[ELSA-2020-5791] Unbreakable Enterprise kernel security update
Severity
Important
Affected Packages
11
CVEs
1
[4.14.35-1902.304.6.3]
- Revert 'uek-rpm: Move grub boot menu update to posttrans stage.' (Somasundaram Krishnasamy) [Orabug: 31358100]
[4.14.35-1902.304.6.2]
- certs: Remove Oracle cert compiled into the kernel (Eric Snowberg) [Orabug: 31668611]
- efi: Restrict efivar_ssdt_load when the kernel is locked down (Matthew Garrett) [Orabug: 31662729] {CVE-2019-20908}
[4.14.35-1902.304.6.1]
- IB/sa: Resolv use-after-free in ib_nl_make_request() (Divya Indi) [Orabug: 31652801]
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | < 4.14.35-1902.304.6.3.el7uek |
pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | < 4.14.35-1902.304.6.3.el7uek |
pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | < 4.14.35-1902.304.6.3.el7uek |
pkg:rpm/oraclelinux/kernel-uek-tools?distro=oraclelinux-7 | < 4.14.35-1902.304.6.3.el7uek |
pkg:rpm/oraclelinux/kernel-uek-tools-libs?distro=oraclelinux-7 | < 4.14.35-1902.304.6.3.el7uek |
pkg:rpm/oraclelinux/kernel-uek-tools-libs-devel?distro=oraclelinux-7 | < 4.14.35-1902.304.6.3.el7uek |
pkg:rpm/oraclelinux/kernel-uek-headers?distro=oraclelinux-7 | < 4.14.35-1902.304.6.3.el7uek |
pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | < 4.14.35-1902.304.6.3.el7uek |
pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | < 4.14.35-1902.304.6.3.el7uek |
pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | < 4.14.35-1902.304.6.3.el7uek |
pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | < 4.14.35-1902.304.6.3.el7uek |
- ID
- ELSA-2020-5791
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2020-5791.html
- Published
-
2020-07-29T00:00:00
(4 years ago) - Modified
-
2020-07-29T00:00:00
(4 years ago) - Rights
- Copyright 2020 Oracle, Inc.
- Other Advisories
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2020-5791 | https://linux.oracle.com/errata/ELSA-2020-5791.html | |
CVE | CVE-2019-20908 | https://linux.oracle.com/cve/CVE-2019-20908.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux | python-perf | < 4.14.35-1902.304.6.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux | perf | < 4.14.35-1902.304.6.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux | kernel-uek | < 4.14.35-1902.304.6.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-tools?distro=oraclelinux-7 | oraclelinux | kernel-uek-tools | < 4.14.35-1902.304.6.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-tools-libs?distro=oraclelinux-7 | oraclelinux | kernel-uek-tools-libs | < 4.14.35-1902.304.6.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-tools-libs-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-tools-libs-devel | < 4.14.35-1902.304.6.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-headers?distro=oraclelinux-7 | oraclelinux | kernel-uek-headers | < 4.14.35-1902.304.6.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux | kernel-uek-doc | < 4.14.35-1902.304.6.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-devel | < 4.14.35-1902.304.6.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug | < 4.14.35-1902.304.6.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug-devel | < 4.14.35-1902.304.6.3.el7uek | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |