[ELSA-2020-5756] Unbreakable Enterprise kernel security update
[5.4.17-2011.4.4uek]
- KVM: VMX: Explicitly clear RFLAGS.CF and RFLAGS.ZF in VM-Exit RSB path (Sean Christopherson) [Orabug: 31536904]
[5.4.17-2011.4.3uek]
- NFS: replace cross device check in copy_file_range (Olga Kornievskaia) [Orabug: 31507615]
- rds: Fix potential use after free in rds_ib_inc_free (Hans Westgaard Ry) [Orabug: 31504052]
- perf/smmuv3: Allow sharing MMIO registers with the SMMU driver (Jean-Philippe Brucker) [Orabug: 31422283]
- perf/smmuv3: use devm_platform_ioremap_resource() to simplify code (YueHaibing) [Orabug: 31422283]
- ACPI/IORT: Fix PMCG node single ID mapping handling (Tuan Phan) [Orabug: 31422283]
- uek-rpm: Increase CONFIG_NODES_SHIFT from 2 to 3 (Dave Kleikamp) [Orabug: 31422283]
- perf: avoid breaking KABI by reusing enum (Dave Kleikamp) [Orabug: 31422283]
- uek-rpm: update aarch64 configs for Ampere eMAG2 (Dave Kleikamp) [Orabug: 31422283]
- perf: arm_dmc620: Update ACPI ID. (Tuan Phan) [Orabug: 31422283]
- perf: arm_dsu: Support ACPI mode. (Tuan Phan) [Orabug: 31422283]
- perf: arm_dsu: Allow IRQ to be shared among devices. (Tuan Phan) [Orabug: 31422283]
- perf: arm_cmn: improve and make it work on 2P. (Tuan Phan) [Orabug: 31422283]
- Perf: arm-cmn: Allow irq to be shared. (Tuan Phan) [Orabug: 31422283]
- BACKPORT: arm64: acpi: Make apei_claim_sea() synchronise with APEI's irq work (James Morse) [Orabug: 31422283]
- BACKPORT: ACPI / APEI: Kick the memory_failure() queue for synchronous errors (James Morse) [Orabug: 31422283]
- BACKPORT: mm/memory-failure: Add memory_failure_queue_kick() (James Morse) [Orabug: 31422283]
- perf: Add ARM DMC-620 PMU driver. (Tuan Phan) [Orabug: 31422283]
- BACKPORT: WIP: perf/arm-cmn: Add ACPI support (Robin Murphy) [Orabug: 31422283]
- BACKPORT: WIP: perf: Add Arm CMN-600 PMU driver (Robin Murphy) [Orabug: 31422283]
- BACKPORT: perf: Add Arm CMN-600 DT binding (Robin Murphy) [Orabug: 31422283]
- net/rds: NULL pointer de-reference in rds_ib_add_one() (Ka-Cheong Poon) [Orabug: 30984983]
- mm: Fix mremap not considering huge pmd devmap (Fan Yang) [Orabug: 31452396] {CVE-2020-10757} {CVE-2020-10757}
[5.4.17-2011.4.2uek]
- UEK6 compiler warning for /net/rds/ib.c (Sharath Srinivasan) [Orabug: 31489529]
- UEK6 compiler warning for /net/rds/send.c (Sharath Srinivasan) [Orabug: 31489529]
- Fix up two build warnings in the UEK6 GA tree (Jack Vogel) [Orabug: 31489333]
- drivers/scsi/scsi_scan.c Fix the compiler warning. (Sudhakar Panneerselvam) [Orabug: 31489322]
- x86/retpoline: Fix retpoline unwind (Peter Zijlstra) [Orabug: 31077463] [Orabug: 31489320]
- x86: Change {JMP,CALL}_NOSPEC argument (Peter Zijlstra) [Orabug: 31077463] [Orabug: 31489320]
- x86: Simplify retpoline declaration (Peter Zijlstra) [Orabug: 31077463] [Orabug: 31489320]
- x86/speculation: Change STUFF_RSB to work with objtool (Alexandre Chartre) [Orabug: 31077463] [Orabug: 31489320]
- x86/speculation: Change FILL_RETURN_BUFFER to work with objtool (Peter Zijlstra) [Orabug: 31077463] [Orabug: 31489320]
- x86/unwind: Introduce UNWIND_HINT_EMPTY_ASM (Alexandre Chartre) [Orabug: 31077463] [Orabug: 31489320]
- objtool: Add support for intra-function calls (Alexandre Chartre) [Orabug: 31077463] [Orabug: 31489320]
- objtool: Remove INSN_STACK (Peter Zijlstra) [Orabug: 31077463] [Orabug: 31489320]
- objtool: Make handle_insn_ops() unconditional (Peter Zijlstra) [Orabug: 31077463] [Orabug: 31489320]
- objtool: Rework allocating stack_ops on decode (Peter Zijlstra) [Orabug: 31077463] [Orabug: 31489320]
- objtool: UNWIND_HINT_RET_OFFSET should not check registers (Alexandre Chartre) [Orabug: 31077463] [Orabug: 31489320]
- objtool: is_fentry_call() crashes if call has no destination (Alexandre Chartre) [Orabug: 31077463] [Orabug: 31489320]
- objtool: Uniquely identify alternative instruction groups (Alexandre Chartre) [Orabug: 31077463] [Orabug: 31489320]
- objtool: Remove check preventing branches within alternative (Julien Thierry) [Orabug: 31077463] [Orabug: 31489320]
- objtool: Introduce HINT_RET_OFFSET (Peter Zijlstra) [Orabug: 31077463] [Orabug: 31489320]
- objtool: Support multiple stack_op per instruction (Julien Thierry) [Orabug: 31077463] [Orabug: 31489320]
}
- ID
- ELSA-2020-5756
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2020-5756.html
- Published
-
2020-07-14T00:00:00
(4 years ago) - Modified
-
2020-07-14T00:00:00
(4 years ago) - Rights
- Copyright 2020 Oracle, Inc.
- Other Advisories
-
-
ALAS-2020-1366
-
ALAS-2020-1377
-
ALAS-2020-1382
-
ALAS-2020-1396
-
ALAS-2020-1401
-
ALAS2-2020-1425
-
ALAS2-2020-1431
-
ALAS2-2020-1444
-
ALAS2-2020-1465
-
ALAS2-2020-1480
-
ALPINE:CVE-2020-0543
-
ALSA-2020:4431
-
ALSA-2021:3027
-
ASA-202006-10
-
ASB-A-150693748
-
DSA-4698-1
-
DSA-4699-1
-
DSA-4701-1
-
ELSA-2020-2082
-
ELSA-2020-2102
-
ELSA-2020-2103
-
ELSA-2020-2431
-
ELSA-2020-2432
-
ELSA-2020-2433
-
ELSA-2020-3010
-
ELSA-2020-3220
-
ELSA-2020-4060
-
ELSA-2020-5714
-
ELSA-2020-5715
-
ELSA-2020-5722
-
ELSA-2020-5732
-
ELSA-2020-5750
-
ELSA-2020-5755
-
ELSA-2021-3027
-
ELSA-2021-3028
-
ELSA-2021-9002
-
ELSA-2022-9852
-
ELSA-2022-9969
-
FEDORA-2020-07f0be216f
-
FEDORA-2020-11ddbfbdf0
-
FEDORA-2020-1afbe7ba2d
-
FEDORA-2020-203ffedeb5
-
FEDORA-2020-3364913ace
-
FEDORA-2020-4336d63533
-
FEDORA-2020-4c69987c40
-
FEDORA-2020-5a69decc0c
-
FEDORA-2020-73c00eda1c
-
FEDORA-2020-76966b3419
-
FEDORA-2020-c6b9fff7f8
-
FEDORA-2020-e47d28bc2b
-
FEDORA-2020-e8835a5f8e
-
FREEBSD:FBCBA194-AC7D-11EA-8B5E-B42E99A1B9C3
-
MS:CVE-2020-10711
-
MS:CVE-2020-10757
-
MS:CVE-2020-12655
-
MS:CVE-2020-12770
-
openSUSE-SU-2020:0791-1
-
openSUSE-SU-2020:0801-1
-
openSUSE-SU-2020:0818-1
-
openSUSE-SU-2020:0935-1
-
openSUSE-SU-2020:0965-1
-
openSUSE-SU-2020:0985-1
-
openSUSE-SU-2021:0242-1
-
openSUSE-SU-2021:0532-1
-
openSUSE-SU-2021:0758-1
-
openSUSE-SU-2021:1975-1
-
openSUSE-SU-2021:1977-1
-
openSUSE-SU-2021:3179-1
-
openSUSE-SU-2021:3205-1
-
openSUSE-SU-2021:3876-1
-
RHSA-2020:2082
-
RHSA-2020:2085
-
RHSA-2020:2102
-
RHSA-2020:2103
-
RHSA-2020:2125
-
RHSA-2020:2171
-
RHSA-2020:2431
-
RHSA-2020:2432
-
RHSA-2020:2433
-
RHSA-2020:3010
-
RHSA-2020:3016
-
RHSA-2020:3220
-
RHSA-2020:3221
-
RHSA-2020:4060
-
RHSA-2020:4062
-
RHSA-2020:4431
-
RHSA-2020:4609
-
RHSA-2021:3027
-
RHSA-2021:3028
-
SSA:2020-163-01
-
SUSE-SU-2020:1587-1
-
SUSE-SU-2020:1589-1
-
SUSE-SU-2020:1595-1
-
SUSE-SU-2020:1596-1
-
SUSE-SU-2020:1597-1
-
SUSE-SU-2020:1599-1
-
SUSE-SU-2020:1600-1
-
SUSE-SU-2020:1601-1
-
SUSE-SU-2020:1602-1
-
SUSE-SU-2020:1603-1
-
SUSE-SU-2020:1604-1
-
SUSE-SU-2020:1605-1
-
SUSE-SU-2020:1609-1
-
SUSE-SU-2020:1630-1
-
SUSE-SU-2020:1632-1
-
SUSE-SU-2020:1633-1
-
SUSE-SU-2020:1634-1
-
SUSE-SU-2020:1646-1
-
SUSE-SU-2020:1656-1
-
SUSE-SU-2020:1663-1
-
SUSE-SU-2020:1671-1
-
SUSE-SU-2020:1754-1
-
SUSE-SU-2020:1758-1
-
SUSE-SU-2020:1764-1
-
SUSE-SU-2020:1767-1
-
SUSE-SU-2020:1775-1
-
SUSE-SU-2020:1779-1
-
SUSE-SU-2020:1781-1
-
SUSE-SU-2020:1784-1
-
SUSE-SU-2020:1887-1
-
SUSE-SU-2020:1889-1
-
SUSE-SU-2020:1902-1
-
SUSE-SU-2020:2027-1
-
SUSE-SU-2020:2105-1
-
SUSE-SU-2020:2134-1
-
SUSE-SU-2020:2152-1
-
SUSE-SU-2020:2156-1
-
SUSE-SU-2020:2478-1
-
SUSE-SU-2020:2487-1
-
SUSE-SU-2020:2508-1
-
SUSE-SU-2020:2822-1
-
SUSE-SU-2021:1177-1
-
SUSE-SU-2021:1211-1
-
SUSE-SU-2021:1238-1
-
SUSE-SU-2021:1497-1
-
SUSE-SU-2021:1625-1
-
SUSE-SU-2021:1975-1
-
SUSE-SU-2021:1977-1
-
SUSE-SU-2021:3179-1
-
SUSE-SU-2021:3205-1
-
SUSE-SU-2021:3205-2
-
SUSE-SU-2021:3206-1
-
SUSE-SU-2021:3217-1
-
SUSE-SU-2021:3415-1
-
SUSE-SU-2021:3876-1
-
SUSE-SU-2021:3929-1
-
SUSE-SU-2021:3935-1
-
SUSE-SU-2021:3969-1
-
SUSE-SU-2021:3972-1
-
USN-4368-1
-
USN-4369-1
-
USN-4385-1
-
USN-4387-1
-
USN-4388-1
-
USN-4389-1
-
USN-4390-1
-
USN-4391-1
-
USN-4392-1
-
USN-4393-1
-
USN-4411-1
-
USN-4412-1
-
USN-4413-1
-
USN-4414-1
-
USN-4419-1
-
USN-4426-1
-
USN-4439-1
-
USN-4440-1
-
USN-4465-1
-
USN-4483-1
-
USN-4485-1
-
USN-5343-1
-
USN-5617-1
-
XSA-320
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2020-5756 |
|
|
| CVE | CVE-2020-0543 |
|
|
| CVE | CVE-2020-10757 |
|
|
| CVE | CVE-2020-10711 |
|
|
| CVE | CVE-2020-12655 |
|
|
| CVE | CVE-2020-12770 |
|
|
| CVE | CVE-2019-19769 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux |
 python-perf
|
< 5.4.17-2011.4.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux |
perf
|
< 5.4.17-2011.4.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-8 | oraclelinux |
kernel-uek
|
< 5.4.17-2011.4.4.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux |
kernel-uek
|
< 5.4.17-2011.4.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-tools?distro=oraclelinux-7 | oraclelinux |
kernel-uek-tools
|
< 5.4.17-2011.4.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-tools-libs?distro=oraclelinux-7 | oraclelinux |
kernel-uek-tools-libs
|
< 5.4.17-2011.4.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-8 | oraclelinux |
kernel-uek-doc
|
< 5.4.17-2011.4.4.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux |
kernel-uek-doc
|
< 5.4.17-2011.4.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-8 | oraclelinux |
kernel-uek-devel
|
< 5.4.17-2011.4.4.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-devel
|
< 5.4.17-2011.4.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-8 | oraclelinux |
kernel-uek-debug
|
< 5.4.17-2011.4.4.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug
|
< 5.4.17-2011.4.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-8 | oraclelinux |
kernel-uek-debug-devel
|
< 5.4.17-2011.4.4.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug-devel
|
< 5.4.17-2011.4.4.el7uek | oraclelinux-7 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |