[ELSA-2021-9172] Unbreakable Enterprise kernel security update
[4.14.35-2047.502.4]
- Revert 'rds: ib: Remove two ib_modify_qp() calls' (Sharath Srinivasan) [Orabug: 32715567]
- uek-rpm: Update SecureBoot Digicert 2021 certificates (Somasundaram Krishnasamy) [Orabug: 32532514]
[4.14.35-2047.502.3]
- video: hyperv_fb: Fix the mmap() regression for v5.4.y and older (Dexuan Cui) [Orabug: 32620797]
- video: hyperv_fb: Fix the cache type when mapping the VRAM (Dexuan Cui) [Orabug: 32620797]
- RDMA/core: Fix corrupted SL on passive side (Hakon Bugge) [Orabug: 32644356]
[4.14.35-2047.502.2]
- EDAC: skx_common: downgrade message importance on missing PCI device (Aristeu Rozanski) [Orabug: 32651294]
- Xen/gnttab: handle p2m update errors on a per-slot basis (Jan Beulich) [Orabug: 32651477] {CVE-2021-28038}
- KVM: kvmclock: Fix vCPUs > 64 can't be online/hotpluged (Wanpeng Li) [Orabug: 32633928]
- xen/netback: avoid race in xenvif_rx_ring_slots_available() (Juergen Gross) [Orabug: 32640132]
[4.14.35-2047.502.1]
- mm/vmscan: fix infinite loop in drop_slab_node (Chunxin Zang) [Orabug: 32619973]
- scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [Orabug: 32603381] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365}
- scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [Orabug: 32603381] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365}
- scsi: iscsi: Report connection state in sysfs (Gabriel Krisman Bertazi) [Orabug: 32603381] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365}
- sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output (Joe Perches) [Orabug: 32603381] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365}
- scsi: iscsi: Restrict sessions and handles to admin capabilities (Lee Duncan) [Orabug: 32603381] {CVE-2021-27363} {CVE-2021-27364} {CVE-2021-27365}
- uek-rpm: add opbmc to nano-kernel (Eric Snowberg) [Orabug: 32555678]
- ovl: restore creds in all return paths of ovl_iterate (Somasundaram Krishnasamy) [Orabug: 32608965]
[4.14.35-2047.502.0]
- rds: rds_drop_egress events should be enabled as part of RDS_RTD_SND (Alan Maguire) [Orabug: 32586918]
- rds: use dedicated rds_send_lock_contention tracepoint instead of drop (Alan Maguire) [Orabug: 32586918]
- rds: ensure saddr/daddr for tracepoints is not NULL (Alan Maguire) [Orabug: 32580944]
- hsr: use netdev_err() instead of WARN_ONCE() (Taehee Yoo) [Orabug: 32576073]
- vhost: do not try to access device IOTLB when not initialized (Jason Wang) [Orabug: 31906788]
- uek-rpm: config-aarch-embedded2 update for Feb 2021 Elba patches (Dave Kleikamp) [Orabug: 32544715]
- huge page support for device memory (Neel Patel) [Orabug: 32544715]
- mmc: sdhci-cadence-elba.c: Remove SDHCI_QUIRK_BROKEN_TIMEOUT_VAL (David Clear) [Orabug: 32544715]
- KVM: nVMX: use correct clean fields when copying from eVMCS (Vitaly Kuznetsov) [Orabug: 32544092]
- net/mlx4_en: Handle TX error CQE (Moshe Shemesh) [Orabug: 32492971]
- net/mlx4_en: Avoid scheduling restart task if it is already running (Moshe Shemesh) [Orabug: 32492971]
- PCI: hotplug: Add module parameter to allow user control of LEDs (James Puthukattukaran) [Orabug: 32527186]
- net/rds: Reject error code change (Ka-Cheong Poon) [Orabug: 32565543]
- rds: ib: Remove two ib_modify_qp() calls (Hakon Bugge) [Orabug: 32519917]
- arm64: kexec: add support for kexec with spin-table (Henry Willard) [Orabug: 32546040]
- x86/kvm/hyper-v: move VMX controls sanitization out of nested_enable_evmcs() (Vitaly Kuznetsov) [Orabug: 32543800]
- x86/kvm/hyper-v: remove stale evmcs_already_enabled check from nested_enable_evmcs() (Vitaly Kuznetsov) [Orabug: 32543800]
- net/rds: Need to check shutdown progress in rds_conn_path_destroy() (Ka-Cheong Poon) [Orabug: 32536002]
- A/A Bonding: In rdmaip synchronize access to ip_config[].rdmaip_dev (Sharath Srinivasan) [Orabug: 32050122]
- net/rds: In rds_send_xmit() use sg_next() to get the next sg entry (Sharath Srinivasan) [Orabug: 32125836]
- net/rds: increase 1MB MR pool size for RDS (Manjunath Patil) [Orabug: 32551377]
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | < 4.14.35-2047.502.4.el7uek |
pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | < 4.14.35-2047.502.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | < 4.14.35-2047.502.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-tools?distro=oraclelinux-7 | < 4.14.35-2047.502.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-tools-libs?distro=oraclelinux-7 | < 4.14.35-2047.502.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-tools-libs-devel?distro=oraclelinux-7 | < 4.14.35-2047.502.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-headers?distro=oraclelinux-7 | < 4.14.35-2047.502.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | < 4.14.35-2047.502.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | < 4.14.35-2047.502.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | < 4.14.35-2047.502.4.el7uek |
pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | < 4.14.35-2047.502.4.el7uek |
- ID
- ELSA-2021-9172
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2021-9172.html
- Published
-
2021-04-12T00:00:00
(3 years ago) - Modified
-
2021-04-12T00:00:00
(3 years ago) - Rights
- Copyright 2021 Oracle, Inc.
- Other Advisories
-
- ALAS-2021-1487
- ALAS2-2021-1616
- ALSA-2021:1093
- ELSA-2021-1071
- ELSA-2021-1093
- ELSA-2021-9112
- ELSA-2021-9113
- ELSA-2021-9114
- ELSA-2021-9115
- ELSA-2021-9116
- ELSA-2021-9140
- ELSA-2021-9141
- ELSA-2021-9164
- ELSA-2021-9175
- ELSA-2021-9212
- ELSA-2021-9215
- ELSA-2021-9220
- ELSA-2021-9221
- MS:CVE-2021-27363
- MS:CVE-2021-27364
- MS:CVE-2021-27365
- openSUSE-SU-2021:0532-1
- openSUSE-SU-2021:0758-1
- openSUSE-SU-2021:1975-1
- openSUSE-SU-2021:1977-1
- RHSA-2021:1069
- RHSA-2021:1070
- RHSA-2021:1071
- RHSA-2021:1081
- RHSA-2021:1093
- SSA:2021-072-01
- SUSE-SU-2021:1046-1
- SUSE-SU-2021:1074-1
- SUSE-SU-2021:1075-1
- SUSE-SU-2021:1145-1
- SUSE-SU-2021:1148-1
- SUSE-SU-2021:1175-1
- SUSE-SU-2021:1176-1
- SUSE-SU-2021:1177-1
- SUSE-SU-2021:1210-1
- SUSE-SU-2021:1211-1
- SUSE-SU-2021:1238-1
- SUSE-SU-2021:1573-1
- SUSE-SU-2021:1596-1
- SUSE-SU-2021:1617-1
- SUSE-SU-2021:1623-1
- SUSE-SU-2021:1624-1
- SUSE-SU-2021:1625-1
- SUSE-SU-2021:1975-1
- SUSE-SU-2021:1977-1
- SUSE-SU-2021:2577-1
- USN-4883-1
- USN-4887-1
- USN-4889-1
- USN-4901-1
- USN-4904-1
- USN-4911-1
- USN-4945-1
- USN-4945-2
- USN-4946-1
- USN-4984-1
- XSA-367
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2021-9172 | https://linux.oracle.com/errata/ELSA-2021-9172.html | |
CVE | CVE-2021-28038 | https://linux.oracle.com/cve/CVE-2021-28038.html | |
CVE | CVE-2021-27363 | https://linux.oracle.com/cve/CVE-2021-27363.html | |
CVE | CVE-2021-27364 | https://linux.oracle.com/cve/CVE-2021-27364.html | |
CVE | CVE-2021-27365 | https://linux.oracle.com/cve/CVE-2021-27365.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux | python-perf | < 4.14.35-2047.502.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux | perf | < 4.14.35-2047.502.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux | kernel-uek | < 4.14.35-2047.502.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-tools?distro=oraclelinux-7 | oraclelinux | kernel-uek-tools | < 4.14.35-2047.502.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-tools-libs?distro=oraclelinux-7 | oraclelinux | kernel-uek-tools-libs | < 4.14.35-2047.502.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-tools-libs-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-tools-libs-devel | < 4.14.35-2047.502.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-headers?distro=oraclelinux-7 | oraclelinux | kernel-uek-headers | < 4.14.35-2047.502.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux | kernel-uek-doc | < 4.14.35-2047.502.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-devel | < 4.14.35-2047.502.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug | < 4.14.35-2047.502.4.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug-devel | < 4.14.35-2047.502.4.el7uek | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |