1. Home
  2. Security Advisories
  3. Oracle Linux
  4. ELSA-2020-5956

[ELSA-2020-5956] Unbreakable Enterprise kernel security update

Severity Important
Affected Packages 14
CVEs 1
Info Packages References Vulnerabilities

kernel-uek
[3.8.13-118.51.2]
- Revert 'kexec: Validate pe files against the system_lacklist_keyring' (John Donnelly) [Orabug: 32171714] {CVE-2020-26541} {CVE-2020-26541}

[3.8.13-118.51.1]
- usb: cdc-acm: make sure a refcount is taken early enough (Oliver Neukum) [Orabug: 31351090] {CVE-2019-19530}
- kexec: Validate pe files against the system_lacklist_keyring (Eric Snowberg) [Orabug: 31961121] {CVE-2020-26541}
- uek-rpm: Update secure boot UEK signing certificates (Brian Maly) [Orabug: 31974695]

dtrace-modules-3.8.13-118.51.2.el6uek
[0.4.5-3]
- Synchronize versions with OL7

[0.4.5-2]
- Validate d_path() argument pointer to avoid crash.
[Orabug: 21304207]

[0.4.5-1]
- Support USDT for 32-bit applications on 64-bit hosts.
[Orabug: 21219315]
- Convert from sdt_instr_t to asm_instr_t.
[Orabug: 21219374]
- Restructuring to support DTrace on multiple architectures.
[Orabug: 21273259]
- Fix dtrace_helptrace_buffer memory leak.
[Orabug: 20514336]
- Add .gitignore file.
[Orabug: 20266608]

[0.4.4-1]
- Rename dtrace-modules-headers to dtrace-modules-shared-headers.
[Orabug: 20508087]

[0.4.3-4]
- Updated NEWS file: test stress/buffering/tst.resize1.d is XFAIL for now.
- Align with kernel header file change: FOLL_NOFAULT -> FOLL_IMMED.
[Orabug: 18653713]

[0.4.3-3]
- Rebuild with cleaned up source tree.

[0.4.3-2]
- Various fixes to handle multi-threaded processes.
[Orabug: 18412802]

[0.4.3-1]
- Implmentation of profile-* probes in the profile provider.
[Orabug: 18323513]

[0.4.2-3]
- Obsolete the old provider headers package.
[Orabug: 18061595]

[0.4.2-2]
- Change name of provider headers package, to avoid conflicts on yum update.
[Orabug: 18061595]

[0.4.2-1]
- Fix 'vtimestamp' implementation.
[Orabug: 17741477]
- Support SDT probes points in kernel modules.
[Orabug: 17851716]

[0.4.1-3]
- Fix 'errno' implementation.
[Orabug: 17704568]

[0.4.1-2]
- Fix lock ordering issues.
[Orabug: 17624236]

[0.4.1-1]
- Align with new cyclic implementation in UEK3 kernel.
[Orabug: 17553446]
- Bugfix for module reference counting.
- Fix memory leak.
- Fix race condition in speculative tracing buffer cleaning.
[Orabug: 17591351]
- Ensure safe access to userspace stack memory location.
[Orabug: 17591351]

[0.4.0-2]
- Bugfix for ustack() to avoid using vma data.

[0.4.0-1]
- Bugfix for module unloading.
- Support meta-providers, USDT, and fasttrap (for USDT only).
- Export DTrace kernel headers to userspace.
- Improved ustack() robustness.
[Orabug: 17591351]
- Reimplemented ustack().
(Nick Alcock) [Orabug: 17591351]
- Bugfixes.

[0.3.2]
- Release for new kernel and CTF section layout

[0.3.1]
- Skipped version number

[0.3.0-2]
- Remove development-only providers because they should not be built/released.

[0.3.0]
- Release of the DTrace kernel modules for UEK2 2.6.39-201.0.1 (DTrace kernel).

[0.2.5-2]
- Fix typo causing unconditional depmod at postinstall time

[0.2.5]
- New kernel, new userspace: no module changes.

[0.2.4]
- Ban unloading of in-use dtrace modules while dtrace is running.

[0.2.3]
- There is one new DTrace option now, used internally by the
testsuite.

[0.2.2]
- Switch MUTEX_HELD() from using mutex_is_locked() to new mutex_owned().

[0.2.1]
- Ensure that allocation attempts are done in atomic fashion so that a failing
allocation attempt won't interfere with other allocations.
- Surpress OOM warnings.

[0.2.0]
- Release of the DTrace kernel modules for UEK2 2.6.39-101.0.1 (DTrace kernel).

[0.1.0-1.el6]
- Disable stub-based syscalls in the release pending merging in fixes.

[0.1]
- Initial release.

Package Affected Version
pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 < 3.8.13-118.51.2.el7uek
pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 < 3.8.13-118.51.2.el6uek
pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 < 3.8.13-118.51.2.el7uek
pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 < 3.8.13-118.51.2.el6uek
pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 < 3.8.13-118.51.2.el7uek
pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 < 3.8.13-118.51.2.el6uek
pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 < 3.8.13-118.51.2.el7uek
pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 < 3.8.13-118.51.2.el6uek
pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 < 3.8.13-118.51.2.el7uek
pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 < 3.8.13-118.51.2.el6uek
pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 < 3.8.13-118.51.2.el7uek
pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 < 3.8.13-118.51.2.el6uek
pkg:rpm/oraclelinux/dtrace-modules-3.8.13-118.51.2.el7uek?distro=oraclelinux-7 < 0.4.5-3.el7
pkg:rpm/oraclelinux/dtrace-modules-3.8.13-118.51.2.el6uek?distro=oraclelinux-6 < 0.4.5-3.el6
ID
ELSA-2020-5956
Severity
important
URL
https://linux.oracle.com/errata/ELSA-2020-5956.html
Published
2020-12-01T00:00:00
(3 years ago)
Modified
2020-12-01T00:00:00
(3 years ago)
Rights
Copyright 2020 Oracle, Inc.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 oraclelinux kernel-uek < 3.8.13-118.51.2.el7uek oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 oraclelinux kernel-uek < 3.8.13-118.51.2.el6uek oraclelinux-6
Affected pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 oraclelinux kernel-uek-firmware < 3.8.13-118.51.2.el7uek oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 oraclelinux kernel-uek-firmware < 3.8.13-118.51.2.el6uek oraclelinux-6
Affected pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 oraclelinux kernel-uek-doc < 3.8.13-118.51.2.el7uek oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 oraclelinux kernel-uek-doc < 3.8.13-118.51.2.el6uek oraclelinux-6
Affected pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 oraclelinux kernel-uek-devel < 3.8.13-118.51.2.el7uek oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 oraclelinux kernel-uek-devel < 3.8.13-118.51.2.el6uek oraclelinux-6
Affected pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 oraclelinux kernel-uek-debug < 3.8.13-118.51.2.el7uek oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 oraclelinux kernel-uek-debug < 3.8.13-118.51.2.el6uek oraclelinux-6
Affected pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 oraclelinux kernel-uek-debug-devel < 3.8.13-118.51.2.el7uek oraclelinux-7
Affected pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 oraclelinux kernel-uek-debug-devel < 3.8.13-118.51.2.el6uek oraclelinux-6
Affected pkg:rpm/oraclelinux/dtrace-modules-3.8.13-118.51.2.el7uek?distro=oraclelinux-7 oraclelinux dtrace-modules-3.8.13-118.51.2.el7uek < 0.4.5-3.el7 oraclelinux-7
Affected pkg:rpm/oraclelinux/dtrace-modules-3.8.13-118.51.2.el6uek?distro=oraclelinux-6 oraclelinux dtrace-modules-3.8.13-118.51.2.el6uek < 0.4.5-3.el6 oraclelinux-6
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date