[ELSA-2021-0336] kernel security, bug fix, and enhancement update
[3.10.0-1160.15.2.OL7]
- Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.3
[3.10.0-1160.15.2]
- [fs] nfs: Fix security label length not being reset (Dave Wysochanski) [1917504]
[3.10.0-1160.15.1]
- [fs] ceph: quota: fix null pointer dereference in quota check (Jeff Layton) [1890386]
- [netdrv] revert 'mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query' (Alaa Hleihel) [1896756]
- [kernel] timekeeping_Force_unsigned_clocksource_to_nanoseconds_conversion (Waiman Long) [1890911]
- [kernel] exit: Optimize forget_original_parent() for large thread group exiting (Waiman Long) [1872110]
- [kernel] exit: reparent: call forget_original_parent() under tasklist_lock (Waiman Long) [1872110]
- [kernel] Disable tasklist_waiters when qrwlock is enabled (Waiman Long) [1872110]
- [fs] cifs: handle ERRBaduid for SMB1 (Leif Sahlberg) [1847041]
[3.10.0-1160.14.1]
- [fs] nfsd: fix incorrect umasks ('J. Bruce Fields') [1905208]
- [hv] vmbus: Add timeout to vmbus_wait_for_unload (Mohammed Gamal) [1888979]
- [scsi] qla2xxx: Fix device loss on 4G and older HBAs (Nilesh Javali) [1889311]
- [s390] dasd: Fix zero write for FBA devices (Philipp Rudo) [1896839]
- [net] ipv6: use in6_dev_put in dad timer handler instead of __in6_dev_put (Xin Long) [1809519]
[3.10.0-1160.13.1]
- [s390] zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl (Philipp Rudo) [1896826]
- [block] block/diskstats: more accurate approximation of io_ticks for slow disks (Ming Lei) [1859364]
- [block] block: delete part_round_stats and switch to less precise counting (Ming Lei) [1859364]
- [md] dm: simplify start of block stats accounting for bio-based (Ming Lei) [1859364]
- [block] block/rsxx: use generic io stats accounting functions to simplify io stat accounting (Ming Lei) [1859364]
- [block] drbd: use generic io stats accounting functions to simplify io stat accounting (Ming Lei) [1859364]
- [md] md: use generic io stats accounting functions to simplify io stat accounting (Ming Lei) [1859364]
- [nvme] limit number of IO queues on Dell/Kioxia config (Gopal Tiwari) [1883403]
- [netdrv] hv_netvsc: make recording RSS hash depend on feature flag (Mohammed Gamal) [1898280]
- [netdrv] hv_netvsc: record hardware hash in skb (Mohammed Gamal) [1898280]
- [fs] block: Fix use-after-free in blkdev_get() (Ming Lei) [1902414] {CVE-2020-15436}
[3.10.0-1160.12.1]
- [mm] mmap: relax file size limit for regular files (Rafael Aquini) [1855985]
- [mm] mmap: introduce sane default mmap limits (Rafael Aquini) [1855985]
- [of] Move dynamic node fixups out of powerpc and into common code (Laurent Vivier) [1866138]
- [fs] nfs: Fix double-free in filelayout_alloc_commit_info/filelayout_free_lseg (Benjamin Coddington) [1679980]
- [hid] HID: hid-plantronics: Re-resend Update to map button for PTT products (Torez Smith) [1769502]
- [fs] dlm: make posix locks interruptible (Alexander Aring) [1826858]
- ID
- ELSA-2021-0336
- Severity
- moderate
- URL
- https://linux.oracle.com/errata/ELSA-2021-0336.html
- Published
-
2021-02-03T00:00:00
(3 years ago) - Modified
-
2021-02-03T00:00:00
(3 years ago) - Rights
- Copyright 2021 Oracle, Inc.
- Other Advisories
-
- ASB-A-174737742
- ELSA-2021-9002
- MS:CVE-2020-15436
- openSUSE-SU-2020:2161-1
- openSUSE-SU-2020:2193-1
- openSUSE-SU-2020:2260-1
- openSUSE-SU-2021:0242-1
- RHSA-2021:0336
- RHSA-2021:0338
- SUSE-SU-2020:3713-1
- SUSE-SU-2020:3717-1
- SUSE-SU-2020:3718-1
- SUSE-SU-2020:3748-1
- SUSE-SU-2020:3764-1
- SUSE-SU-2020:3766-1
- SUSE-SU-2020:3798-1
- SUSE-SU-2021:0097-1
- SUSE-SU-2021:0098-1
- SUSE-SU-2021:0434-1
- SUSE-SU-2021:0437-1
- SUSE-SU-2021:0438-1
- SUSE-SU-2021:0452-1
- USN-4752-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2021-0336 | https://linux.oracle.com/errata/ELSA-2021-0336.html | |
CVE | CVE-2020-15436 | https://linux.oracle.com/cve/CVE-2020-15436.html | |
CVE | CVE-2020-35513 | https://linux.oracle.com/cve/CVE-2020-35513.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux | python-perf | < 3.10.0-1160.15.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux | perf | < 3.10.0-1160.15.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 | oraclelinux | kernel | < 3.10.0-1160.15.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 | oraclelinux | kernel-tools | < 3.10.0-1160.15.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs | < 3.10.0-1160.15.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs-devel | < 3.10.0-1160.15.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 | oraclelinux | kernel-headers | < 3.10.0-1160.15.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 | oraclelinux | kernel-doc | < 3.10.0-1160.15.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 | oraclelinux | kernel-devel | < 3.10.0-1160.15.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 | oraclelinux | kernel-debug | < 3.10.0-1160.15.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-debug-devel | < 3.10.0-1160.15.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 | oraclelinux | kernel-abi-whitelists | < 3.10.0-1160.15.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-7 | oraclelinux | bpftool | < 3.10.0-1160.15.2.el7 | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |