ELSA-2019-3055
- ULN >
- Oracle Linux Errata repository >
- ELSA-2019-3055
ELSA-2019-3055 - kernel security and bug fix update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2019-10-16 |
Description
[3.10.0-1062.4.1.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
[3.10.0-1062.4.1]
- [vhost] vhost: make sure log_num < in_num (Eugenio Perez) [1750879 1750880] {CVE-2019-14835}
[3.10.0-1062.3.1]
- [net] Bluetooth: Fix faulty expression for minimum encryption key size check (Gopal Tiwari) [1743084 1743085] {CVE-2019-9506}
- [net] Bluetooth: Fix regression with minimum encryption key size alignment (Gopal Tiwari) [1743084 1743085] {CVE-2019-9506}
- [net] Bluetooth: Align minimum encryption key size for LE and BR/EDR connections (Gopal Tiwari) [1743084 1743085] {CVE-2019-9506}
- [net] macvlan: Support bonding events (Davide Caratti) [1751579 1733589]
- [wireless] mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (Stanislaw Gruszka) [1714469 1721742 1714470 1721743] {CVE-2019-10126 CVE-2019-3846}
- [wireless] mwifiex: Mark expected switch fall-through (Stanislaw Gruszka) [1714469 1721742 1714470 1721743] {CVE-2019-10126 CVE-2019-3846}
- [wireless] mwifiex: Fix skipped vendor specific IEs (Stanislaw Gruszka) [1714469 1721742 1714470 1721743] {CVE-2019-10126 CVE-2019-3846}
- [wireless] mwifiex: fix 802.11n/WPA detection (Stanislaw Gruszka) [1714469 1721742 1714470 1721743] {CVE-2019-10126 CVE-2019-3846}
- [wireless] mwifiex: Don't abort on small, spec-compliant vendor IEs (Stanislaw Gruszka) [1714469 1721742 1714470 1721743] {CVE-2019-10126 CVE-2019-3846}
- [wireless] mwifiex: Abort at too short BSS descriptor element (Stanislaw Gruszka) [1714469 1721742 1714470 1721743] {CVE-2019-10126 CVE-2019-3846}
- [wireless] mwifiex: Fix possible buffer overflows at parsing bss descriptor (Stanislaw Gruszka) [1714469 1721742 1714470 1721743] {CVE-2019-10126 CVE-2019-3846}
- [net] sunrpc: Fix possible autodisconnect during connect due to old last_used (Dave Wysochanski) [1749290 1723537]
- [drm] drm/ast: Fixed reboot test may cause system hanged (Dave Airlie) [1749296 1739971]
- [block] block: blk_init_allocated_queue() set q->fq as NULL in the fail case (Ming Lei) [1739326 1739327] {CVE-2018-20856}
- [pci] PCI: hv: Fix a use-after-free bug in hv_eject_device_work() (Mohammed Gamal) [1748239 1732924]
- [pci] PCI: hv: Add pci_destroy_slot() in pci_devices_present_work(), if necessary (Mohammed Gamal) [1748239 1732924]
- [pci] PCI: hv: Add hv_pci_remove_slots() when we unload the driver (Mohammed Gamal) [1748239 1732924]
- [pci] PCI: hv: Fix a memory leak in hv_eject_device_work() (Mohammed Gamal) [1748239 1732924]
- [pci] PCI: hv: support reporting serial number as slot information (Mohammed Gamal) [1748239 1732924]
- [pci] PCI: hv: Remove unused reason for refcount handler (Mohammed Gamal) [1748239 1732924]
- [pci] PCI: hv: Convert hv_pci_dev.refs from atomic_t to refcount_t (Mohammed Gamal) [1748239 1732924]
- [pci] PCI: hv: Remove the bogus test in hv_eject_device_work() (Mohammed Gamal) [1748239 1732924]
- [fs] NFSv4: Replace closed stateids with the 'invalid special stateid' (Steve Dickson) [1744946 1733347]
- [nvme] nvme-rdma: use dynamic dma mapping per command (David Milburn) [1744444 1637693]
- [nvme] nvme-rdma: remove redundant reference between ib_device and tagset (David Milburn) [1744444 1637693]
- [nvme] nvme-rdma: always have a valid trsvcid (David Milburn) [1744443 1717536]
- [nvme] nvme-rdma: use inet_pton_with_scope helper (David Milburn) [1744443 1717536]
- [nvme] nvmet-rdma: use generic inet_pton_with_scope (David Milburn) [1744443 1717536]
- [iommu] x86/hyper-v: add msi_setup_irq/msi_alloc_irq stubs to fix x2apic mode (Vitaly Kuznetsov) [1743324 1736750]
- [mm] slub: make dead caches discard free slabs immediately (Aristeu Rozanski) [1741920 1649189]
- [mm] mm: charge/uncharge kmemcg from generic page allocator paths (Aristeu Rozanski) [1741920 1649189]
- [mm] memcg: do not account memory used for cache creation (Aristeu Rozanski) [1741920 1649189]
- [mm] memcg: also test for skip accounting at the page allocation level (Aristeu Rozanski) [1741920 1649189]
- [fs] kmemcg: account certain kmem allocations to memcg (Aristeu Rozanski) [1741920 1649189]
- [mm] vmalloc: allow to account vmalloc to memcg (Aristeu Rozanski) [1741920 1649189]
- [mm] slab: add SLAB_ACCOUNT flag (Aristeu Rozanski) [1741920 1649189]
- [include] memcg: only account kmem allocations marked as __GFP_ACCOUNT (Aristeu Rozanski) [1741920 1649189]
- [include] mm: get rid of __GFP_KMEMCG (Aristeu Rozanski) [1741920 1649189]
- [mm] slb: charge slabs to kmemcg explicitly (Aristeu Rozanski) [1741920 1649189]
- [mm] mm: rename allocflags_to_migratetype for clarity (Rafael Aquini) [1741920 1730471]
- [x86] cpuidle-haltpoll: disable host side polling when kvm virtualized (Marcelo Tosatti) [1740192 1734501]
- [kvm] kvm: x86: add host poll control msrs (Marcelo Tosatti) [1740192 1734501]
- [cpuidle] cpuidle: add haltpoll governor (Marcelo Tosatti) [1740192 1734501]
- [cpuidle] governors: unify last_state_idx (Marcelo Tosatti) [1740192 1734501]
- [cpuidle] cpuidle: add poll_limit_ns to cpuidle_device structure (Marcelo Tosatti) [1740192 1734501]
- [cpuidle] add cpuidle-haltpoll driver (Marcelo Tosatti) [1740192 1734501]
- [cpuidle] cpuidle: poll_state: Fix default time limit (Marcelo Tosatti) [1740192 1734501]
- [cpuidle] cpuidle: poll_state: Disregard disable idle states (Marcelo Tosatti) [1740192 1734501]
- [cpuidle] cpuidle: poll_state: Revise loop termination condition (Marcelo Tosatti) [1740192 1734501]
- [cpuidle] cpuidle: menu: Fix wakeup statistics updates for polling state (Marcelo Tosatti) [1740192 1734501]
- [cpuidle] cpuidle: poll_state: Avoid invoking local_clock() too often (Marcelo Tosatti) [1740192 1734501]
- [cpuidle] cpuidle: poll_state: Add time limit to poll_idle() (Marcelo Tosatti) [1740192 1734501]
- [cpuidle] cpuidle: Move polling state initialization code to separate file (Marcelo Tosatti) [1740192 1734501]
- [cpuidle] cpuidle: Remove time measurement in poll state (Marcelo Tosatti) [1740192 1734501]
- [cpuidle] cpuidle: Set polling in poll_idle (Marcelo Tosatti) [1740192 1734501]
- [cpuidle] cpuidle: dont call poll_idle_init() for every cpu (Marcelo Tosatti) [1740192 1734501]
- [hv] hv: vmbus: Implement Direct Mode for stimer0 (Vitaly Kuznetsov) [1740188 1712344]
- [kernel] sched: Reduce contention in update_cfs_rq_blocked_load() (Marcelo Tosatti) [1740180 1734515]
- [ipc] ipc: drop non-RCU allocation (Vladis Dronov) [1740178 1733016]
- [ipc] ipc/util.c: use kvfree() in ipc_rcu_free() (Vladis Dronov) [1740178 1733016]
- [ipc] tree wide: use kvfree() than conditional kfree()/vfree() (Vladis Dronov) [1740178 1733016]
- [ipc] standardize code comments (Waiman Long) [1740178 1373519]
- [ipc] whitespace cleanup (Waiman Long) [1740178 1373519]
- [fs] gfs2: gfs2_walk_metadata fix (Andreas Grunbacher) [1737373 1724362]
- [fs] gfs2: Inode dirtying fix (Andreas Grunbacher) [1737373 1724362]
- [fs] gfs2: Fix rounding error in gfs2_iomap_page_prepare (Andreas Grunbacher) [1737373 1724362]
- [fs] iomap: fix page_done callback for short writes (Andreas Grunbacher) [1737373 1724362]
- [fs] fs: fold __generic_write_end back into generic_write_end (Andreas Grunbacher) [1737373 1724362]
- [fs] iomap: don't mark the inode dirty in iomap_write_end (Andreas Grunbacher) [1737373 1724362]
- [fs] gfs2: Fix iomap write page reclaim deadlock (Andreas Grunbacher) [1737373 1724362]
- [fs] iomap: Add a page_prepare callback (Andreas Grunbacher) [1737373 1724362]
- [fs] iomap: Fix use-after-free error in page_done callback (Andreas Grunbacher) [1737373 1724362]
- [fs] fs: Turn __generic_write_end into a void function (Andreas Grunbacher) [1737373 1724362]
- [fs] iomap: Clean up __generic_write_end calling (Andreas Grunbacher) [1737373 1724362]
[3.10.0-1062.2.1]
- [x86] aesni: initialize gcm(aes) cryptd child's key/authsize (Sabrina Dubroca) [1744442 1698551]
- [netdrv] bnx2x: Disable multi-cos feature (Manish Chopra) [1741926 1704157]
Related CVEs
| CVE-2019-3846 |
| CVE-2018-20856 |
| CVE-2019-9506 |
| CVE-2019-10126 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (x86_64) | kernel-3.10.0-1062.4.1.el7.src.rpm | f203dc71a2ac59331d5832cea0600769 | ELBA-2021-1397-1 |
| bpftool-3.10.0-1062.4.1.el7.x86_64.rpm | 1ad1d62cd0c9947a8696620d0e9454f5 | ELBA-2021-1397-1 | |
| kernel-3.10.0-1062.4.1.el7.x86_64.rpm | f1e70087e8dd309eb0c864a17a0fffee | ELBA-2021-1397-1 | |
| kernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm | 32945e36e9500333b0496dbb104fbf1f | ELBA-2021-1397-1 | |
| kernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm | 26f75f73b2802b2b287cbdb99e155824 | ELBA-2021-1397-1 | |
| kernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm | 7cd1ed88ab3806dccdd3597469d16865 | ELBA-2021-1397-1 | |
| kernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm | 49246fc03fac357de1609f01e26b0ee9 | ELBA-2021-1397-1 | |
| kernel-doc-3.10.0-1062.4.1.el7.noarch.rpm | 6e74d75b7626761fecc16e2a3710ba27 | ELBA-2021-1397-1 | |
| kernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm | 66f2fd880802069f41b3cdbc10a24a0f | ELBA-2021-1397-1 | |
| kernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm | d55e91b7fbe923ba37cb9e62b03c21ce | ELBA-2021-1397-1 | |
| kernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm | 27aa55d818cdf153900af0a3295b45eb | ELBA-2021-1397-1 | |
| kernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm | e62c1c3ee051486ebb40f503a648412f | ELBA-2021-1397-1 | |
| perf-3.10.0-1062.4.1.el7.x86_64.rpm | e83dd782f132a242b6e2d2ce4611b717 | ELSA-2021-9220 | |
| python-perf-3.10.0-1062.4.1.el7.x86_64.rpm | cc358813910cebde85a9dbf82ae65f80 | ELSA-2021-9220 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
