[ELSA-2021-2314] kernel security and bug fix update
[3.10.0-1160.31.1.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)
[3.10.0-1160.31.1]
- mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() (Philipp Rudo) [1917840]
- scsi: qla2xxx: Fix the call trace for flush workqueue (Nilesh Javali) [1937945]
- futex: Handle faults correctly for PI futexes (Donghai Qiao) [1935108] {CVE-2021-3347}
- futex: Provide and use pi_state_update_owner() (Donghai Qiao) [1935108] {CVE-2021-3347}
- futex: Replace pointless printk in fixup_owner() (Donghai Qiao) [1935108] {CVE-2021-3347}
- futex: Ensure the correct return value from futex_lock_pi() (Donghai Qiao) [1935108] {CVE-2021-3347}
- scsi: qla2xxx: Remove WARN_ON_ONCE in qla2x00_status_cont_entry() (Nilesh Javali) [1933784]
- scsi: zfcp: add handling for FCP_RESID_OVER to the fcp ingress path (Philipp Rudo) [1917839]
- net: netfilter: Avoid deadlock when loading logger backend (Phil Sutter) [1858329]
- net: netfilter: Link nfnetlink into bzImage (Phil Sutter) [1858329]
[3.10.0-1160.30.1]
- pf: Prohibit alu ops for pointer types not defining ptr_limit (Jiri Olsa) [1942689] {CVE-2020-27170}
- bpf: Add sanity check for upper ptr_limit (Jiri Olsa) [1942689] {CVE-2020-27170}
- bpf: Simplify alu_limit masking for pointer arithmetic (Jiri Olsa) [1942689] {CVE-2020-27170}
- bpf: Fix off-by-one for area size in creating mask to left (Jiri Olsa) [1942689] {CVE-2020-27170}
- netxen_nic: fix MSI/MSI-x interrupts (Tony Camuso) [1894274]
- block: fix use-after-free on cached last_lookup partition (Ming Lei) [1898596]
- mm: reduce struct page_cgroup overhead when page_owner is not enabled (Rafael Aquini) [1948451]
- vt: selection, close sel_buffer race (Chris von Recklinghausen) [1831034] {CVE-2020-8648}
[3.10.0-1160.29.1]
- drm/i915: warn on guc enable about CVE (Dave Airlie) [1935277] {CVE-2020-12362}
- sched: prevent divide by zero error in scale_rt_power() (Phil Auld) [1910763]
- x86/efi: reset the correct tlb_state in efi_switch_mm() (Rafael Aquini) [1837531]
- x86/mm, sched/core: Turn off IRQs in switch_mm() (Rafael Aquini) [1837531]
- x86/mm, sched/core: Uninline switch_mm() (Rafael Aquini) [1837531]
- x86/mm: Build arch/x86/mm/tlb.c even on !SMP (Rafael Aquini) [1837531]
- hpsa: fix regression issue for old controllers (Joseph Szczypek) [1830268]
- scsi: hpsa: Correct dev cmds outstanding for retried cmds (Joseph Szczypek) [1830268]
[3.10.0-1160.28.1]
- i40e: acquire VSI pointer only after VF is initialized (Stefan Assmann) [1886003]
- ACPICA: Store GPE register enable masks upfront (Al Stone) [1883174]
- netfilter: nf_tables: validate NFTA_SET_TABLE parameter (Phil Sutter) [1873171]
- sctp: change to hold/put transport for proto_unreach_timer (Xin Long) [1707184]
[3.10.0-1160.27.1]
- video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (Mohammed Gamal) [1941841]
- Drivers: hv: vmbus: enable VMBus protocol version 5.0 (Mohammed Gamal) [1941841]
- redhat: Add git suffix to realtime_check merge_tree (Juri Lelli)
[3.10.0-1160.26.1]
- selinux: fix deadlock in security_set_bools() (Ondrej Mosnacek) [1939091]
- md: fix md io stats accounting broken (Ming Lei) [1927106]
- redhat: Fix realtime_check for -private (Juri Lelli)
- ID
- ELSA-2021-2314
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2021-2314.html
- Published
-
2021-06-10T00:00:00
(3 years ago) - Modified
-
2021-06-10T00:00:00
(3 years ago) - Rights
- Copyright 2021 Oracle, Inc.
- Other Advisories
-
- ALAS-2020-1360
- ALAS-2021-1480
- ALAS2-2020-1405
- ALAS2-2021-1600
- ALSA-2020:4431
- ALSA-2021:1093
- ALSA-2021:1578
- ALSA-2021:1620
- ASA-202102-23
- ASB-A-171705902
- DSA-4698-1
- DSA-4843-1
- ELSA-2020-5670
- ELSA-2020-5676
- ELSA-2021-1093
- ELSA-2021-1578
- ELSA-2021-9084
- ELSA-2021-9085
- ELSA-2021-9086
- ELSA-2021-9087
- ELSA-2021-9140
- ELSA-2021-9141
- ELSA-2021-9222
- ELSA-2021-9223
- ELSA-2021-9434
- FEDORA-2021-6e805a5051
- FEDORA-2021-879c756377
- FEDORA-2021-9503fffad9
- FEDORA-2021-e49da8a226
- FEDORA-2021-f0181b8085
- MS:CVE-2020-27170
- MS:CVE-2020-8648
- MS:CVE-2021-3347
- openSUSE-SU-2020:0336-1
- openSUSE-SU-2021:0241-1
- openSUSE-SU-2021:0393-1
- openSUSE-SU-2021:0407-1
- openSUSE-SU-2021:0532-1
- openSUSE-SU-2021:0758-1
- openSUSE-SU-2021:1975-1
- openSUSE-SU-2021:1977-1
- RHSA-2020:4431
- RHSA-2020:4609
- RHSA-2021:1081
- RHSA-2021:1093
- RHSA-2021:1578
- RHSA-2021:1620
- RHSA-2021:1739
- RHSA-2021:2285
- RHSA-2021:2314
- RHSA-2021:2316
- SSA:2020-086-01
- SUSE-SU-2020:0511-1
- SUSE-SU-2020:0558-1
- SUSE-SU-2020:0559-1
- SUSE-SU-2020:0560-1
- SUSE-SU-2020:0580-1
- SUSE-SU-2020:0584-1
- SUSE-SU-2020:0649-1
- SUSE-SU-2020:0667-1
- SUSE-SU-2020:0688-1
- SUSE-SU-2020:0836-1
- SUSE-SU-2020:1255-1
- SUSE-SU-2020:1275-1
- SUSE-SU-2020:1663-1
- SUSE-SU-2021:0347-1
- SUSE-SU-2021:0348-1
- SUSE-SU-2021:0353-1
- SUSE-SU-2021:0354-1
- SUSE-SU-2021:0427-1
- SUSE-SU-2021:0433-1
- SUSE-SU-2021:0434-1
- SUSE-SU-2021:0437-1
- SUSE-SU-2021:0438-1
- SUSE-SU-2021:0452-1
- SUSE-SU-2021:0532-1
- SUSE-SU-2021:0694-1
- SUSE-SU-2021:0735-1
- SUSE-SU-2021:0738-1
- SUSE-SU-2021:0741-1
- SUSE-SU-2021:0809-1
- SUSE-SU-2021:0818-1
- SUSE-SU-2021:0823-1
- SUSE-SU-2021:0826-1
- SUSE-SU-2021:0840-1
- SUSE-SU-2021:0841-1
- SUSE-SU-2021:0842-1
- SUSE-SU-2021:0849-1
- SUSE-SU-2021:0853-1
- SUSE-SU-2021:0859-1
- SUSE-SU-2021:0868-1
- SUSE-SU-2021:0870-1
- SUSE-SU-2021:1175-1
- SUSE-SU-2021:1176-1
- SUSE-SU-2021:1177-1
- SUSE-SU-2021:1210-1
- SUSE-SU-2021:1211-1
- SUSE-SU-2021:1238-1
- SUSE-SU-2021:1573-1
- SUSE-SU-2021:1596-1
- SUSE-SU-2021:1624-1
- SUSE-SU-2021:1625-1
- SUSE-SU-2021:1975-1
- SUSE-SU-2021:1977-1
- USN-4342-1
- USN-4344-1
- USN-4345-1
- USN-4346-1
- USN-4878-1
- USN-4884-1
- USN-4887-1
- USN-4890-1
- USN-4907-1
- USN-4910-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2021-2314 | https://linux.oracle.com/errata/ELSA-2021-2314.html | |
CVE | CVE-2020-8648 | https://linux.oracle.com/cve/CVE-2020-8648.html | |
CVE | CVE-2020-27170 | https://linux.oracle.com/cve/CVE-2020-27170.html | |
CVE | CVE-2020-12362 | https://linux.oracle.com/cve/CVE-2020-12362.html | |
CVE | CVE-2021-3347 | https://linux.oracle.com/cve/CVE-2021-3347.html | |
CVE | CVE-2020-12363 | https://linux.oracle.com/cve/CVE-2020-12363.html | |
CVE | CVE-2020-12364 | https://linux.oracle.com/cve/CVE-2020-12364.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux | python-perf | < 3.10.0-1160.31.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux | perf | < 3.10.0-1160.31.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 | oraclelinux | kernel | < 3.10.0-1160.31.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 | oraclelinux | kernel-tools | < 3.10.0-1160.31.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs | < 3.10.0-1160.31.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs-devel | < 3.10.0-1160.31.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 | oraclelinux | kernel-headers | < 3.10.0-1160.31.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 | oraclelinux | kernel-doc | < 3.10.0-1160.31.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 | oraclelinux | kernel-devel | < 3.10.0-1160.31.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 | oraclelinux | kernel-debug | < 3.10.0-1160.31.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-debug-devel | < 3.10.0-1160.31.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 | oraclelinux | kernel-abi-whitelists | < 3.10.0-1160.31.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-7 | oraclelinux | bpftool | < 3.10.0-1160.31.1.el7 | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |