ELSA-2020-5023

ELSA-2020-5023 - kernel security and bug fix update

Type:SECURITY
Severity:MODERATE
Release Date:2020-11-11

Description


[3.10.0-1160.6.1.OL7]
- Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.3

[3.10.0-1160.6.1]
- [net] netfilter: nf_queue: place bridge physports into queue_entry struct (Florian Westphal) [1885682]
- [net] netfilter: nf_queue: do not release refcouts until nf_reinject is done (Florian Westphal) [1885682]
- [net] netfilter: nf_queue: make nf_queue_entry_release_refs static (Florian Westphal) [1885682]
- [net] bluetooth: l2cap: Fix calling sk_filter on non-socket based channel (Gopal Tiwari) [1888253] {CVE-2020-12351}
- [net] bluetooth: a2mp: Fix not initializing all members (Gopal Tiwari) [1888797] {CVE-2020-12352}

[3.10.0-1160.5.1]
- [x86] x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs (Myron Stowe) [1849223]
- [kernel] uprobes: Change handle_swbp() to send SIGTRAP with si_code=SI_KERNEL, to fix GDB regression (Oleg Nesterov) [1861396]
- [video] vgacon: Fix for missing check in scrollback handling (Lyude Paul) [1859468] {CVE-2020-14331}
- [pci] hv: Retry PCI bus D0 entry on invalid device state (Mohammed Gamal) [1846667]
- [pci] hv: Fix the PCI HyperV probe failure path to release resource properly (Mohammed Gamal) [1846667]
- [x86] xen: Add call of speculative_store_bypass_ht_init() to PV paths (Vladis Dronov) [1882468]
- [powerpc] powerpc/smp: Use nid as fallback for package_id (Desnes Augusto Nunes do Rosario) [1826306]
- [powerpc] powerpc/smp: Add Power9 scheduler topology (Desnes Augusto Nunes do Rosario) [1826306]
- [kernel] sched: Add a new SD_SHARE_POWERDOMAIN for sched_domain (Desnes Augusto Nunes do Rosario) [1826306]
- [powerpc] sched, powerpc: Create a dedicated topology table (Desnes Augusto Nunes do Rosario) [1826306]
- [s390] sched, s390: Create a dedicated topology table (Desnes Augusto Nunes do Rosario) [1826306]
- [s390] s390/topology: Remove call to update_cpu_masks() (Desnes Augusto Nunes do Rosario) [1826306]
- [powerpc] powerpc/smp: Add cpu_l2_cache_map (Desnes Augusto Nunes do Rosario) [1826306]
- [powerpc] powerpc/smp: Rework CPU topology construction (Desnes Augusto Nunes do Rosario) [1826306]
- [powerpc] powerpc/smp: Use cpu_to_chip_id() to find core siblings (Desnes Augusto Nunes do Rosario) [1826306]
- [powerpc] powerpc, hotplug: Avoid to touch non-existent cpumasks (Desnes Augusto Nunes do Rosario) [1826306]

[3.10.0-1160.4.1]
- [block] virtio-blk: handle block_device_operations callbacks after hot unplug (Stefan Hajnoczi) [1811893]
- [scsi] Revert 'scsi: qla2xxx: Fix crash on qla2x00_mailbox_command' (Nilesh Javali) [1826127]
- [scsi] scsi: qla2xxx: Fix stale mem access on driver unload (Nilesh Javali) [1826127]
- [scsi] scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing (Nilesh Javali) [1836443]
- [scsi] scsi: qedf: Keep track of num of pending flogi (Nilesh Javali) [1836443]
- [scsi] scsi: qedf: Fix race betwen fipvlan request and response path (Nilesh Javali) [1836443]
- [scsi] scsi: qedf: Decrease the LL2 MTU size to 2500 (Nilesh Javali) [1836443]
- [scsi] scsi: qedf: Check for module unloading bit before processing link update AEN (Nilesh Javali) [1836443]
- [scsi] scsi: qedf: Initiator fails to re-login to switch after link down (Nilesh Javali) [1836443]
- [scsi] scsi: qedf: Fix crash during sg_reset (Nilesh Javali) [1836443]
- [scsi] scsi: qedf: Stop sending fipvlan request on unload (Nilesh Javali) [1836443]
- [message] scsi: mptscsih: Fix read sense data size (Tomas Henzl) [1829803]
- [scsi] scsi: megaraid_sas: Clear affinity hint (Tomas Henzl) [1828312]

[3.10.0-1160.3.1]
- [net] net-sysfs: Call dev_hold always in rx_queue_add_kobject (Hangbin Liu) [1846454] {CVE-2019-20811}
- [net] net-sysfs: Call dev_hold always in netdev_queue_add_kobject (Hangbin Liu) [1846454] {CVE-2019-20811}
- [net] net-sysfs: call dev_hold if kobject_init_and_add success (Hangbin Liu) [1846454] {CVE-2019-20811}
- [netdrv] macvlan: Change status when lower device goes down (Hangbin Liu) [1848950]
- [netdrv] macvlan: make operstate and carrier more accurate (Hangbin Liu) [1848950]
- [infiniband] RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() (Kamal Heib) [1858707]
- [infiniband] RDMA/ipoib: Return void from ipoib_ib_dev_stop() (Kamal Heib) [1858707]
- [net] tcp: limit sk_write_qlen based on sndbuf size (Florian Westphal) [1847765]
- [netdrv] net/mlx5e: Modify uplink state on interface up/down (Alaa Hleihel) [1733181]
- [netdrv] net/mlx5: E-Switch, Disable esw manager vport correctly (Alaa Hleihel) [1733181]
- [netdrv] net/mlx5: E-Switch, Properly refer to host PF vport as other vport (Alaa Hleihel) [1733181]


Related CVEs


CVE-2019-20811
CVE-2020-14331

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) kernel-3.10.0-1160.6.1.el7.src.rpm31180914809d0a0c855559e7bfe58927ELBA-2021-1397-1
bpftool-3.10.0-1160.6.1.el7.x86_64.rpm939394ae563f2291aa529a79d3d0f387ELBA-2021-1397-1
kernel-3.10.0-1160.6.1.el7.x86_64.rpm75ae2c70f20d73889a8ed6d9f9bba0f5ELBA-2021-1397-1
kernel-abi-whitelists-3.10.0-1160.6.1.el7.noarch.rpmd68cf05870506c8ed709d3303011d9fbELBA-2021-1397-1
kernel-debug-3.10.0-1160.6.1.el7.x86_64.rpm707b6014bd9163a0bb96bf1392552f21ELBA-2021-1397-1
kernel-debug-devel-3.10.0-1160.6.1.el7.x86_64.rpm940183c9160e535559814d2703bd7527ELBA-2021-1397-1
kernel-devel-3.10.0-1160.6.1.el7.x86_64.rpm472831c0559625b059550237c2389c81ELBA-2021-1397-1
kernel-doc-3.10.0-1160.6.1.el7.noarch.rpm3192500d276eda9f6e41c66290d568e3ELBA-2021-1397-1
kernel-headers-3.10.0-1160.6.1.el7.x86_64.rpm6438bb3afd87c10ee1e191215af44535ELBA-2021-1397-1
kernel-tools-3.10.0-1160.6.1.el7.x86_64.rpm1a502db03af8e649304886d0c79d1b28ELBA-2021-1397-1
kernel-tools-libs-3.10.0-1160.6.1.el7.x86_64.rpmc7963ae6fab9758167ef57bb09161566ELBA-2021-1397-1
kernel-tools-libs-devel-3.10.0-1160.6.1.el7.x86_64.rpm1ec501217d5b6c35f7c2420dfa5416b3ELBA-2021-1397-1
perf-3.10.0-1160.6.1.el7.x86_64.rpmf7a653246fa01dcb77ef06aa7d93a6e7ELSA-2021-9220
python-perf-3.10.0-1160.6.1.el7.x86_64.rpmd2c7f190659f0f02a3ef17e415d0dfbcELSA-2021-9220



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete