELSA-2019-3834
- ELSA-2019-3836
- ELSA-2020-0339
- ELSA-2020-0834
- ELSA-2020-1524
- ELSA-2020-3010
- ELSA-2020-4060
- ELSA-2020-5526
- ELSA-2020-5528
- ELSA-2020-5535
- ELSA-2020-5670
- ELSA-2020-5866
- ELSA-2020-5879
- FEDORA-2016-3daf782dfa
- FEDORA-2016-80edb9d511
- FEDORA-2016-e0f3fcd7df
- FEDORA-2019-021c968423
- FEDORA-2019-124a241044
- FEDORA-2019-1689d3fe07
- FEDORA-2019-34a75d7e61
- FEDORA-2019-39e97683e8
- FEDORA-2019-68d7f68507
- FEDORA-2019-6a67ff8793
- FEDORA-2019-7a3fc17778
- FEDORA-2019-8846a1a5a2
- FEDORA-2019-91f6e7bb71
- FEDORA-2019-b86a7bdba0
- FEDORA-2020-203ffedeb5
- FEDORA-2020-227a4c0530
- FEDORA-2020-2a5cdd665c
- FEDORA-2020-3cd64d683c
- FEDORA-2020-c2d89d14d0
- FEDORA-2020-e328697628
- FEDORA-2020-f884f9dd7d
- FEDORA-2020-fe00e12580
- FREEBSD:ECB7FDEC-0B82-11EA-874D-0C9D925BBBC0
- openSUSE-SU-2019:2173-1
- openSUSE-SU-2019:2181-1
- openSUSE-SU-2019:2392-1
- openSUSE-SU-2019:2444-1
- openSUSE-SU-2019:2503-1
- openSUSE-SU-2019:2507-1
- openSUSE-SU-2020:0336-1
- RHSA-2019:3832
- RHSA-2019:3833
- RHSA-2019:3834
- RHSA-2019:3835
- RHSA-2019:3836
- RHSA-2020:0328
- RHSA-2020:0339
- RHSA-2020:0834
- RHSA-2020:0839
- RHSA-2020:1524
- RHSA-2020:3010
- RHSA-2020:3016
- RHSA-2020:4060
- RHSA-2020:4062
- RHSA-2020:4431
- RHSA-2020:4609
- SSA:2019-320-01
- SSA:2020-008-01
- SUSE-SU-2016:1672-1
- SUSE-SU-2016:1690-1
- SUSE-SU-2016:1937-1
- SUSE-SU-2016:1985-1
- SUSE-SU-2016:2105-1
- SUSE-SU-2016:2245-1
- SUSE-SU-2017:0333-1
- SUSE-SU-2019:2412-1
- SUSE-SU-2019:2414-1
- SUSE-SU-2019:2424-1
- SUSE-SU-2019:2648-1
- SUSE-SU-2019:2651-1
- SUSE-SU-2019:2658-1
- SUSE-SU-2019:2738-1
- SUSE-SU-2019:2756-1
- SUSE-SU-2019:2879-1
- SUSE-SU-2019:2946-1
- SUSE-SU-2019:2947-1
- SUSE-SU-2019:2948-1
- SUSE-SU-2019:2949-1
- SUSE-SU-2019:2951-1
- SUSE-SU-2019:2952-1
- SUSE-SU-2019:2953-1
- SUSE-SU-2019:2984-1
- SUSE-SU-2019:3200-1
- SUSE-SU-2019:3223-1
- SUSE-SU-2019:3224-1
- SUSE-SU-2019:3233-1
- SUSE-SU-2019:3237-1
- SUSE-SU-2019:3246-1
- SUSE-SU-2019:3247-1
- SUSE-SU-2019:3252-1
- SUSE-SU-2019:3289-1
- SUSE-SU-2019:3294-1
- SUSE-SU-2019:3295-1
- SUSE-SU-2019:3316-1
- SUSE-SU-2019:3317-1
- SUSE-SU-2019:3371-1
- SUSE-SU-2019:3372-1
- SUSE-SU-2019:3379-1
- SUSE-SU-2019:3381-1
- SUSE-SU-2019:3389-1
- SUSE-SU-2020:0093-1
- SUSE-SU-2020:0511-1
- SUSE-SU-2020:0559-1
- SUSE-SU-2020:0560-1
- SUSE-SU-2020:0580-1
- SUSE-SU-2020:0584-1
- SUSE-SU-2020:0599-1
- SUSE-SU-2020:0613-1
- SUSE-SU-2020:1255-1
- SUSE-SU-2020:1275-1
- SUSE-SU-2020:1663-1
- USN-3070-1
- USN-3070-2
- USN-3070-3
- USN-3070-4
- USN-3071-1
- USN-3071-2
- USN-3072-1
- USN-3072-2
- USN-4183-1
- USN-4184-1
- USN-4185-1
- USN-4186-1
- USN-4186-2
- USN-4225-1
- USN-4225-2
- USN-4226-1
- USN-4227-1
- USN-4227-2
- USN-4254-1
- USN-4254-2
- USN-4258-1
- USN-4284-1
- USN-4287-1
- USN-4287-2
- USN-4300-1
- USN-4301-1
- USN-4904-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2020-5533 | https://linux.oracle.com/errata/ELSA-2020-5533.html | |
CVE | CVE-2019-16231 | https://linux.oracle.com/cve/CVE-2019-16231.html | |
CVE | CVE-2019-20054 | https://linux.oracle.com/cve/CVE-2019-20054.html | |
CVE | CVE-2019-17666 | https://linux.oracle.com/cve/CVE-2019-17666.html | |
CVE | CVE-2016-5244 | https://linux.oracle.com/cve/CVE-2016-5244.html | |
CVE | CVE-2019-20095 | https://linux.oracle.com/cve/CVE-2019-20095.html | |
CVE | CVE-2019-3016 | https://linux.oracle.com/cve/CVE-2019-3016.html | |
CVE | CVE-2019-0154 | https://linux.oracle.com/cve/CVE-2019-0154.html | |
CVE | CVE-2019-15917 | https://linux.oracle.com/cve/CVE-2019-15917.html | |
CVE | CVE-2019-19332 | https://linux.oracle.com/cve/CVE-2019-19332.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux | python-perf | < 4.14.35-1902.10.7.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux | perf | < 4.14.35-1902.10.7.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux | kernel-uek | < 4.14.35-1902.10.7.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-tools?distro=oraclelinux-7 | oraclelinux | kernel-uek-tools | < 4.14.35-1902.10.7.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-tools-libs?distro=oraclelinux-7 | oraclelinux | kernel-uek-tools-libs | < 4.14.35-1902.10.7.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-tools-libs-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-tools-libs-devel | < 4.14.35-1902.10.7.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-headers?distro=oraclelinux-7 | oraclelinux | kernel-uek-headers | < 4.14.35-1902.10.7.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux | kernel-uek-doc | < 4.14.35-1902.10.7.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-devel | < 4.14.35-1902.10.7.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug | < 4.14.35-1902.10.7.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug-devel | < 4.14.35-1902.10.7.el7uek | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |