[ELSA-2021-3801] kernel security and bug fix update
[3.10.0-1160.45.1.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)
[3.10.0-1160.45.1]
- CI: handle RT branches in a single config (Veronika Kabatova)
- CI: Drop private CI config (Veronika Kabatova)
- CI: extend template use (Veronika Kabatova)
- mm: page_counter: mitigate consequences of a page_counter underflow (Scott Wood) [2000973]
- KVM: nSVM: always intercept VMLOAD/VMSAVE when nested(CVE-2021-3656) (Jon Maloy) [1985425] {CVE-2021-3656}
- KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted (Marcelo Tosatti) [1991856]
- KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) (Jon Maloy) [1985408] {CVE-2021-3653}
- scsi: qedf: Initiate cleanup for ELS commands as well (Nilesh Javali) [1982702]
[3.10.0-1160.44.1]
- fs: dlm: change handling of reconnects (Bob Peterson) [1834878]
- DLM: fix NULL pointer dereference in send_to_sock() (Bob Peterson) [1834878]
- DLM: fix to reschedule rwork (Bob Peterson) [1834878]
- DLM: fix to use sk_callback_lock correctly (Bob Peterson) [1834878]
- DLM: fix overflow dlm_cb_seq (Bob Peterson) [1834878]
- DLM: fix conversion deadlock when DLM_LKF_NODLCKWT flag is set (Bob Peterson) [1834878]
- DLM: use CF_CLOSE flag to stop dlm_send correctly (Bob Peterson) [1834878]
- DLM: Reanimate CF_WRITE_PENDING flag (Bob Peterson) [1834878]
- DLM: fix race condition between dlm_recoverd_stop and dlm_recoverd (Bob Peterson) [1834878]
- DLM: close othercon at send/receive error (Bob Peterson) [1834878]
- DLM: retry rcom when dlm_wait_function is timed out. (Bob Peterson) [1834878]
- DLM: fix to use sock_mutex correctly in xxx_accept_from_sock (Bob Peterson) [1834878]
- DLM: fix race condition between dlm_send and dlm_recv (Bob Peterson) [1834878]
- DLM: fix double list_del() (Bob Peterson) [1834878]
- DLM: Eliminate CF_WRITE_PENDING flag (Bob Peterson) [1834878]
- KVM: do not allow mapping valid but non-reference-counted pages (Jon Maloy) [1975511]
- vxlan: check return value of gro_cells_init() (Aristeu Rozanski) [1970618]
- KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (Jon Maloy) [1988218] {CVE-2021-37576}
[3.10.0-1160.43.1]
- PCI: hv: Add support for protocol 1.3 and support PCI_BUS_RELATIONS2 (Mohammed Gamal) [1984128]
- PCI: hv: Decouple the func definition in hv_dr_state from VSP message (Mohammed Gamal) [1984128]
- PCI: hv: Only queue new work items in hv_pci_devices_present() if necessary (Mohammed Gamal) [1984128]
- i40e: improve locking of mac_filter_hash (Stefan Assmann) [1993850]
- i40e: always propagate error value in i40e_set_vsi_promisc() (Stefan Assmann) [1993850]
- i40e: fix return of uninitialized aq_ret in i40e_set_vsi_promisc (Stefan Assmann) [1993850]
- i40e: Remove scheduling while atomic possibility (Stefan Assmann) [1993850]
- scsi: lpfc: Fix pt2pt discovery on SLI3 HBAs (Dick Kennedy) [1922479]
- qed: Disable 'MFW indication via attention' SPAM every 5 minutes (Manish Chopra) [1854544]
- NFS: Fix a performance regression caused by buffered IO locking (Benjamin Coddington) [1995649]
- ID
- ELSA-2021-3801
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2021-3801.html
- Published
-
2021-10-12T00:00:00
(2 years ago) - Modified
-
2021-10-12T00:00:00
(2 years ago) - Rights
- Copyright 2021 Oracle, Inc.
- Other Advisories
-
- ALAS-2021-1539
- ALAS2-2021-1699
- ALAS2-2021-1704
- ALSA-2021:3057
- ALSA-2021:3447
- ALSA-2021:3548
- ALSA-2021:4056
- DSA-4978-1
- ELSA-2021-3057
- ELSA-2021-3447
- ELSA-2021-3548
- ELSA-2021-4056
- ELSA-2021-9419
- ELSA-2021-9420
- ELSA-2021-9421
- ELSA-2021-9422
- ELSA-2021-9450
- ELSA-2021-9451
- ELSA-2021-9452
- ELSA-2021-9453
- ELSA-2021-9564
- ELSA-2021-9565
- ELSA-2022-9244
- ELSA-2022-9245
- FEDORA-2021-12618d9b08
- FEDORA-2021-33819e6b09
- FEDORA-2021-817b3d47d2
- FEDORA-2021-95f2f1cfc7
- FEDORA-2021-a424256622
- FEDORA-2021-fe826f202e
- MS:CVE-2021-3653
- MS:CVE-2021-3656
- openSUSE-SU-2021:1142-1
- openSUSE-SU-2021:1271-1
- openSUSE-SU-2021:2645-1
- openSUSE-SU-2021:2687-1
- openSUSE-SU-2021:3179-1
- openSUSE-SU-2021:3205-1
- openSUSE-SU-2021:3876-1
- RHSA-2021:3044
- RHSA-2021:3057
- RHSA-2021:3088
- RHSA-2021:3436
- RHSA-2021:3447
- RHSA-2021:3547
- RHSA-2021:3548
- RHSA-2021:3768
- RHSA-2021:3801
- RHSA-2021:3802
- RHSA-2021:4056
- RHSA-2021:4088
- RLSA-2021:3057
- RLSA-2021:3447
- RLSA-2021:4088
- SSA:2022-031-01
- SUSE-SU-2021:2643-1
- SUSE-SU-2021:2644-1
- SUSE-SU-2021:2645-1
- SUSE-SU-2021:2646-1
- SUSE-SU-2021:2647-1
- SUSE-SU-2021:2678-1
- SUSE-SU-2021:2687-1
- SUSE-SU-2021:2695-1
- SUSE-SU-2021:2746-1
- SUSE-SU-2021:2756-1
- SUSE-SU-2021:2842-1
- SUSE-SU-2021:2846-1
- SUSE-SU-2021:3073-1
- SUSE-SU-2021:3177-1
- SUSE-SU-2021:3178-1
- SUSE-SU-2021:3179-1
- SUSE-SU-2021:3192-1
- SUSE-SU-2021:3196-1
- SUSE-SU-2021:3205-1
- SUSE-SU-2021:3205-2
- SUSE-SU-2021:3206-1
- SUSE-SU-2021:3207-1
- SUSE-SU-2021:3217-1
- SUSE-SU-2021:3415-1
- SUSE-SU-2021:3876-1
- SUSE-SU-2021:3929-1
- SUSE-SU-2021:3935-1
- SUSE-SU-2021:3969-1
- SUSE-SU-2021:3972-1
- USN-5062-1
- USN-5070-1
- USN-5071-1
- USN-5071-2
- USN-5071-3
- USN-5072-1
- USN-5073-1
- USN-5073-2
- USN-5082-1
- USN-5091-1
- USN-5092-1
- USN-5092-2
- USN-5094-1
- USN-5094-2
- USN-5106-1
- USN-5120-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2021-3801 | https://linux.oracle.com/errata/ELSA-2021-3801.html | |
CVE | CVE-2021-3653 | https://linux.oracle.com/cve/CVE-2021-3653.html | |
CVE | CVE-2021-37576 | https://linux.oracle.com/cve/CVE-2021-37576.html | |
CVE | CVE-2021-22543 | https://linux.oracle.com/cve/CVE-2021-22543.html | |
CVE | CVE-2021-3656 | https://linux.oracle.com/cve/CVE-2021-3656.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux | python-perf | < 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux | perf | < 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 | oraclelinux | kernel | < 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 | oraclelinux | kernel-tools | < 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs | < 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs-devel | < 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 | oraclelinux | kernel-headers | < 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 | oraclelinux | kernel-doc | < 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 | oraclelinux | kernel-devel | < 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 | oraclelinux | kernel-debug | < 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-debug-devel | < 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 | oraclelinux | kernel-abi-whitelists | < 3.10.0-1160.45.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-7 | oraclelinux | bpftool | < 3.10.0-1160.45.1.el7 | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |