[ELSA-2021-2725] kernel security and bug fix update
[3.10.0-1160.36.2.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)
[3.10.0-1160.36.2]
- seq_file: Disallow extremely large seq buffer allocations (Ian Kent) [1975251]
[3.10.0-1160.36.1]
- cipso,calipso: resolve a number of problems with the DOI refcounts (Antoine Tenart) [1967720]
- net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() (Alaa Hleihel) [1962406]
- sched/debug: Fix cgroup_path[] serialization (Waiman Long) [1912221]
- sched/debug: Reset watchdog on all CPUs while processing sysrq-t (Waiman Long) [1912221]
- vt: vt_ioctl: fix use-after-free in vt_in_use() (Vladis Dronov) [1872778]
- vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console (Vladis Dronov) [1872778]
- vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines (Vladis Dronov) [1872778]
- vt: selection, introduce vc_is_sel (Vladis Dronov) [1872778]
- redhat: genspec: generate changelog entries since last release (Augusto Caringi)
[3.10.0-1160.35.1]
- CI: Merge configuration (Veronika Kabatova)
- [pci/aer] Work around use-after-free in pcie_do_fatal_recovery() (Al Stone) [1933663]
- [pci/aer] do not invoke error recovery with non-fatal errors (Al Stone) [1933663]
[3.10.0-1160.34.1]
- futex: remove lockdep_assert_held() in pi_state_update_owner() (Donghai Qiao) [1965495]
- video: hyperv_fb: Add ratelimit on error message (Mohammed Gamal) [1957803]
- Drivers: hv: vmbus: Increase wait time for VMbus unload (Mohammed Gamal) [1957803]
- Drivers: hv: vmbus: Initialize unload_event statically (Mohammed Gamal) [1957803]
- blk-mq: always allow reserved allocation in hctx_may_queue (Ming Lei) [1926825]
- s390/pci: fix out of bounds access during irq setup (Philipp Rudo) [1917943]
- s390/pci: improve irq number check for msix (Philipp Rudo) [1917943]
[3.10.0-1160.33.1]
- CI: Disable result checking for realtime check (Veronika Kabatova)
- CI: Explicitly disable result checking for private CI (Veronika Kabatova)
- CI: Rename variable (Veronika Kabatova)
- mm: memcontrol: switch to rcu protection in drain_all_stock() (Waiman Long) [1957719]
- sctp: Don't add the shutdown timer if its already been added (Xin Long) [1953052]
- media: xirlink_cit: add missing descriptor sanity checks (Mark Langsdorf) [1826877] {CVE-2020-11668}
[3.10.0-1160.32.1]
- Bluetooth: verify AMP hci_chan before amp_destroy (Gopal Tiwari) [1962532] {CVE-2021-33034}
- net: ipv4: route: Fix sending IGMP messages with link address (Hangbin Liu) [1958339]
- hv_netvsc: remove ndo_poll_controller (Mohammed Gamal) [1953075]
- Fix double free in nvme_trans_log_temperature (Gopal Tiwari) [1946793]
- rcu: Call touch_nmi_watchdog() while printing stall warnings (Artem Savkov) [1924688]
- sched/fair: Use RCU accessors consistently for ->numa_group (Rafael Aquini) [1915635] {CVE-2019-20934}
- sched/fair: Don't free p->numa_faults with concurrent readers (Rafael Aquini) [1915635] {CVE-2019-20934}
- sched/numa: Simplify task_numa_compare() (Rafael Aquini) [1915635] {CVE-2019-20934}
- sched/numa: Fix task_numa_free() lockdep splat (Rafael Aquini) [1915635] {CVE-2019-20934}
- sched/numa: Move task_numa_free() to __put_task_struct() (Rafael Aquini) [1915635] {CVE-2019-20934}
- [s390] s390/dasd: fix diag 0x250 inline assembly (Philipp Rudo) [1910395]
- vsock/vmci: log once the failed queue pair allocation (Stefano Garzarella) [1892237]
- VMCI: Stop log spew when qp allocation isn't possible (Stefano Garzarella) [1892237]
- ID
- ELSA-2021-2725
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2021-2725.html
- Published
-
2021-07-21T00:00:00
(3 years ago) - Modified
-
2021-07-21T00:00:00
(3 years ago) - Rights
- Copyright 2021 Oracle, Inc.
- Other Advisories
-
- ALAS-2021-1503
- ALAS-2021-1524
- ALAS2-2021-1685
- ALAS2-2021-1691
- ALSA-2020:4431
- ALSA-2021:2570
- ALSA-2021:2714
- ALSA-2021:4356
- ASA-202107-48
- ASA-202107-49
- ASA-202107-50
- ASA-202107-51
- ASB-A-195082750
- DSA-4698-1
- DSA-4941-1
- ELSA-2020-5691
- ELSA-2020-5708
- ELSA-2020-5715
- ELSA-2021-2570
- ELSA-2021-2714
- ELSA-2021-9002
- ELSA-2021-9346
- ELSA-2021-9349
- ELSA-2021-9351
- ELSA-2021-9362
- ELSA-2021-9363
- ELSA-2021-9368
- ELSA-2021-9369
- ELSA-2021-9370
- ELSA-2021-9371
- ELSA-2021-9372
- ELSA-2021-9374
- ELSA-2021-9395
- ELSA-2021-9404
- ELSA-2021-9406
- ELSA-2021-9407
- ELSA-2021-9410
- FEDORA-2021-07dc0b3eb1
- FEDORA-2021-bae582b42c
- MS:CVE-2020-11668
- MS:CVE-2021-33033
- MS:CVE-2021-33034
- MS:CVE-2021-33909
- openSUSE-SU-2021:0060-1
- openSUSE-SU-2021:0075-1
- openSUSE-SU-2021:0242-1
- openSUSE-SU-2021:0843-1
- openSUSE-SU-2021:0947-1
- openSUSE-SU-2021:1076-1
- openSUSE-SU-2021:1477-1
- openSUSE-SU-2021:1975-1
- openSUSE-SU-2021:1977-1
- openSUSE-SU-2021:2409-1
- openSUSE-SU-2021:2415-1
- openSUSE-SU-2021:2427-1
- openSUSE-SU-2021:3641-1
- openSUSE-SU-2021:3675-1
- openSUSE-SU-2021:3876-1
- RHSA-2020:4431
- RHSA-2020:4609
- RHSA-2021:2563
- RHSA-2021:2570
- RHSA-2021:2599
- RHSA-2021:2714
- RHSA-2021:2715
- RHSA-2021:2716
- RHSA-2021:2725
- RHSA-2021:2726
- RHSA-2021:2727
- RHSA-2021:4140
- RHSA-2021:4356
- RLSA-2021:2570
- RLSA-2021:2714
- SSA:2020-163-01
- SSA:2021-202-01
- SUSE-SU-2020:2491-1
- SUSE-SU-2020:2492-1
- SUSE-SU-2020:2497-1
- SUSE-SU-2020:2498-1
- SUSE-SU-2020:2499-1
- SUSE-SU-2020:2502-1
- SUSE-SU-2020:2505-1
- SUSE-SU-2020:2506-1
- SUSE-SU-2020:2507-1
- SUSE-SU-2020:2513-1
- SUSE-SU-2020:2524-1
- SUSE-SU-2020:2525-1
- SUSE-SU-2020:2526-1
- SUSE-SU-2020:2531-1
- SUSE-SU-2020:3178-1
- SUSE-SU-2020:3219-1
- SUSE-SU-2020:3648-1
- SUSE-SU-2020:3656-1
- SUSE-SU-2020:3705-1
- SUSE-SU-2020:3766-1
- SUSE-SU-2020:3798-1
- SUSE-SU-2021:0096-1
- SUSE-SU-2021:0097-1
- SUSE-SU-2021:0098-1
- SUSE-SU-2021:0108-1
- SUSE-SU-2021:0117-1
- SUSE-SU-2021:0118-1
- SUSE-SU-2021:0133-1
- SUSE-SU-2021:0434-1
- SUSE-SU-2021:0437-1
- SUSE-SU-2021:0438-1
- SUSE-SU-2021:0452-1
- SUSE-SU-2021:1887-1
- SUSE-SU-2021:1888-1
- SUSE-SU-2021:1889-1
- SUSE-SU-2021:1890-1
- SUSE-SU-2021:1891-1
- SUSE-SU-2021:1899-1
- SUSE-SU-2021:1912-1
- SUSE-SU-2021:1913-1
- SUSE-SU-2021:1975-1
- SUSE-SU-2021:1977-1
- SUSE-SU-2021:2020-1
- SUSE-SU-2021:2025-1
- SUSE-SU-2021:2026-1
- SUSE-SU-2021:2027-1
- SUSE-SU-2021:2042-1
- SUSE-SU-2021:2057-1
- SUSE-SU-2021:2060-1
- SUSE-SU-2021:2067-1
- SUSE-SU-2021:2198-1
- SUSE-SU-2021:2208-1
- SUSE-SU-2021:2406-1
- SUSE-SU-2021:2407-1
- SUSE-SU-2021:2408-1
- SUSE-SU-2021:2409-1
- SUSE-SU-2021:2415-1
- SUSE-SU-2021:2416-1
- SUSE-SU-2021:2421-1
- SUSE-SU-2021:2422-1
- SUSE-SU-2021:2427-1
- SUSE-SU-2021:2438-1
- SUSE-SU-2021:2451-1
- SUSE-SU-2021:2487-1
- SUSE-SU-2021:2538-1
- SUSE-SU-2021:2542-1
- SUSE-SU-2021:2559-1
- SUSE-SU-2021:2560-1
- SUSE-SU-2021:2577-1
- SUSE-SU-2021:2584-1
- SUSE-SU-2021:2643-1
- SUSE-SU-2021:2678-1
- SUSE-SU-2021:3641-1
- SUSE-SU-2021:3642-1
- SUSE-SU-2021:3675-1
- SUSE-SU-2021:3723-1
- SUSE-SU-2021:3748-1
- SUSE-SU-2021:3876-1
- SUSE-SU-2021:3929-1
- SUSE-SU-2021:3935-1
- SUSE-SU-2021:3969-1
- USN-4345-1
- USN-4364-1
- USN-4368-1
- USN-4369-1
- USN-4979-1
- USN-4984-1
- USN-4997-1
- USN-4997-2
- USN-5000-1
- USN-5000-2
- USN-5001-1
- USN-5014-1
- USN-5015-1
- USN-5016-1
- USN-5017-1
- USN-5018-1
- USN-5299-1
- USN-5343-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2021-2725 | https://linux.oracle.com/errata/ELSA-2021-2725.html | |
CVE | CVE-2020-11668 | https://linux.oracle.com/cve/CVE-2020-11668.html | |
CVE | CVE-2019-20934 | https://linux.oracle.com/cve/CVE-2019-20934.html | |
CVE | CVE-2021-33034 | https://linux.oracle.com/cve/CVE-2021-33034.html | |
CVE | CVE-2021-33033 | https://linux.oracle.com/cve/CVE-2021-33033.html | |
CVE | CVE-2021-33909 | https://linux.oracle.com/cve/CVE-2021-33909.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux | python-perf | < 3.10.0-1160.36.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux | perf | < 3.10.0-1160.36.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 | oraclelinux | kernel | < 3.10.0-1160.36.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 | oraclelinux | kernel-tools | < 3.10.0-1160.36.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs | < 3.10.0-1160.36.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs-devel | < 3.10.0-1160.36.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 | oraclelinux | kernel-headers | < 3.10.0-1160.36.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 | oraclelinux | kernel-doc | < 3.10.0-1160.36.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 | oraclelinux | kernel-devel | < 3.10.0-1160.36.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 | oraclelinux | kernel-debug | < 3.10.0-1160.36.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-debug-devel | < 3.10.0-1160.36.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 | oraclelinux | kernel-abi-whitelists | < 3.10.0-1160.36.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-7 | oraclelinux | bpftool | < 3.10.0-1160.36.2.el7 | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |