[ELSA-2021-9006] Unbreakable Enterprise kernel security update
[5.4.17-2036.102.0.2uek]
- xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel Wieczorkiewicz) [Orabug: 32260252] {CVE-2020-29569}
- xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
- xen/xenbus: Count pending messages for each watch (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
- xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
- xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
- xen/xenbus: Allow watches discard events before queueing (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
[5.4.17-2036.102.0.1uek]
- target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 32248035] {CVE-2020-28374}
[5.4.17-2036.102.0uek]
- futex: Fix inode life-time issue (Peter Zijlstra) [Orabug: 32233515] {CVE-2020-14381}
- perf/core: Fix race in the perf_mmap_close() function (Jiri Olsa) [Orabug: 32233352] {CVE-2020-14351}
- intel_idle: Customize IceLake server support (Chen Yu) [Orabug: 32218858]
- dm crypt: Allow unaligned bio buffer lengths for skcipher devices (Sudhakar Panneerselvam) [Orabug: 32210418]
- vhost scsi: fix lun reset completion handling (Mike Christie) [Orabug: 32167069]
- vhost scsi: Add support for LUN resets. (Mike Christie) [Orabug: 32167069]
- vhost scsi: add lun parser helper (Mike Christie) [Orabug: 32167069]
- vhost scsi: fix cmd completion race (Mike Christie) [Orabug: 32167069]
- vhost scsi: alloc cmds per vq instead of session (Mike Christie) [Orabug: 32167069]
- vhost: Create accessors for virtqueues private_data (Eugenio Perez) [Orabug: 32167069]
- vhost: add helper to check if a vq has been setup (Mike Christie) [Orabug: 32167069]
- scsi: sd: Allow user to configure command retries (Mike Christie) [Orabug: 32167069]
- scsi: core: Add limitless cmd retry support (Mike Christie) [Orabug: 32167069]
- scsi: mpt3sas: Update driver version to 36.100.00.00 (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Handle trigger page after firmware update (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Add persistent MPI trigger page (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Add persistent SCSI sense trigger page (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Add persistent Event trigger page (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Add persistent Master trigger page (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Add persistent trigger pages support (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Sync time periodically between driver and firmware (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Bump driver version to 35.101.00.00 (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Add module parameter multipath_on_hba (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Handle vSES vphy object during HBA reset (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Add bypass_dirty_port_flag parameter (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Handling HBA vSES device (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Set valid PhysicalPort in SMPPassThrough (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Update hba_port objects after host reset (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Get sas_device objects using device's rphy (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Rename transport_del_phy_from_an_existing_port() (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Get device objects using sas_address & portID (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Update hba_port's sas_address & phy_mask (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Rearrange _scsih_mark_responding_sas_device() (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Allocate memory for hba_port objects (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Define hba_port structure (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Fix ioctl timeout (Suganath Prabu S) [Orabug: 32242279]
- icmp: randomize the global rate limiter (Eric Dumazet) [Orabug: 32227958] {CVE-2020-25705}
- perf/x86/intel/uncore: Add box_offsets for free-running counters (Kan Liang) [Orabug: 32020885]
- perf/x86/intel/uncore: Factor out __snr_uncore_mmio_init_box (Kan Liang) [Orabug: 32020885]
- perf/x86/intel/uncore: Add Ice Lake server uncore support (Kan Liang) [Orabug: 32020885]
- ID
- ELSA-2021-9006
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2021-9006.html
- Published
-
2021-01-12T00:00:00
(3 years ago) - Modified
-
2021-01-12T00:00:00
(3 years ago) - Rights
- Copyright 2021 Oracle, Inc.
- Other Advisories
-
- ALAS-2021-1461
- ALAS-2021-1477
- ALAS-2021-1480
- ALAS2-2020-1566
- ALAS2-2021-1588
- ALAS2-2021-1600
- ALPINE:CVE-2020-29568
- ALPINE:CVE-2020-29569
- ALSA-2020:4431
- ALSA-2021:0558
- ALSA-2021:1093
- ASA-202101-30
- ASA-202101-31
- ASA-202101-32
- ASA-202101-33
- ASB-A-174737972
- ASB-A-175193031
- DSA-4843-1
- ELSA-2021-0558
- ELSA-2021-0856
- ELSA-2021-1093
- ELSA-2021-9002
- ELSA-2021-9005
- ELSA-2021-9007
- ELSA-2021-9008
- ELSA-2021-9009
- ELSA-2021-9023
- ELSA-2021-9024
- ELSA-2021-9025
- ELSA-2021-9030
- ELSA-2021-9035
- ELSA-2021-9037
- ELSA-2021-9038
- ELSA-2021-9039
- ELSA-2021-9306
- ELSA-2021-9307
- FEDORA-2021-082e638d02
- FEDORA-2021-4a91649cf3
- FEDORA-2021-620fb40359
- FREEBSD:5D91370B-61FD-11EB-B87A-901B0EF719AB
- GLSA-202107-30
- MS:CVE-2020-14351
- MS:CVE-2020-14381
- MS:CVE-2020-25705
- MS:CVE-2020-28374
- MS:CVE-2020-29569
- openSUSE-SU-2020:1655-1
- openSUSE-SU-2020:1906-1
- openSUSE-SU-2020:2034-1
- openSUSE-SU-2020:2112-1
- openSUSE-SU-2020:2161-1
- openSUSE-SU-2021:0060-1
- openSUSE-SU-2021:0075-1
- openSUSE-SU-2021:0241-1
- openSUSE-SU-2021:0242-1
- RHSA-2020:4431
- RHSA-2020:4609
- RHSA-2021:0537
- RHSA-2021:0558
- RHSA-2021:0856
- RHSA-2021:0857
- RHSA-2021:0862
- RHSA-2021:1081
- RHSA-2021:1093
- SUSE-SU-2020:2904-1
- SUSE-SU-2020:2905-1
- SUSE-SU-2020:2906-1
- SUSE-SU-2020:2907-1
- SUSE-SU-2020:2999-1
- SUSE-SU-2020:3014-1
- SUSE-SU-2020:3122-1
- SUSE-SU-2020:3178-1
- SUSE-SU-2020:3180-1
- SUSE-SU-2020:3188-1
- SUSE-SU-2020:3190-1
- SUSE-SU-2020:3204-1
- SUSE-SU-2020:3210-1
- SUSE-SU-2020:3219-1
- SUSE-SU-2020:3222-1
- SUSE-SU-2020:3225-1
- SUSE-SU-2020:3272-1
- SUSE-SU-2020:3273-1
- SUSE-SU-2020:3281-1
- SUSE-SU-2020:3326-1
- SUSE-SU-2020:3484-1
- SUSE-SU-2020:3491-1
- SUSE-SU-2020:3501-1
- SUSE-SU-2020:3503-1
- SUSE-SU-2020:3507-1
- SUSE-SU-2020:3512-1
- SUSE-SU-2020:3513-1
- SUSE-SU-2020:3522-1
- SUSE-SU-2020:3532-1
- SUSE-SU-2020:3544-1
- SUSE-SU-2020:3651-1
- SUSE-SU-2020:3670-1
- SUSE-SU-2020:3690-1
- SUSE-SU-2020:3717-1
- SUSE-SU-2020:3764-1
- SUSE-SU-2021:0117-1
- SUSE-SU-2021:0118-1
- SUSE-SU-2021:0133-1
- SUSE-SU-2021:0347-1
- SUSE-SU-2021:0348-1
- SUSE-SU-2021:0353-1
- SUSE-SU-2021:0354-1
- SUSE-SU-2021:0359-1
- SUSE-SU-2021:0362-1
- SUSE-SU-2021:0367-1
- SUSE-SU-2021:0377-1
- SUSE-SU-2021:0386-1
- SUSE-SU-2021:0408-1
- SUSE-SU-2021:0427-1
- SUSE-SU-2021:0433-1
- SUSE-SU-2021:0434-1
- SUSE-SU-2021:0437-1
- SUSE-SU-2021:0438-1
- SUSE-SU-2021:0452-1
- SUSE-SU-2021:0532-1
- SUSE-SU-2021:0743-1
- SUSE-SU-2021:0744-1
- SUSE-SU-2021:0818-1
- SUSE-SU-2021:0823-1
- SUSE-SU-2021:0826-1
- SUSE-SU-2021:0835-1
- SUSE-SU-2021:0841-1
- SUSE-SU-2021:0842-1
- SUSE-SU-2021:0849-1
- SUSE-SU-2021:0853-1
- SUSE-SU-2021:0859-1
- SUSE-SU-2021:0868-1
- SUSE-SU-2021:0870-1
- USN-4657-1
- USN-4658-1
- USN-4659-1
- USN-4660-1
- USN-4680-1
- USN-4694-1
- USN-4709-1
- USN-4711-1
- USN-4713-1
- USN-4713-2
- USN-4748-1
- USN-4749-1
- USN-4750-1
- USN-4751-1
- USN-4753-1
- USN-4876-1
- USN-4901-1
- USN-4912-1
- XSA-349
- XSA-350
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2021-9006 | https://linux.oracle.com/errata/ELSA-2021-9006.html | |
CVE | CVE-2020-14351 | https://linux.oracle.com/cve/CVE-2020-14351.html | |
CVE | CVE-2020-25705 | https://linux.oracle.com/cve/CVE-2020-25705.html | |
CVE | CVE-2020-14381 | https://linux.oracle.com/cve/CVE-2020-14381.html | |
CVE | CVE-2020-29568 | https://linux.oracle.com/cve/CVE-2020-29568.html | |
CVE | CVE-2020-29569 | https://linux.oracle.com/cve/CVE-2020-29569.html | |
CVE | CVE-2020-28374 | https://linux.oracle.com/cve/CVE-2020-28374.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux | python-perf | < 5.4.17-2036.102.0.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux | perf | < 5.4.17-2036.102.0.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-8 | oraclelinux | kernel-uek | < 5.4.17-2036.102.0.2.el8uek | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux | kernel-uek | < 5.4.17-2036.102.0.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-tools?distro=oraclelinux-7 | oraclelinux | kernel-uek-tools | < 5.4.17-2036.102.0.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-tools-libs?distro=oraclelinux-7 | oraclelinux | kernel-uek-tools-libs | < 5.4.17-2036.102.0.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-8 | oraclelinux | kernel-uek-doc | < 5.4.17-2036.102.0.2.el8uek | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux | kernel-uek-doc | < 5.4.17-2036.102.0.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-8 | oraclelinux | kernel-uek-devel | < 5.4.17-2036.102.0.2.el8uek | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-devel | < 5.4.17-2036.102.0.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-8 | oraclelinux | kernel-uek-debug | < 5.4.17-2036.102.0.2.el8uek | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug | < 5.4.17-2036.102.0.2.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-8 | oraclelinux | kernel-uek-debug-devel | < 5.4.17-2036.102.0.2.el8uek | oraclelinux-8 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug-devel | < 5.4.17-2036.102.0.2.el7uek | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |