[ELSA-2020-5714] Unbreakable Enterprise kernel security update
[5.4.17-2011.3.2.1uek]
- x86/speculation: Add Ivy Bridge to affected list (Josh Poimboeuf) [Orabug: 31352779] {CVE-2020-0543}
- x86/speculation: Add SRBDS vulnerability and mitigation documentation (Mark Gross) [Orabug: 31352779] {CVE-2020-0543}
- x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Mark Gross) [Orabug: 31352779] {CVE-2020-0543}
- x86/cpu: Add 'table' argument to cpu_matches() (Mark Gross) [Orabug: 31352779] {CVE-2020-0543}
- x86/cpu: Add a steppings field to struct x86_cpu_id (Mark Gross) [Orabug: 31352779] {CVE-2020-0543}
- x86/speculation/spectre_v2: Exclude Zhaoxin CPUs from SPECTRE_V2 (Tony W Wang-oc) [Orabug: 31352779] {CVE-2020-0543}
[5.4.17-2011.3.2uek]
- USB: core: Fix free-while-in-use bug in the USB S-Glibrary (Alan Stern) [Orabug: 31350962] {CVE-2020-12464}
- mt76: fix array overflow on receiving too many fragments for a packet (Felix Fietkau) [Orabug: 31350952] {CVE-2020-12465}
- mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() (Qing Xu) [Orabug: 31350929] {CVE-2020-12653}
- block, bfq: fix use-after-free in bfq_idle_slice_timer_body (Zhiqiang Liu) [Orabug: 31350910] {CVE-2020-12657}
- xsk: Add missing check on user supplied headroom size (Magnus Karlsson) [Orabug: 31350732] {CVE-2020-12659}
- mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() (Qing Xu) [Orabug: 31350513] {CVE-2020-12654}
- xen/manage: enable C_A_D to force reboot (Dongli Zhang) [Orabug: 31387411]
- KVM: x86: Fixes posted interrupt check for IRQs delivery modes (Suravee Suthikulpanit) [Orabug: 31316437]
- Revert 'Revert 'nvme_fc: add module to ops template to allow module references'' (James Smart) [Orabug: 31377552]
- uek-rpm: Move grub boot menu update to posttrans stage. (Somasundaram Krishnasamy) [Orabug: 31358097]
- KVM: SVM: Fix potential memory leak in svm_cpu_init() (Miaohe Lin) [Orabug: 31350455] {CVE-2020-12768}
[5.4.17-2011.3.1uek]
- intel_idle: Use ACPI _CST for processor models without C-state tables (Rafael J. Wysocki) [Orabug: 31332120]
- ACPI: processor: Export acpi_processor_evaluate_cst() (Rafael J. Wysocki) [Orabug: 31332120]
- ACPI: processor: Clean up acpi_processor_evaluate_cst() (Rafael J. Wysocki) [Orabug: 31332120]
- ACPI: processor: Introduce acpi_processor_evaluate_cst() (Rafael J. Wysocki) [Orabug: 31332120]
- ACPI: processor: Export function to claim _CST control (Rafael J. Wysocki) [Orabug: 31332120]
- rds: ib: Fix dysfunctional long address resolve timeout (Hakon Bugge) [Orabug: 31302704]
- KVM: x86: Revert 'KVM: X86: Fix fpu state crash in kvm guest' (Sean Christopherson) [Orabug: 31333676]
- KVM: x86: Ensure guests FPU state is loaded when accessing for emulation (Sean Christopherson) [Orabug: 31333676]
- KVM: x86: Handle TIF_NEED_FPU_LOAD in kvm_{load,put}_guest_fpu() (Sean Christopherson) [Orabug: 31333676]
- net: dsa: Do not leave DSA master with NULL netdev_ops (Florian Fainelli) [Orabug: 30456791]
- Revert 'dsa: disable module unloading for ARM64' (Allen Pais) [Orabug: 30456791]
[5.4.17-2011.3.0uek]
- NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals (Robert Milkowski) [Orabug: 31304406]
- NFSv4: try lease recovery on NFS4ERR_EXPIRED (Robert Milkowski) [Orabug: 31304406]
- btrfs: Dont submit any btree write bio if the fs has errors (Qu Wenruo) [Orabug: 31265336] {CVE-2019-19377} {CVE-2019-19377}
- ID
- ELSA-2020-5714
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2020-5714.html
- Published
-
2020-06-09T00:00:00
(4 years ago) - Modified
-
2020-06-09T00:00:00
(4 years ago) - Rights
- Copyright 2020 Oracle, Inc.
- Other Advisories
-
-
ALAS-2020-1366
-
ALAS-2020-1382
-
ALAS-2020-1396
-
ALAS-2020-1401
-
ALAS2-2020-1440
-
ALAS2-2020-1444
-
ALAS2-2020-1465
-
ALPINE:CVE-2020-0543
-
ALSA-2020:4431
-
ALSA-2021:1578
-
ALSA-2021:3027
-
ASA-202006-10
-
ASB-A-156071259
-
DSA-4698-1
-
DSA-4699-1
-
DSA-4701-1
-
ELSA-2020-2427
-
ELSA-2020-2431
-
ELSA-2020-2432
-
ELSA-2020-2433
-
ELSA-2020-3010
-
ELSA-2020-3220
-
ELSA-2020-5715
-
ELSA-2020-5722
-
ELSA-2020-5732
-
ELSA-2020-5750
-
ELSA-2020-5755
-
ELSA-2020-5756
-
ELSA-2020-5913
-
ELSA-2021-1578
-
ELSA-2021-3027
-
ELSA-2021-3028
-
ELSA-2021-9002
-
ELSA-2021-9030
-
ELSA-2022-10065
-
ELSA-2022-9969
-
FEDORA-2020-11ddbfbdf0
-
FEDORA-2020-1afbe7ba2d
-
FEDORA-2020-3364913ace
-
FEDORA-2020-e47d28bc2b
-
FEDORA-2020-e8835a5f8e
-
FREEBSD:FBCBA194-AC7D-11EA-8B5E-B42E99A1B9C3
-
MS:CVE-2020-12464
-
MS:CVE-2020-12465
-
MS:CVE-2020-12653
-
MS:CVE-2020-12654
-
MS:CVE-2020-12657
-
MS:CVE-2020-12659
-
MS:CVE-2020-12768
-
openSUSE-SU-2020:0791-1
-
openSUSE-SU-2020:0801-1
-
openSUSE-SU-2020:0818-1
-
openSUSE-SU-2020:0965-1
-
openSUSE-SU-2020:0985-1
-
openSUSE-SU-2021:0242-1
-
openSUSE-SU-2022:2177-1
-
RHSA-2020:2427
-
RHSA-2020:2428
-
RHSA-2020:2431
-
RHSA-2020:2432
-
RHSA-2020:2433
-
RHSA-2020:2567
-
RHSA-2020:3010
-
RHSA-2020:3016
-
RHSA-2020:3220
-
RHSA-2020:3221
-
RHSA-2020:4431
-
RHSA-2020:4609
-
RHSA-2021:1578
-
RHSA-2021:1739
-
RHSA-2021:3027
-
RHSA-2021:3028
-
SSA:2020-163-01
-
SUSE-SU-2020:1452-1
-
SUSE-SU-2020:1475-1
-
SUSE-SU-2020:1486-1
-
SUSE-SU-2020:1587-1
-
SUSE-SU-2020:1589-1
-
SUSE-SU-2020:1595-1
-
SUSE-SU-2020:1596-1
-
SUSE-SU-2020:1597-1
-
SUSE-SU-2020:1599-1
-
SUSE-SU-2020:1600-1
-
SUSE-SU-2020:1601-1
-
SUSE-SU-2020:1602-1
-
SUSE-SU-2020:1603-1
-
SUSE-SU-2020:1604-1
-
SUSE-SU-2020:1605-1
-
SUSE-SU-2020:1609-1
-
SUSE-SU-2020:1630-1
-
SUSE-SU-2020:1632-1
-
SUSE-SU-2020:1633-1
-
SUSE-SU-2020:1634-1
-
SUSE-SU-2020:1663-1
-
SUSE-SU-2020:1779-1
-
SUSE-SU-2020:1887-1
-
SUSE-SU-2020:1889-1
-
SUSE-SU-2020:1902-1
-
SUSE-SU-2020:2156-1
-
SUSE-SU-2020:2478-1
-
SUSE-SU-2020:2487-1
-
SUSE-SU-2020:2822-1
-
SUSE-SU-2021:1497-1
-
SUSE-SU-2022:2077-1
-
SUSE-SU-2022:2078-1
-
SUSE-SU-2022:2079-1
-
SUSE-SU-2022:2080-1
-
SUSE-SU-2022:2082-1
-
SUSE-SU-2022:2103-1
-
SUSE-SU-2022:2104-1
-
SUSE-SU-2022:2111-1
-
SUSE-SU-2022:2116-1
-
SUSE-SU-2022:2177-1
-
SUSE-SU-2022:2393-1
-
SUSE-SU-2022:2629-1
-
USN-4363-1
-
USN-4367-1
-
USN-4368-1
-
USN-4369-1
-
USN-4385-1
-
USN-4387-1
-
USN-4388-1
-
USN-4389-1
-
USN-4390-1
-
USN-4391-1
-
USN-4392-1
-
USN-4393-1
-
USN-4411-1
-
USN-4412-1
-
USN-4413-1
-
USN-4414-1
-
USN-5617-1
-
XSA-320
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2020-5714 |
|
|
| CVE | CVE-2020-12653 |
|
|
| CVE | CVE-2020-12768 |
|
|
| CVE | CVE-2020-12657 |
|
|
| CVE | CVE-2020-12659 |
|
|
| CVE | CVE-2020-12654 |
|
|
| CVE | CVE-2020-12464 |
|
|
| CVE | CVE-2019-19377 |
|
|
| CVE | CVE-2020-0543 |
|
|
| CVE | CVE-2020-12465 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux |
 python-perf
|
< 5.4.17-2011.3.2.1.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux |
perf
|
< 5.4.17-2011.3.2.1.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-8 | oraclelinux |
kernel-uek
|
< 5.4.17-2011.3.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux |
kernel-uek
|
< 5.4.17-2011.3.2.1.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-tools?distro=oraclelinux-7 | oraclelinux |
kernel-uek-tools
|
< 5.4.17-2011.3.2.1.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-tools-libs?distro=oraclelinux-7 | oraclelinux |
kernel-uek-tools-libs
|
< 5.4.17-2011.3.2.1.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-8 | oraclelinux |
kernel-uek-doc
|
< 5.4.17-2011.3.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux |
kernel-uek-doc
|
< 5.4.17-2011.3.2.1.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-8 | oraclelinux |
kernel-uek-devel
|
< 5.4.17-2011.3.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-devel
|
< 5.4.17-2011.3.2.1.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-8 | oraclelinux |
kernel-uek-debug
|
< 5.4.17-2011.3.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug
|
< 5.4.17-2011.3.2.1.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-8 | oraclelinux |
kernel-uek-debug-devel
|
< 5.4.17-2011.3.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug-devel
|
< 5.4.17-2011.3.2.1.el7uek | oraclelinux-7 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |