[ELSA-2020-5804] Unbreakable Enterprise kernel security update
[4.14.35-1902.305.4]
- ptp: free ptp device pin descriptors properly (Vladis Dronov) [Orabug: 31710994]
[4.14.35-1902.305.3]
- fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (Alexander Potapenko) [Orabug: 31350638] {CVE-2020-10732}
- PCI: vmd: Filter resource type bits from shadow register (Jon Derrick) [Orabug: 31674879]
- PCI: vmd: Add device id for VMD device 8086:9A0B (Jon Derrick) [Orabug: 31674879]
- PCI: vmd: Fix shadow offsets to reflect spec changes (Jon Derrick) [Orabug: 31674879]
- PCI: vmd: Fix config addressing when using bus offsets (Jon Derrick) [Orabug: 31674879]
- PCI/VMD: Configure MPS settings before adding devices (Jon Derrick) [Orabug: 31674879]
- PCI: vmd: Add an additional VMD device id to driver device id table (Jon Derrick) [Orabug: 31674879]
- PCI: vmd: Add offset to bus numbers if necessary (Jon Derrick) [Orabug: 31674879]
- PCI: vmd: Assign membar addresses from shadow registers (Jon Derrick) [Orabug: 31674879]
- PCI: Add Intel VMD devices to pci ids (Jon Derrick) [Orabug: 31674879]
- misc: pvpanic: add crash loaded event (zhenwei pi) [Orabug: 31677099]
- kvm: Increase KVM_USER_MEM_SLOTS for dense memory hotplug (Eric DeVolder) [Orabug: 31694369]
[4.14.35-1902.305.2]
- net-sysfs: call dev_hold if kobject_init_and_add success (YueHaibing) [Orabug: 31445419] {CVE-2019-20811}
- vfio-pci: protect remap_pfn_range() from simultaneous calls (Ankur Arora) [Orabug: 31663632] {CVE-2020-12888} {CVE-2020-12888}
- crypto: user - fix memory leak in crypto_report (Navid Emamdoost) [Orabug: 31351639] {CVE-2019-19062}
- iwlwifi: pcie: fix rb_allocator workqueue allocation (Johannes Berg) [Orabug: 31351807] {CVE-2019-16234}
- RDMA/netlink: Do not always generate an ACK for some netlink operations (Hakon Bugge) [Orabug: 31666974]
- Revert 'uek-rpm: Move grub boot menu update to posttrans stage.' (Somasundaram Krishnasamy) [Orabug: 31358100]
- net: dsa: Do not leave DSA master with NULL netdev_ops (Allen Pais) [Orabug: 31038233]
- rds/ib: Make i_{recv,send}_hdrs non-contigious (Hans Westgaard Ry) [Orabug: 30358057]
- certs: Remove Oracle cert compiled into the kernel (Eric Snowberg) [Orabug: 31555628]
- CIFS: dump IPC tcon in debug proc file (Aurelien Aptel) [Orabug: 31500374]
- CIFS: use tcon_ipc instead of use_ipc parameter of SMB2_ioctl (Aurelien Aptel) [Orabug: 31500374]
- CIFS: make IPC a regular tcon (Aurelien Aptel) [Orabug: 31500374]
- CIFS: dont log STATUS_NOT_FOUND errors for DFS (Aurelien Aptel) [Orabug: 31500374]
- efi: Restrict efivar_ssdt_load when the kernel is locked down (Matthew Garrett) [Orabug: 31643409] {CVE-2019-20908}
- uek-rpm: drivers: enable VMD PCIe controller (Todd Vierling) [Orabug: 30646928]
- ext4: fix ext4_empty_dir() for directories with holes (Jan Kara) [Orabug: 31265319] {CVE-2019-19037} {CVE-2019-19037}
- IB/sa: Resolv use-after-free in ib_nl_make_request() (Divya Indi) [Orabug: 31631531]
- ocfs2: change slot number type s16 to u16 (Junxiao Bi) [Orabug: 31480605]
- ocfs2: fix value of OCFS2_INVALID_SLOT (Junxiao Bi) [Orabug: 31480605]
- ocfs2: fix panic on nfs server over ocfs2 (Junxiao Bi) [Orabug: 31480605]
- ocfs2: load global_inode_alloc (Junxiao Bi) [Orabug: 31480605]
- ocfs2: avoid inode removal while nfsd is accessing it (Junxiao Bi) [Orabug: 31480605]
[4.14.35-1902.305.1]
- x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned (Tony Luck) [Orabug: 31601132]
- libertas: fix a potential NULL pointer dereference (Allen Pais) [Orabug: 31351822] {CVE-2019-16232}
- ext4: work around deleting a file with i_nlink == 0 safely (Theodore Tso) [Orabug: 31351013] {CVE-2019-19447}
[4.14.35-1902.305.0]
- thermal: support for Marvell Octeon TX SoC temperature sensors (Eric Saint-Etienne) [Orabug: 31564706]
- thermal: support for Marvell Octeon TX2 SoC temperature sensors (Eric Saint-Etienne) [Orabug: 31564706]
- x86/speculation: Prevent rogue cross-process SSBD shutdown (Anthony Steinhauser) [Orabug: 31557902] {CVE-2020-10768}
- psi: Fix double free (Tom Hromatka) [Orabug: 31535640]
- vfio/pci: Fix SR-IOV VF handling with MMIO blocking (Alex Williamson) [Orabug: 31439670] {CVE-2020-12888}
- vfio/pci: Mask buggy SR-IOV VF INTx support (Alex Williamson) [Orabug: 31439670] {CVE-2020-12888}
- vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (Alex Williamson) [Orabug: 31439670] {CVE-2020-12888} {CVE-2020-12888}
- vfio/pci: call irq_bypass_unregister_producer() before freeing irq (Jiang Yi) [Orabug: 31439670] {CVE-2020-12888}
- vfio/pci: Pull BAR mapping setup from read-write path (Alex Williamson) [Orabug: 31439670] {CVE-2020-12888}
- vfio_pci: Enable memory accesses before calling pci_map_rom (Eric Auger) [Orabug: 31439670] {CVE-2020-12888}
- vfio-pci: Fault mmaps to enable vma tracking (Alex Williamson) [Orabug: 31439670] {CVE-2020-12888}
- vfio/type1: Support faulting PFNMAP vmas (Alex Williamson) [Orabug: 31439670] {CVE-2020-12888}
- vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() (Sean Christopherson) [Orabug: 31439670] {CVE-2020-12888}
- of: unittest: fix memory leak in unittest_data_add (Navid Emamdoost) [Orabug: 31351701] {CVE-2019-19049}
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | < 4.14.35-1902.305.4.el7uek |
pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | < 4.14.35-1902.305.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | < 4.14.35-1902.305.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-tools?distro=oraclelinux-7 | < 4.14.35-1902.305.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-tools-libs?distro=oraclelinux-7 | < 4.14.35-1902.305.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-tools-libs-devel?distro=oraclelinux-7 | < 4.14.35-1902.305.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-headers?distro=oraclelinux-7 | < 4.14.35-1902.305.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | < 4.14.35-1902.305.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | < 4.14.35-1902.305.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | < 4.14.35-1902.305.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | < 4.14.35-1902.305.4.el7uek |
- ID
- ELSA-2020-5804
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2020-5804.html
- Published
-
2020-08-10T00:00:00
(4 years ago) - Modified
-
2020-08-10T00:00:00
(4 years ago) - Rights
- Copyright 2020 Oracle, Inc.
- Other Advisories
-
- ALAS-2020-1338
- ALAS-2020-1401
- ALAS-2020-1437
- ALAS2-2020-1392
- ALAS2-2020-1465
- ALSA-2020:4431
- ASB-A-169505929
- ASB-A-170658976
- DSA-4698-1
- DSA-4699-1
- ELSA-2020-2664
- ELSA-2020-3010
- ELSA-2020-3218
- ELSA-2020-4060
- ELSA-2020-5023
- ELSA-2020-5791
- ELSA-2020-5801
- ELSA-2020-5802
- ELSA-2020-5805
- ELSA-2020-5837
- ELSA-2021-9002
- FEDORA-2019-021c968423
- FEDORA-2019-124a241044
- FEDORA-2019-34a75d7e61
- FEDORA-2019-39e97683e8
- FEDORA-2019-8846a1a5a2
- FEDORA-2019-91f6e7bb71
- FEDORA-2019-b86a7bdba0
- FEDORA-2020-125ccdc871
- FEDORA-2020-1b2dae6219
- FEDORA-2020-203ffedeb5
- FEDORA-2020-227a4c0530
- FEDORA-2020-2a5cdd665c
- FEDORA-2020-3cd64d683c
- FEDORA-2020-5436586091
- FEDORA-2020-57bf620276
- FEDORA-2020-c2d89d14d0
- FEDORA-2020-e328697628
- FEDORA-2020-e47d28bc2b
- FEDORA-2020-f884f9dd7d
- FEDORA-2020-fe00e12580
- MS:CVE-2020-10768
- MS:CVE-2020-12888
- openSUSE-SU-2019:2392-1
- openSUSE-SU-2019:2444-1
- openSUSE-SU-2019:2675-1
- openSUSE-SU-2020:0336-1
- openSUSE-SU-2020:0801-1
- openSUSE-SU-2020:0935-1
- openSUSE-SU-2020:1153-1
- openSUSE-SU-2021:0242-1
- RHSA-2019:3517
- RHSA-2020:1567
- RHSA-2020:1769
- RHSA-2020:2664
- RHSA-2020:2665
- RHSA-2020:3010
- RHSA-2020:3016
- RHSA-2020:3073
- RHSA-2020:3218
- RHSA-2020:3219
- RHSA-2020:4060
- RHSA-2020:4062
- RHSA-2020:4431
- RHSA-2020:4609
- RHSA-2020:5023
- RHSA-2020:5026
- SSA:2020-008-01
- SSA:2020-086-01
- SSA:2020-163-01
- SSA:2021-202-01
- SUSE-SU-2019:2879-1
- SUSE-SU-2019:2946-1
- SUSE-SU-2019:2947-1
- SUSE-SU-2019:2949-1
- SUSE-SU-2019:2950-1
- SUSE-SU-2019:2951-1
- SUSE-SU-2019:2952-1
- SUSE-SU-2019:2953-1
- SUSE-SU-2019:2984-1
- SUSE-SU-2019:3200-1
- SUSE-SU-2019:3289-1
- SUSE-SU-2019:3294-1
- SUSE-SU-2019:3295-1
- SUSE-SU-2019:3316-1
- SUSE-SU-2019:3317-1
- SUSE-SU-2019:3371-1
- SUSE-SU-2019:3372-1
- SUSE-SU-2019:3379-1
- SUSE-SU-2019:3381-1
- SUSE-SU-2020:0093-1
- SUSE-SU-2020:0511-1
- SUSE-SU-2020:0559-1
- SUSE-SU-2020:0560-1
- SUSE-SU-2020:0580-1
- SUSE-SU-2020:0584-1
- SUSE-SU-2020:0599-1
- SUSE-SU-2020:0613-1
- SUSE-SU-2020:1255-1
- SUSE-SU-2020:1275-1
- SUSE-SU-2020:1587-1
- SUSE-SU-2020:1599-1
- SUSE-SU-2020:1602-1
- SUSE-SU-2020:1603-1
- SUSE-SU-2020:1604-1
- SUSE-SU-2020:1605-1
- SUSE-SU-2020:1663-1
- SUSE-SU-2020:1693-1
- SUSE-SU-2020:1699-1
- SUSE-SU-2020:1713-1
- SUSE-SU-2020:2027-1
- SUSE-SU-2020:2103-1
- SUSE-SU-2020:2105-1
- SUSE-SU-2020:2106-1
- SUSE-SU-2020:2107-1
- SUSE-SU-2020:2119-1
- SUSE-SU-2020:2121-1
- SUSE-SU-2020:2122-1
- SUSE-SU-2020:2134-1
- SUSE-SU-2020:2152-1
- SUSE-SU-2020:2156-1
- SUSE-SU-2020:2478-1
- SUSE-SU-2020:2487-1
- SUSE-SU-2020:2491-1
- SUSE-SU-2020:2492-1
- SUSE-SU-2020:2497-1
- SUSE-SU-2020:2498-1
- SUSE-SU-2020:2505-1
- SUSE-SU-2020:2506-1
- SUSE-SU-2020:2513-1
- SUSE-SU-2020:2526-1
- SUSE-SU-2022:1651-1
- SUSE-SU-2022:1668-1
- SUSE-SU-2022:1686-1
- SUSE-SU-2022:2083-1
- SUSE-SU-2022:2103-1
- SUSE-SU-2022:2111-1
- USN-4254-1
- USN-4254-2
- USN-4258-1
- USN-4284-1
- USN-4285-1
- USN-4287-1
- USN-4287-2
- USN-4342-1
- USN-4344-1
- USN-4345-1
- USN-4346-1
- USN-4411-1
- USN-4426-1
- USN-4427-1
- USN-4439-1
- USN-4440-1
- USN-4483-1
- USN-4485-1
- USN-4525-1
- USN-4526-1
- USN-4527-1
- USN-4904-1
- USN-5361-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2020-5804 | https://linux.oracle.com/errata/ELSA-2020-5804.html | |
CVE | CVE-2019-19049 | https://linux.oracle.com/cve/CVE-2019-19049.html | |
CVE | CVE-2019-16234 | https://linux.oracle.com/cve/CVE-2019-16234.html | |
CVE | CVE-2019-19447 | https://linux.oracle.com/cve/CVE-2019-19447.html | |
CVE | CVE-2020-10732 | https://linux.oracle.com/cve/CVE-2020-10732.html | |
CVE | CVE-2019-16232 | https://linux.oracle.com/cve/CVE-2019-16232.html | |
CVE | CVE-2019-19037 | https://linux.oracle.com/cve/CVE-2019-19037.html | |
CVE | CVE-2019-19062 | https://linux.oracle.com/cve/CVE-2019-19062.html | |
CVE | CVE-2019-20908 | https://linux.oracle.com/cve/CVE-2019-20908.html | |
CVE | CVE-2020-10768 | https://linux.oracle.com/cve/CVE-2020-10768.html | |
CVE | CVE-2020-12888 | https://linux.oracle.com/cve/CVE-2020-12888.html | |
CVE | CVE-2019-20811 | https://linux.oracle.com/cve/CVE-2019-20811.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux | python-perf | < 4.14.35-1902.305.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux | perf | < 4.14.35-1902.305.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux | kernel-uek | < 4.14.35-1902.305.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-tools?distro=oraclelinux-7 | oraclelinux | kernel-uek-tools | < 4.14.35-1902.305.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-tools-libs?distro=oraclelinux-7 | oraclelinux | kernel-uek-tools-libs | < 4.14.35-1902.305.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-tools-libs-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-tools-libs-devel | < 4.14.35-1902.305.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-headers?distro=oraclelinux-7 | oraclelinux | kernel-uek-headers | < 4.14.35-1902.305.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux | kernel-uek-doc | < 4.14.35-1902.305.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-devel | < 4.14.35-1902.305.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug | < 4.14.35-1902.305.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug-devel | < 4.14.35-1902.305.4.el7uek | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |