[ELSA-2020-5569] Unbreakable Enterprise kernel security update

Severity Important

Affected Packages 11

CVEs 5

[4.14.35-1902.11.3]
- xfs: do async inactivation only when fs freezed (Junxiao Bi) [Orabug: 31013775]

[4.14.35-1902.11.2]
- ib/core: Cancel fmr delayed_worker when in shutdown phase of reboot system (Hans Westgaard Ry) [Orabug: 30967501]
- Revert 'printk: Default console logging level should be set to 4' (Cesar Roque) [Orabug: 30833249]
- cgroup: psi: fix memory leak when freeing a cgroup work function (Tom Hromatka) [Orabug: 30903264]

[4.14.35-1902.11.1]
- xfs: fix deadlock between shrinker and fs freeze (Junxiao Bi) [Orabug: 30657780]
- xfs: increase the default parallelism levels of pwork clients (Darrick J. Wong) [Orabug: 30657780]
- xfs: decide if inode needs inactivation (Darrick J. Wong) [Orabug: 30657780]
- xfs: refactor the predicate part of xfs_free_eofblocks (Darrick J. Wong) [Orabug: 30657780]
- mwifiex: fix unbalanced locking in mwifiex_process_country_ie() (Brian Norris) [Orabug: 30781858] {CVE-2019-14895}
- mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (Ganapathi Bhat) [Orabug: 30781858] {CVE-2019-14895} {CVE-2019-14895}
- ipmi_ssif: avoid registering duplicate ssif interface (Kamlakant Patel) [Orabug: 30916684]
- ipmi: Fix NULL pointer dereference in ssif_probe (Gustavo A. R. Silva) [Orabug: 30916684]
- uio: Fix an Oops on load (Dan Carpenter) [Orabug: 30897832]
- drm/i915: Fix use-after-free when destroying GEM context (Tyler Hicks) [Orabug: 30860457] {CVE-2020-7053}
- xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT (Darrick J. Wong) [Orabug: 30788113]
- slub: extend slub debug to handle multiple slabs (Aaron Tomlin) [Orabug: 30903135]
- RAS/CEC: Fix binary search function (Borislav Petkov) [Orabug: 30897849]
- CIFS: fix POSIX lock leak and invalid ptr deref (Aurelien Aptel) [Orabug: 30809456]
- rds: Avoid flushing MRs in rds_rdma_drop_keys (aru kolappan) [Orabug: 30681066]

[4.14.35-1902.11.0]
- rds: Avoid qp overflow when posting invalidate/register mr with frwr (Hans Westgaard Ry) [Orabug: 30888677]
- rds: Use bitmap to designate dropped connections (Hakon Bugge) [Orabug: 30852643]
- rds: prevent use-after-free of rds conn in rds_send_drop_to() (Sharath Srinivasan) [Orabug: 30865079]
- media: b2c2-flexcop-usb: add sanity checking (Oliver Neukum) [Orabug: 30864532] {CVE-2019-15291}
- KVM: vmx: use MSR_IA32_TSX_CTRL to hard-disable TSX on guest that lack it (Paolo Bonzini) [Orabug: 30846856]
- KVM: vmx: implement MSR_IA32_TSX_CTRL disable RTM functionality (Paolo Bonzini) [Orabug: 30846856]
- KVM: x86: implement MSR_IA32_TSX_CTRL effect on CPUID (Paolo Bonzini) [Orabug: 30846856]
- KVM: x86: do not modify masked bits of shared MSRs (Paolo Bonzini) [Orabug: 30846856]
- KVM: x86: fix presentation of TSX feature in ARCH_CAPABILITIES (Paolo Bonzini) [Orabug: 30846856]
- xen/ovmapi: whitelist more caches (Boris Ostrovsky) [Orabug: 30837856]
- mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() (qize wang) [Orabug: 30819438] {CVE-2019-14901}
- drm/i915/gen9: Clear residual context state on context switch (Akeem G Abodunrin) [Orabug: 30773852] {CVE-2019-14615} {CVE-2019-14615}
- rds: unlock rs_snd_lock before calling rhashtable_insert_fast (aru kolappan) [Orabug: 30734590]

Package	Affected Version
pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7	< 4.14.35-1902.11.3.el7uek
pkg:rpm/oraclelinux/perf?distro=oraclelinux-7	< 4.14.35-1902.11.3.el7uek
pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7	< 4.14.35-1902.11.3.el7uek
pkg:rpm/oraclelinux/kernel-uek-tools?distro=oraclelinux-7	< 4.14.35-1902.11.3.el7uek
pkg:rpm/oraclelinux/kernel-uek-tools-libs?distro=oraclelinux-7	< 4.14.35-1902.11.3.el7uek
pkg:rpm/oraclelinux/kernel-uek-tools-libs-devel?distro=oraclelinux-7	< 4.14.35-1902.11.3.el7uek
pkg:rpm/oraclelinux/kernel-uek-headers?distro=oraclelinux-7	< 4.14.35-1902.11.3.el7uek
pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7	< 4.14.35-1902.11.3.el7uek
pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7	< 4.14.35-1902.11.3.el7uek
pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7	< 4.14.35-1902.11.3.el7uek
pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7	< 4.14.35-1902.11.3.el7uek

ID

ELSA-2020-5569

Severity

important

URL

https://linux.oracle.com/errata/ELSA-2020-5569.html

Published

2020-03-15T00:00:00
(4 years ago)

Modified

2020-03-15T00:00:00
(4 years ago)

Rights

Other Advisories

Source	# ID	URL
elsa	ELSA-2020-5569	https://linux.oracle.com/errata/ELSA-2020-5569.html
CVE	CVE-2019-14895	https://linux.oracle.com/cve/CVE-2019-14895.html
CVE	CVE-2019-14615	https://linux.oracle.com/cve/CVE-2019-14615.html
CVE	CVE-2019-14901	https://linux.oracle.com/cve/CVE-2019-14901.html
CVE	CVE-2019-15291	https://linux.oracle.com/cve/CVE-2019-15291.html
CVE	CVE-2020-7053	https://linux.oracle.com/cve/CVE-2020-7053.html

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7	oraclelinux	python-perf	< 4.14.35-1902.11.3.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/perf?distro=oraclelinux-7	oraclelinux	perf	< 4.14.35-1902.11.3.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7	oraclelinux	kernel-uek	< 4.14.35-1902.11.3.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-tools?distro=oraclelinux-7	oraclelinux	kernel-uek-tools	< 4.14.35-1902.11.3.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-tools-libs?distro=oraclelinux-7	oraclelinux	kernel-uek-tools-libs	< 4.14.35-1902.11.3.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-tools-libs-devel?distro=oraclelinux-7	oraclelinux	kernel-uek-tools-libs-devel	< 4.14.35-1902.11.3.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-headers?distro=oraclelinux-7	oraclelinux	kernel-uek-headers	< 4.14.35-1902.11.3.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7	oraclelinux	kernel-uek-doc	< 4.14.35-1902.11.3.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7	oraclelinux	kernel-uek-devel	< 4.14.35-1902.11.3.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7	oraclelinux	kernel-uek-debug	< 4.14.35-1902.11.3.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7	oraclelinux	kernel-uek-debug-devel	< 4.14.35-1902.11.3.el7uek	oraclelinux-7

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date