[ELSA-2020-5801] Unbreakable Enterprise kernel security update
[4.1.12-124.41.4]
- uek-rpm: Add OL6 shim conflict for new signing key (Eric Snowberg) [Orabug: 31688239]
- Revert 'certs: Add Oracle's new X509 cert into the kernel keyring' (Eric Snowberg) [Orabug: 31688223]
- blk-mq: don't overwrite rq->mq_ctx (Jens Axboe) [Orabug: 31457304]
- blk-mq: mark ctx as pending at batch in flush plug path (Ming Lei) [Orabug: 31457304]
[4.1.12-124.41.3]
- scsi: qla2xxx: Fix stuck session in GNL (Quinn Tran) [Orabug: 31561461]
- scsi: qla2xxx: Serialize session free in qlt_free_session_done (Quinn Tran) [Orabug: 31561461]
- scsi: qla2xxx: v2: Change abort wait_loop from msleep to wait_event_timeout (Giridhar Malavali) [Orabug: 26932683]
- scsi: qla2xxx: v2: Move ABTS code behind qpair (Quinn Tran) [Orabug: 31517449]
- ocfs2: change slot number type s16 to u16 (Junxiao Bi) [Orabug: 31027042]
- ocfs2: fix value of OCFS2_INVALID_SLOT (Junxiao Bi) [Orabug: 31027042]
- ocfs2: fix panic on nfs server over ocfs2 (Junxiao Bi) [Orabug: 31027042]
- ocfs2: load global_inode_alloc (Junxiao Bi) [Orabug: 31027042]
- ocfs2: avoid inode removal while nfsd is accessing it (Junxiao Bi) [Orabug: 31027042]
- block_dev: don't test bdev->bd_contains when it is not stable (NeilBrown) [Orabug: 31554143]
- KVM: x86: Remove spurious semicolon (Joao Martins) [Orabug: 31584727]
[4.1.12-124.41.2]
- media: rc: prevent memory leak in cx23888_ir_probe (Navid Emamdoost) [Orabug: 31351672] {CVE-2019-19054}
- vfio/pci: Fix SR-IOV VF handling with MMIO blocking (Alex Williamson) [Orabug: 31439671] {CVE-2020-12888}
- vfio/pci: Mask buggy SR-IOV VF INTx support (Alex Williamson) [Orabug: 31439671] {CVE-2020-12888}
- vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (Alex Williamson) [Orabug: 31439671] {CVE-2020-12888} {CVE-2020-12888}
- vfio/pci: Pull BAR mapping setup from read-write path (Alex Williamson) [Orabug: 31439671] {CVE-2020-12888}
- vfio_pci: Enable memory accesses before calling pci_map_rom (Eric Auger) [Orabug: 31439671] {CVE-2020-12888}
- vfio-pci: Fault mmaps to enable vma tracking (Alex Williamson) [Orabug: 31439671] {CVE-2020-12888}
- vfio/type1: Support faulting PFNMAP vmas (Alex Williamson) [Orabug: 31439671] {CVE-2020-12888}
- mm: bring in additional flag for fixup_user_fault to signal unlock (Dominik Dingel) [Orabug: 31439671] {CVE-2020-12888}
- vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() (Sean Christopherson) [Orabug: 31439671] {CVE-2020-12888}
- x86/mitigations: reset default value for srbds_mitigation (Mihai Carabas) [Orabug: 31514993]
- x86/cpu: clear X86_BUG_SRBDS before late loading (Mihai Carabas) [Orabug: 31514993]
- x86/mitigations: update MSRs on all CPUs for SRBDS (Mihai Carabas) [Orabug: 31514993]
- Revert 'x86/efi: Request desired alignment via the PE/COFF headers' (Matt Fleming) [Orabug: 31602576]
[4.1.12-124.41.1]
- can, slip: Protect tty->disc_data in write_wakeup and close with RCU (Richard Palethorpe) [Orabug: 31516085] {CVE-2020-14416}
- scsi: qla2xxx: Fix warning in qla2x00_async_iocb_timeout() (himanshu.madhani@cavium.com) [Orabug: 31530589]
- scsi: qla2xxx: Fix NULL pointer access for fcport structure (Quinn Tran) [Orabug: 31530589]
- ID
- ELSA-2020-5801
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2020-5801.html
- Published
-
2020-08-06T00:00:00
(4 years ago) - Modified
-
2020-08-06T00:00:00
(4 years ago) - Rights
- Copyright 2020 Oracle, Inc.
- Other Advisories
-
-
ALAS-2020-1437
-
ALAS2-2020-1480
-
ELSA-2020-2664
-
ELSA-2020-3010
-
ELSA-2020-5755
-
ELSA-2020-5802
-
ELSA-2020-5804
-
ELSA-2020-5805
-
ELSA-2020-5878
-
FEDORA-2019-021c968423
-
FEDORA-2019-124a241044
-
FEDORA-2019-34a75d7e61
-
FEDORA-2019-39e97683e8
-
FEDORA-2019-8846a1a5a2
-
FEDORA-2019-91f6e7bb71
-
FEDORA-2019-b86a7bdba0
-
FEDORA-2020-203ffedeb5
-
FEDORA-2020-227a4c0530
-
FEDORA-2020-2a5cdd665c
-
FEDORA-2020-3cd64d683c
-
FEDORA-2020-5436586091
-
FEDORA-2020-57bf620276
-
FEDORA-2020-c2d89d14d0
-
FEDORA-2020-e328697628
-
FEDORA-2020-e47d28bc2b
-
FEDORA-2020-f884f9dd7d
-
FEDORA-2020-fe00e12580
-
MS:CVE-2020-12888
-
openSUSE-SU-2020:0336-1
-
openSUSE-SU-2020:0935-1
-
openSUSE-SU-2020:1153-1
-
openSUSE-SU-2021:0242-1
-
RHSA-2020:2664
-
RHSA-2020:2665
-
RHSA-2020:3010
-
RHSA-2020:3016
-
SSA:2020-295-01
-
SUSE-SU-2020:0511-1
-
SUSE-SU-2020:0558-1
-
SUSE-SU-2020:0559-1
-
SUSE-SU-2020:0560-1
-
SUSE-SU-2020:0580-1
-
SUSE-SU-2020:0584-1
-
SUSE-SU-2020:0599-1
-
SUSE-SU-2020:0605-1
-
SUSE-SU-2020:0613-1
-
SUSE-SU-2020:1663-1
-
SUSE-SU-2020:2027-1
-
SUSE-SU-2020:2103-1
-
SUSE-SU-2020:2105-1
-
SUSE-SU-2020:2106-1
-
SUSE-SU-2020:2107-1
-
SUSE-SU-2020:2119-1
-
SUSE-SU-2020:2121-1
-
SUSE-SU-2020:2122-1
-
SUSE-SU-2020:2134-1
-
SUSE-SU-2020:2152-1
-
SUSE-SU-2020:2156-1
-
SUSE-SU-2020:2478-1
-
SUSE-SU-2020:2487-1
-
USN-4525-1
-
USN-4526-1
-
USN-4527-1
-
USN-5361-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2020-5801 |
|
|
| CVE | CVE-2020-12888 |
|
|
| CVE | CVE-2020-14416 |
|
|
| CVE | CVE-2019-19054 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux |
 kernel-uek
|
< 4.1.12-124.41.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux |
kernel-uek
|
< 4.1.12-124.41.4.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-124.41.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-124.41.4.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-124.41.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-124.41.4.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-124.41.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-124.41.4.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-124.41.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-124.41.4.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-124.41.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-124.41.4.el6uek | oraclelinux-6 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |