[ELSA-2020-5837] Unbreakable Enterprise kernel security update
[4.1.12-124.42.3]
- can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices (Tomas Bortoli) [Orabug: 31351221] {CVE-2019-19535}
- media: hdpvr: Fix an error handling path in hdpvr_probe() (Arvind Yadav) [Orabug: 31352053] {CVE-2017-16644}
- fs/binfmt_misc.c: do not allow offset overflow (Thadeu Lima de Souza Cascardo) [Orabug: 31588258]
- clear inode and truncate pages before enqueuing for async inactivation (Gautham Ananthakrishna) [Orabug: 31744270]
[4.1.12-124.42.2]
- mm: create alloc_last_chance debugfs entries (Mike Kravetz) [Orabug: 31295499]
- mm: perform 'last chance' reclaim efforts before allocation failure (Mike Kravetz) [Orabug: 31295499]
- mm: let page allocation slowpath retry 'order' times (Mike Kravetz) [Orabug: 31295499]
- fix kABI breakage from 'netns: provide pure entropy for net_hash_mix()' (Dan Duval) [Orabug: 31351904] {CVE-2019-10638} {CVE-2019-10639}
- netns: provide pure entropy for net_hash_mix() (Eric Dumazet) [Orabug: 31351904] {CVE-2019-10638} {CVE-2019-10639}
- hrtimer: Annotate lockless access to timer->base (Eric Dumazet) [Orabug: 31380495]
- rds: ib: Revert 'net/rds: Avoid stalled connection due to CM REQ retries' (Hakon Bugge) [Orabug: 31648141]
- rds: Clear reconnect pending bit (Hakon Bugge) [Orabug: 31648141]
- RDMA/netlink: Do not always generate an ACK for some netlink operations (Hakon Bugge) [Orabug: 31666975]
- genirq/proc: Return proper error code when irq_set_affinity() fails (Wen Yaxng) [Orabug: 31723450]
[4.1.12-124.42.1]
- fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (Alexander Potapenko) [Orabug: 31350639] {CVE-2020-10732}
- crypto: user - fix memory leak in crypto_report (Navid Emamdoost) [Orabug: 31351640] {CVE-2019-19062}
- of: unittest: fix memory leak in unittest_data_add (Navid Emamdoost) [Orabug: 31351702] {CVE-2019-19049}
- IB/sa: Resolv use-after-free in ib_nl_make_request() (Divya Indi) [Orabug: 31656992]
- net-sysfs: call dev_hold if kobject_init_and_add success (YueHaibing) [Orabug: 31687545] {CVE-2019-20811}
- ID
- ELSA-2020-5837
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2020-5837.html
- Published
-
2020-09-03T00:00:00
(4 years ago) - Modified
-
2020-09-03T00:00:00
(4 years ago) - Rights
- Copyright 2020 Oracle, Inc.
- Other Advisories
-
- ALAS-2020-1338
- ALAS-2020-1401
- ALAS2-2020-1392
- ALAS2-2020-1465
- ALSA-2020:4431
- ASB-A-170658976
- DSA-4073-1
- DSA-4495-1
- DSA-4497-1
- DSA-4698-1
- DSA-4699-1
- ELSA-2019-3517
- ELSA-2020-1016
- ELSA-2020-1769
- ELSA-2020-4060
- ELSA-2020-5023
- ELSA-2020-5802
- ELSA-2020-5804
- ELSA-2020-5805
- ELSA-2020-5845
- FEDORA-2017-905bb449bc
- FEDORA-2017-92a0ae09aa
- FEDORA-2017-f9f3d80442
- FEDORA-2018-1c80fea1cd
- FEDORA-2018-1e033dc308
- FEDORA-2018-2a0f8b2c9d
- FEDORA-2018-2ee3411cb8
- FEDORA-2018-2f6df9abfb
- FEDORA-2018-49bda79bd5
- FEDORA-2018-4ca01704a2
- FEDORA-2018-6367a17aa3
- FEDORA-2018-79d7c3d2df
- FEDORA-2018-8484550fff
- FEDORA-2018-884a105c04
- FEDORA-2018-93c2e74446
- FEDORA-2018-94315e9a6b
- FEDORA-2018-9d0e4e40b5
- FEDORA-2018-b57db4753c
- FEDORA-2018-b68776e5b0
- FEDORA-2018-b997780dca
- FEDORA-2018-c0a1284064
- FEDORA-2018-c449dc1c9c
- FEDORA-2018-d77cc41f35
- FEDORA-2018-e71875c4aa
- FEDORA-2018-e8f793bbfc
- FEDORA-2019-021c968423
- FEDORA-2019-124a241044
- FEDORA-2019-34a75d7e61
- FEDORA-2019-39e97683e8
- FEDORA-2019-8846a1a5a2
- FEDORA-2019-91f6e7bb71
- FEDORA-2019-b86a7bdba0
- FEDORA-2020-203ffedeb5
- FEDORA-2020-227a4c0530
- FEDORA-2020-2a5cdd665c
- FEDORA-2020-3cd64d683c
- FEDORA-2020-c2d89d14d0
- FEDORA-2020-e328697628
- FEDORA-2020-f884f9dd7d
- FEDORA-2020-fe00e12580
- openSUSE-SU-2019:1716-1
- openSUSE-SU-2019:1757-1
- openSUSE-SU-2019:2675-1
- openSUSE-SU-2020:0336-1
- openSUSE-SU-2020:0801-1
- openSUSE-SU-2020:0935-1
- openSUSE-SU-2021:0242-1
- RHSA-2019:3309
- RHSA-2019:3517
- RHSA-2020:1016
- RHSA-2020:1070
- RHSA-2020:1567
- RHSA-2020:1769
- RHSA-2020:4060
- RHSA-2020:4062
- RHSA-2020:4431
- RHSA-2020:4609
- RHSA-2020:5023
- RHSA-2020:5026
- SSA:2019-311-01
- SSA:2020-008-01
- SSA:2020-163-01
- SUSE-SU-2018:0785-1
- SUSE-SU-2018:0786-1
- SUSE-SU-2018:0834-1
- SUSE-SU-2018:0848-1
- SUSE-SU-2018:0986-1
- SUSE-SU-2018:1080-1
- SUSE-SU-2018:1172-1
- SUSE-SU-2018:1309-1
- SUSE-SU-2019:1823-1
- SUSE-SU-2019:1823-2
- SUSE-SU-2019:1829-1
- SUSE-SU-2019:1851-1
- SUSE-SU-2019:1852-1
- SUSE-SU-2019:1854-1
- SUSE-SU-2019:1855-1
- SUSE-SU-2019:2069-1
- SUSE-SU-2019:2430-1
- SUSE-SU-2019:2450-1
- SUSE-SU-2019:3200-1
- SUSE-SU-2019:3289-1
- SUSE-SU-2019:3316-1
- SUSE-SU-2019:3317-1
- SUSE-SU-2019:3371-1
- SUSE-SU-2019:3372-1
- SUSE-SU-2019:3379-1
- SUSE-SU-2019:3381-1
- SUSE-SU-2019:3389-1
- SUSE-SU-2020:0093-1
- SUSE-SU-2020:0511-1
- SUSE-SU-2020:0560-1
- SUSE-SU-2020:0584-1
- SUSE-SU-2020:0599-1
- SUSE-SU-2020:0613-1
- SUSE-SU-2020:1255-1
- SUSE-SU-2020:1587-1
- SUSE-SU-2020:1599-1
- SUSE-SU-2020:1602-1
- SUSE-SU-2020:1603-1
- SUSE-SU-2020:1604-1
- SUSE-SU-2020:1605-1
- SUSE-SU-2020:1663-1
- SUSE-SU-2020:2027-1
- SUSE-SU-2020:2105-1
- SUSE-SU-2020:2134-1
- SUSE-SU-2020:2152-1
- SUSE-SU-2020:2156-1
- SUSE-SU-2020:2478-1
- SUSE-SU-2020:2487-1
- SUSE-SU-2022:1651-1
- SUSE-SU-2022:1668-1
- SUSE-SU-2022:1686-1
- SUSE-SU-2022:2083-1
- SUSE-SU-2022:2103-1
- SUSE-SU-2022:2111-1
- USN-3754-1
- USN-4114-1
- USN-4115-1
- USN-4116-1
- USN-4117-1
- USN-4118-1
- USN-4254-1
- USN-4254-2
- USN-4258-1
- USN-4284-1
- USN-4287-1
- USN-4287-2
- USN-4411-1
- USN-4427-1
- USN-4439-1
- USN-4440-1
- USN-4485-1
- USN-4527-1
- USN-4904-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2020-5837 | https://linux.oracle.com/errata/ELSA-2020-5837.html | |
CVE | CVE-2020-10732 | https://linux.oracle.com/cve/CVE-2020-10732.html | |
CVE | CVE-2019-19049 | https://linux.oracle.com/cve/CVE-2019-19049.html | |
CVE | CVE-2019-19062 | https://linux.oracle.com/cve/CVE-2019-19062.html | |
CVE | CVE-2019-20811 | https://linux.oracle.com/cve/CVE-2019-20811.html | |
CVE | CVE-2017-16644 | https://linux.oracle.com/cve/CVE-2017-16644.html | |
CVE | CVE-2019-10639 | https://linux.oracle.com/cve/CVE-2019-10639.html | |
CVE | CVE-2019-19535 | https://linux.oracle.com/cve/CVE-2019-19535.html | |
CVE | CVE-2019-10638 | https://linux.oracle.com/cve/CVE-2019-10638.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux | kernel-uek | < 4.1.12-124.42.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux | kernel-uek | < 4.1.12-124.42.3.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux | kernel-uek-firmware | < 4.1.12-124.42.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux | kernel-uek-firmware | < 4.1.12-124.42.3.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux | kernel-uek-doc | < 4.1.12-124.42.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux | kernel-uek-doc | < 4.1.12-124.42.3.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-devel | < 4.1.12-124.42.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-devel | < 4.1.12-124.42.3.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug | < 4.1.12-124.42.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug | < 4.1.12-124.42.3.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug-devel | < 4.1.12-124.42.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug-devel | < 4.1.12-124.42.3.el6uek | oraclelinux-6 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |