[ELSA-2020-5956] Unbreakable Enterprise kernel security update
kernel-uek
[3.8.13-118.51.2]
- Revert 'kexec: Validate pe files against the system_lacklist_keyring' (John Donnelly) [Orabug: 32171714] {CVE-2020-26541} {CVE-2020-26541}
[3.8.13-118.51.1]
- usb: cdc-acm: make sure a refcount is taken early enough (Oliver Neukum) [Orabug: 31351090] {CVE-2019-19530}
- kexec: Validate pe files against the system_lacklist_keyring (Eric Snowberg) [Orabug: 31961121] {CVE-2020-26541}
- uek-rpm: Update secure boot UEK signing certificates (Brian Maly) [Orabug: 31974695]
dtrace-modules-3.8.13-118.51.2.el6uek
[0.4.5-3]
- Synchronize versions with OL7
[0.4.5-2]
- Validate d_path() argument pointer to avoid crash.
[Orabug: 21304207]
[0.4.5-1]
- Support USDT for 32-bit applications on 64-bit hosts.
[Orabug: 21219315]
- Convert from sdt_instr_t to asm_instr_t.
[Orabug: 21219374]
- Restructuring to support DTrace on multiple architectures.
[Orabug: 21273259]
- Fix dtrace_helptrace_buffer memory leak.
[Orabug: 20514336]
- Add .gitignore file.
[Orabug: 20266608]
[0.4.4-1]
- Rename dtrace-modules-headers to dtrace-modules-shared-headers.
[Orabug: 20508087]
[0.4.3-4]
- Updated NEWS file: test stress/buffering/tst.resize1.d is XFAIL for now.
- Align with kernel header file change: FOLL_NOFAULT -> FOLL_IMMED.
[Orabug: 18653713]
[0.4.3-3]
- Rebuild with cleaned up source tree.
[0.4.3-2]
- Various fixes to handle multi-threaded processes.
[Orabug: 18412802]
[0.4.3-1]
- Implmentation of profile-* probes in the profile provider.
[Orabug: 18323513]
[0.4.2-3]
- Obsolete the old provider headers package.
[Orabug: 18061595]
[0.4.2-2]
- Change name of provider headers package, to avoid conflicts on yum update.
[Orabug: 18061595]
[0.4.2-1]
- Fix 'vtimestamp' implementation.
[Orabug: 17741477]
- Support SDT probes points in kernel modules.
[Orabug: 17851716]
[0.4.1-3]
- Fix 'errno' implementation.
[Orabug: 17704568]
[0.4.1-2]
- Fix lock ordering issues.
[Orabug: 17624236]
[0.4.1-1]
- Align with new cyclic implementation in UEK3 kernel.
[Orabug: 17553446]
- Bugfix for module reference counting.
- Fix memory leak.
- Fix race condition in speculative tracing buffer cleaning.
[Orabug: 17591351]
- Ensure safe access to userspace stack memory location.
[Orabug: 17591351]
[0.4.0-2]
- Bugfix for ustack() to avoid using vma data.
[0.4.0-1]
- Bugfix for module unloading.
- Support meta-providers, USDT, and fasttrap (for USDT only).
- Export DTrace kernel headers to userspace.
- Improved ustack() robustness.
[Orabug: 17591351]
- Reimplemented ustack().
(Nick Alcock) [Orabug: 17591351]
- Bugfixes.
[0.3.2]
- Release for new kernel and CTF section layout
[0.3.1]
- Skipped version number
[0.3.0-2]
- Remove development-only providers because they should not be built/released.
[0.3.0]
- Release of the DTrace kernel modules for UEK2 2.6.39-201.0.1 (DTrace kernel).
[0.2.5-2]
- Fix typo causing unconditional depmod at postinstall time
[0.2.5]
- New kernel, new userspace: no module changes.
[0.2.4]
- Ban unloading of in-use dtrace modules while dtrace is running.
[0.2.3]
- There is one new DTrace option now, used internally by the
testsuite.
[0.2.2]
- Switch MUTEX_HELD() from using mutex_is_locked() to new mutex_owned().
[0.2.1]
- Ensure that allocation attempts are done in atomic fashion so that a failing
allocation attempt won't interfere with other allocations.
- Surpress OOM warnings.
[0.2.0]
- Release of the DTrace kernel modules for UEK2 2.6.39-101.0.1 (DTrace kernel).
[0.1.0-1.el6]
- Disable stub-based syscalls in the release pending merging in fixes.
[0.1]
- Initial release.
- ID
- ELSA-2020-5956
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2020-5956.html
- Published
-
2020-12-01T00:00:00
(3 years ago) - Modified
-
2020-12-01T00:00:00
(3 years ago) - Rights
- Copyright 2020 Oracle, Inc.
- Other Advisories
-
- ELSA-2020-4060
- ELSA-2020-5912
- openSUSE-SU-2019:2675-1
- RHSA-2020:4060
- RHSA-2020:4062
- SUSE-SU-2019:3289-1
- SUSE-SU-2019:3316-1
- SUSE-SU-2019:3317-1
- SUSE-SU-2019:3372-1
- SUSE-SU-2019:3379-1
- SUSE-SU-2019:3381-1
- SUSE-SU-2019:3389-1
- SUSE-SU-2020:0093-1
- SUSE-SU-2020:0584-1
- SUSE-SU-2020:0599-1
- SUSE-SU-2020:0613-1
- SUSE-SU-2020:1255-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2020-5956 | https://linux.oracle.com/errata/ELSA-2020-5956.html | |
CVE | CVE-2019-19530 | https://linux.oracle.com/cve/CVE-2019-19530.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux | kernel-uek | < 3.8.13-118.51.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux | kernel-uek | < 3.8.13-118.51.2.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux | kernel-uek-firmware | < 3.8.13-118.51.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux | kernel-uek-firmware | < 3.8.13-118.51.2.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux | kernel-uek-doc | < 3.8.13-118.51.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux | kernel-uek-doc | < 3.8.13-118.51.2.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-devel | < 3.8.13-118.51.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-devel | < 3.8.13-118.51.2.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug | < 3.8.13-118.51.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug | < 3.8.13-118.51.2.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug-devel | < 3.8.13-118.51.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug-devel | < 3.8.13-118.51.2.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/dtrace-modules-3.8.13-118.51.2.el7uek?distro=oraclelinux-7 | oraclelinux | dtrace-modules-3.8.13-118.51.2.el7uek | < 0.4.5-3.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/dtrace-modules-3.8.13-118.51.2.el6uek?distro=oraclelinux-6 | oraclelinux | dtrace-modules-3.8.13-118.51.2.el6uek | < 0.4.5-3.el6 | oraclelinux-6 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |