[ELSA-2021-3801] kernel security and bug fix update
[3.10.0-1160.45.1.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)
[3.10.0-1160.45.1]
- CI: handle RT branches in a single config (Veronika Kabatova)
- CI: Drop private CI config (Veronika Kabatova)
- CI: extend template use (Veronika Kabatova)
- mm: page_counter: mitigate consequences of a page_counter underflow (Scott Wood) [2000973]
- KVM: nSVM: always intercept VMLOAD/VMSAVE when nested(CVE-2021-3656) (Jon Maloy) [1985425] {CVE-2021-3656}
- KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted (Marcelo Tosatti) [1991856]
- KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) (Jon Maloy) [1985408] {CVE-2021-3653}
- scsi: qedf: Initiate cleanup for ELS commands as well (Nilesh Javali) [1982702]
[3.10.0-1160.44.1]
- fs: dlm: change handling of reconnects (Bob Peterson) [1834878]
- DLM: fix NULL pointer dereference in send_to_sock() (Bob Peterson) [1834878]
- DLM: fix to reschedule rwork (Bob Peterson) [1834878]
- DLM: fix to use sk_callback_lock correctly (Bob Peterson) [1834878]
- DLM: fix overflow dlm_cb_seq (Bob Peterson) [1834878]
- DLM: fix conversion deadlock when DLM_LKF_NODLCKWT flag is set (Bob Peterson) [1834878]
- DLM: use CF_CLOSE flag to stop dlm_send correctly (Bob Peterson) [1834878]
- DLM: Reanimate CF_WRITE_PENDING flag (Bob Peterson) [1834878]
- DLM: fix race condition between dlm_recoverd_stop and dlm_recoverd (Bob Peterson) [1834878]
- DLM: close othercon at send/receive error (Bob Peterson) [1834878]
- DLM: retry rcom when dlm_wait_function is timed out. (Bob Peterson) [1834878]
- DLM: fix to use sock_mutex correctly in xxx_accept_from_sock (Bob Peterson) [1834878]
- DLM: fix race condition between dlm_send and dlm_recv (Bob Peterson) [1834878]
- DLM: fix double list_del() (Bob Peterson) [1834878]
- DLM: Eliminate CF_WRITE_PENDING flag (Bob Peterson) [1834878]
- KVM: do not allow mapping valid but non-reference-counted pages (Jon Maloy) [1975511]
- vxlan: check return value of gro_cells_init() (Aristeu Rozanski) [1970618]
- KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (Jon Maloy) [1988218] {CVE-2021-37576}
[3.10.0-1160.43.1]
- PCI: hv: Add support for protocol 1.3 and support PCI_BUS_RELATIONS2 (Mohammed Gamal) [1984128]
- PCI: hv: Decouple the func definition in hv_dr_state from VSP message (Mohammed Gamal) [1984128]
- PCI: hv: Only queue new work items in hv_pci_devices_present() if necessary (Mohammed Gamal) [1984128]
- i40e: improve locking of mac_filter_hash (Stefan Assmann) [1993850]
- i40e: always propagate error value in i40e_set_vsi_promisc() (Stefan Assmann) [1993850]
- i40e: fix return of uninitialized aq_ret in i40e_set_vsi_promisc (Stefan Assmann) [1993850]
- i40e: Remove scheduling while atomic possibility (Stefan Assmann) [1993850]
- scsi: lpfc: Fix pt2pt discovery on SLI3 HBAs (Dick Kennedy) [1922479]
- qed: Disable 'MFW indication via attention' SPAM every 5 minutes (Manish Chopra) [1854544]
- NFS: Fix a performance regression caused by buffered IO locking (Benjamin Coddington) [1995649]
- ID
- ELSA-2021-3801
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2021-3801.html
- Published
-
2021-10-12T00:00:00
(2 years ago) - Modified
-
2021-10-12T00:00:00
(2 years ago) - Rights
- Copyright 2021 Oracle, Inc.
- Other Advisories
-
-
ALAS-2021-1539
-
ALAS2-2021-1699
-
ALAS2-2021-1704
-
ALSA-2021:3057
-
ALSA-2021:3447
-
ALSA-2021:3548
-
ALSA-2021:4056
-
DSA-4978-1
-
ELSA-2021-3057
-
ELSA-2021-3447
-
ELSA-2021-3548
-
ELSA-2021-4056
-
ELSA-2021-9419
-
ELSA-2021-9420
-
ELSA-2021-9421
-
ELSA-2021-9422
-
ELSA-2021-9450
-
ELSA-2021-9451
-
ELSA-2021-9452
-
ELSA-2021-9453
-
ELSA-2021-9564
-
ELSA-2021-9565
-
ELSA-2022-9244
-
ELSA-2022-9245
-
FEDORA-2021-12618d9b08
-
FEDORA-2021-33819e6b09
-
FEDORA-2021-817b3d47d2
-
FEDORA-2021-95f2f1cfc7
-
FEDORA-2021-a424256622
-
FEDORA-2021-fe826f202e
-
MS:CVE-2021-3653
-
MS:CVE-2021-3656
-
openSUSE-SU-2021:1142-1
-
openSUSE-SU-2021:1271-1
-
openSUSE-SU-2021:2645-1
-
openSUSE-SU-2021:2687-1
-
openSUSE-SU-2021:3179-1
-
openSUSE-SU-2021:3205-1
-
openSUSE-SU-2021:3876-1
-
RHSA-2021:3044
-
RHSA-2021:3057
-
RHSA-2021:3088
-
RHSA-2021:3436
-
RHSA-2021:3447
-
RHSA-2021:3547
-
RHSA-2021:3548
-
RHSA-2021:3768
-
RHSA-2021:3801
-
RHSA-2021:3802
-
RHSA-2021:4056
-
RHSA-2021:4088
-
RLSA-2021:3057
-
RLSA-2021:3447
-
RLSA-2021:4088
-
SSA:2022-031-01
-
SUSE-SU-2021:2643-1
-
SUSE-SU-2021:2644-1
-
SUSE-SU-2021:2645-1
-
SUSE-SU-2021:2646-1
-
SUSE-SU-2021:2647-1
-
SUSE-SU-2021:2678-1
-
SUSE-SU-2021:2687-1
-
SUSE-SU-2021:2695-1
-
SUSE-SU-2021:2746-1
-
SUSE-SU-2021:2756-1
-
SUSE-SU-2021:2842-1
-
SUSE-SU-2021:2846-1
-
SUSE-SU-2021:3073-1
-
SUSE-SU-2021:3177-1
-
SUSE-SU-2021:3178-1
-
SUSE-SU-2021:3179-1
-
SUSE-SU-2021:3192-1
-
SUSE-SU-2021:3196-1
-
SUSE-SU-2021:3205-1
-
SUSE-SU-2021:3205-2
-
SUSE-SU-2021:3206-1
-
SUSE-SU-2021:3207-1
-
SUSE-SU-2021:3217-1
-
SUSE-SU-2021:3415-1
-
SUSE-SU-2021:3876-1
-
SUSE-SU-2021:3929-1
-
SUSE-SU-2021:3935-1
-
SUSE-SU-2021:3969-1
-
SUSE-SU-2021:3972-1
-
USN-5062-1
-
USN-5070-1
-
USN-5071-1
-
USN-5071-2
-
USN-5071-3
-
USN-5072-1
-
USN-5073-1
-
USN-5073-2
-
USN-5082-1
-
USN-5091-1
-
USN-5092-1
-
USN-5092-2
-
USN-5094-1
-
USN-5094-2
-
USN-5106-1
-
USN-5120-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2021-3801 |
|
|
| CVE | CVE-2021-3653 |
|
|
| CVE | CVE-2021-37576 |
|
|
| CVE | CVE-2021-22543 |
|
|
| CVE | CVE-2021-3656 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux |
 python-perf
|
< 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux |
perf
|
< 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 | oraclelinux |
kernel
|
< 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 | oraclelinux |
kernel-tools
|
< 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 | oraclelinux |
kernel-tools-libs
|
< 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 | oraclelinux |
kernel-tools-libs-devel
|
< 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 | oraclelinux |
kernel-headers
|
< 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 | oraclelinux |
kernel-doc
|
< 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 | oraclelinux |
kernel-devel
|
< 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 | oraclelinux |
kernel-debug
|
< 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 | oraclelinux |
kernel-debug-devel
|
< 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 | oraclelinux |
kernel-abi-whitelists
|
< 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-7 | oraclelinux |
bpftool
|
< 3.10.0-1160.45.1.el7 | oraclelinux-7 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |