Stay Connected:

ELSA-2020-0339

ELSA-2020-0339 - kernel security and bug fix update

Type:SECURITY
Impact:IMPORTANT
Release Date:2020-02-07

Description


[4.18.0-147.5.1_1.OL8]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]

[4.18.0-147.5.1_1]
- [powerpc] powerpc/shared: Use static key to detect shared processor (Phil Auld) [1781114 1767529]
- [powerpc] powerpc/vcpu: Assume dedicated processors as non-preempt (Phil Auld) [1781114 1767529]

[4.18.0-147.4.1_1]
- [block] blk-mq: apply normal plugging for HDD (Ming Lei) [1782181 1759380]
- [block] blk-mq: honor IO scheduler for multiqueue devices (Ming Lei) [1782181 1759380]
- [block] blk-mq: simplify blk_mq_make_request() (Ming Lei) [1782181 1759380]
- [block] blk-mq: remove blk_mq_put_ctx() (Ming Lei) [1782181 1759380]
- [x86] kvm: vmx: use MSR_IA32_TSX_CTRL to hard-disable TSX on guest that lack it (Paolo Bonzini) [1781660 1779553] {CVE-2019-19338}
- [x86] kvm: vmx: implement MSR_IA32_TSX_CTRL disable RTM functionality (Paolo Bonzini) [1781660 1779553] {CVE-2019-19338}
- [x86] kvm: x86: implement MSR_IA32_TSX_CTRL effect on CPUID (Paolo Bonzini) [1781660 1779553] {CVE-2019-19338}
- [x86] kvm: x86: do not modify masked bits of shared MSRs (Paolo Bonzini) [1781660 1779553] {CVE-2019-19338}
- [x86] kvm: x86: fix presentation of TSX feature in ARCH_CAPABILITIES (Paolo Bonzini) [1781660 1779553] {CVE-2019-19338}
- [x86] kvm/x86: Export MDS_NO=0 to guests when TSX is enabled (Paolo Bonzini) [1781660 1779553] {CVE-2019-19338}
- [fs] cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs (Leif Sahlberg) [1778693 1765979]
- [fs] cifs: avoid using MID 0xFFFF (Leif Sahlberg) [1778693 1765979]
- [fs] cifs: Fix retry mid list corruption on reconnects (Leif Sahlberg) [1778693 1765979]
- [fs] smb3: fix unmount hang in open_shroot (Leif Sahlberg) [1781113 1757670]
- [fs] CIFS: fix deadlock in cached root handling (Leif Sahlberg) [1781113 1757670]
- [fs] Fix match_server check to allow for auto dialect negotiate (Leif Sahlberg) [1781113 1757670]
- [fs] SMB3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write (Leif Sahlberg) [1781113 1757670]
- [fs] cifs: fix panic in smb2_reconnect (Leif Sahlberg) [1781113 1757670]
- [fs] cifs: fix strcat buffer overflow and reduce raciness in smb21_set_oplock_level() (Leif Sahlberg) [1781113 1757670]
- [fs] smb3: fix signing verification of large reads (Dave Wysochanski) [1781110 1753114]
- [scsi] scsi: lpfc: Fix port relogin failure due to GID_FT interaction (Dick Kennedy) [1781108 1733217]
- [fs] xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT (Bill O'Donnell) [1778692 1739607]
- [net] cfg80211: wext: avoid copying malformed SSIDs (Jarod Wilson) [1778633 1778634] {CVE-2019-17133}
- [block] blkcg: perpcu_ref init/exit should be done from blkg_alloc/free() (Ming Lei) [1777766 1741392]
- [fs] userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx (Alex Gladkov) [1777389 1749763] {CVE-2019-14898}
- [netdrv] mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings (Jarod Wilson) [1776618 1775484] {CVE-2019-14814 CVE-2019-14815 CVE-2019-14816}
- [netdrv] mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (Jarod Wilson) [1776209 1776210] {CVE-2019-14895}
- [netdrv] mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() (Jarod Wilson) [1776161 1776162] {CVE-2019-14901}
- [netdrv] rtlwifi: Fix potential overflow on P2P code (Jarod Wilson) [1775222 1775223] {CVE-2019-17666}
- [pci] hv: Avoid use of hv_pci_dev->pci_slot after freeing it (Mohammed Gamal) [1764635 1737569]


Related CVEs


CVE-2019-14814
CVE-2019-14816
CVE-2019-14898
CVE-2019-14895
CVE-2019-17666
CVE-2019-19338
CVE-2019-14901
CVE-2019-14815

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) kernel-4.18.0-147.5.1.el8_1.src.rpm18d900b142ff77ef10035bd78400a7d20d7295897a81f7b91a9ea350e04afd6f-ol8_aarch64_codeready_builder
kernel-tools-libs-devel-4.18.0-147.5.1.el8_1.aarch64.rpm80dcac79b9128638432812a22a7a80792bd3b384dacc872f64d73ca94bfaee85-ol8_aarch64_codeready_builder
Oracle Linux 8 (x86_64) kernel-4.18.0-147.5.1.el8_1.src.rpm18d900b142ff77ef10035bd78400a7d20d7295897a81f7b91a9ea350e04afd6f-ol8_x86_64_baseos_latest
kernel-4.18.0-147.5.1.el8_1.src.rpm18d900b142ff77ef10035bd78400a7d20d7295897a81f7b91a9ea350e04afd6f-ol8_x86_64_codeready_builder
kernel-4.18.0-147.5.1.el8_1.src.rpm18d900b142ff77ef10035bd78400a7d20d7295897a81f7b91a9ea350e04afd6f-ol8_x86_64_u1_baseos_patch
bpftool-4.18.0-147.5.1.el8_1.x86_64.rpm8d4df3066aa4c98d3d2b141825187e8e98ecb61907a524e46a63ba6182c0fe8f-ol8_x86_64_baseos_latest
bpftool-4.18.0-147.5.1.el8_1.x86_64.rpm8d4df3066aa4c98d3d2b141825187e8e98ecb61907a524e46a63ba6182c0fe8f-ol8_x86_64_u1_baseos_patch
kernel-4.18.0-147.5.1.el8_1.x86_64.rpmdcd6f7b120fff75222c47876c58672b381df6bb5517514e314ce223dd993b1e6-ol8_x86_64_baseos_latest
kernel-4.18.0-147.5.1.el8_1.x86_64.rpmdcd6f7b120fff75222c47876c58672b381df6bb5517514e314ce223dd993b1e6-ol8_x86_64_u1_baseos_patch
kernel-abi-whitelists-4.18.0-147.5.1.el8_1.noarch.rpm4a2505dfe1049e1dd7d1296a76c79c4f87773b72bd0f89f9fb8217cd33b62ebc-ol8_x86_64_baseos_latest
kernel-abi-whitelists-4.18.0-147.5.1.el8_1.noarch.rpm4a2505dfe1049e1dd7d1296a76c79c4f87773b72bd0f89f9fb8217cd33b62ebc-ol8_x86_64_u1_baseos_patch
kernel-core-4.18.0-147.5.1.el8_1.x86_64.rpm45fbcbc675d81ca4c9e4cf2fedf4026cc9b169568d180a958f5231d7622f4812-ol8_x86_64_baseos_latest
kernel-core-4.18.0-147.5.1.el8_1.x86_64.rpm45fbcbc675d81ca4c9e4cf2fedf4026cc9b169568d180a958f5231d7622f4812-ol8_x86_64_u1_baseos_patch
kernel-cross-headers-4.18.0-147.5.1.el8_1.x86_64.rpme76ddafe490c661275952371c1e429312776bb59e9c84f183f8449de91da953b-ol8_x86_64_baseos_latest
kernel-cross-headers-4.18.0-147.5.1.el8_1.x86_64.rpme76ddafe490c661275952371c1e429312776bb59e9c84f183f8449de91da953b-ol8_x86_64_u1_baseos_patch
kernel-debug-4.18.0-147.5.1.el8_1.x86_64.rpm2cfee7e60c7891893cb3fbf38aaa4594753f8c4b5e93250df38e97619c75de7f-ol8_x86_64_baseos_latest
kernel-debug-4.18.0-147.5.1.el8_1.x86_64.rpm2cfee7e60c7891893cb3fbf38aaa4594753f8c4b5e93250df38e97619c75de7f-ol8_x86_64_u1_baseos_patch
kernel-debug-core-4.18.0-147.5.1.el8_1.x86_64.rpm72ef4981907ac95f12a92a38edbe6ad13780f0729ae11d5d8cd300d51142d48e-ol8_x86_64_baseos_latest
kernel-debug-core-4.18.0-147.5.1.el8_1.x86_64.rpm72ef4981907ac95f12a92a38edbe6ad13780f0729ae11d5d8cd300d51142d48e-ol8_x86_64_u1_baseos_patch
kernel-debug-devel-4.18.0-147.5.1.el8_1.x86_64.rpm0a3c76485a53b03c0d4f626aea98506c613bc2ea48baffd3c28c45259896e835-ol8_x86_64_baseos_latest
kernel-debug-devel-4.18.0-147.5.1.el8_1.x86_64.rpm0a3c76485a53b03c0d4f626aea98506c613bc2ea48baffd3c28c45259896e835-ol8_x86_64_u1_baseos_patch
kernel-debug-modules-4.18.0-147.5.1.el8_1.x86_64.rpm091c4d2d412827b88423612024d353937186c734332c71dbbe9d81d35b974a20-ol8_x86_64_baseos_latest
kernel-debug-modules-4.18.0-147.5.1.el8_1.x86_64.rpm091c4d2d412827b88423612024d353937186c734332c71dbbe9d81d35b974a20-ol8_x86_64_u1_baseos_patch
kernel-debug-modules-extra-4.18.0-147.5.1.el8_1.x86_64.rpmcd43f244f91e4e0cb719521cf29d6a97ee12df7986db50dc284b1c7a21f0b730-ol8_x86_64_baseos_latest
kernel-debug-modules-extra-4.18.0-147.5.1.el8_1.x86_64.rpmcd43f244f91e4e0cb719521cf29d6a97ee12df7986db50dc284b1c7a21f0b730-ol8_x86_64_u1_baseos_patch
kernel-devel-4.18.0-147.5.1.el8_1.x86_64.rpmff66ff994584d2376fb24c5c49b47890a323ce997d98b5df1d422bc699eea1a2-ol8_x86_64_baseos_latest
kernel-devel-4.18.0-147.5.1.el8_1.x86_64.rpmff66ff994584d2376fb24c5c49b47890a323ce997d98b5df1d422bc699eea1a2-ol8_x86_64_u1_baseos_patch
kernel-doc-4.18.0-147.5.1.el8_1.noarch.rpm528eb5136afdac695922ed6dab656cf4c8752ba5e315ac9e4637d099d4544505-ol8_x86_64_baseos_latest
kernel-doc-4.18.0-147.5.1.el8_1.noarch.rpm528eb5136afdac695922ed6dab656cf4c8752ba5e315ac9e4637d099d4544505-ol8_x86_64_u1_baseos_patch
kernel-headers-4.18.0-147.5.1.el8_1.x86_64.rpm3a271eb4d734660a51d9eaf81290a041cc67e46bad2f1c5ceb85f8efaefaf3e9-ol8_x86_64_baseos_latest
kernel-headers-4.18.0-147.5.1.el8_1.x86_64.rpm3a271eb4d734660a51d9eaf81290a041cc67e46bad2f1c5ceb85f8efaefaf3e9-ol8_x86_64_u1_baseos_patch
kernel-modules-4.18.0-147.5.1.el8_1.x86_64.rpm472d5465719c7a76fc02f794d7928d6495df427f6e73295e346616d304235451-ol8_x86_64_baseos_latest
kernel-modules-4.18.0-147.5.1.el8_1.x86_64.rpm472d5465719c7a76fc02f794d7928d6495df427f6e73295e346616d304235451-ol8_x86_64_u1_baseos_patch
kernel-modules-extra-4.18.0-147.5.1.el8_1.x86_64.rpmc35a5b3c71b5cdcfe997441e85cd2427114aea30b61add4eb180fba1f1985c67-ol8_x86_64_baseos_latest
kernel-modules-extra-4.18.0-147.5.1.el8_1.x86_64.rpmc35a5b3c71b5cdcfe997441e85cd2427114aea30b61add4eb180fba1f1985c67-ol8_x86_64_u1_baseos_patch
kernel-tools-4.18.0-147.5.1.el8_1.x86_64.rpm01fd3b5aeddbb1d6b7b77330cdcfcce2af1e253cae165f33fe64c908c292ecca-ol8_x86_64_baseos_latest
kernel-tools-4.18.0-147.5.1.el8_1.x86_64.rpm01fd3b5aeddbb1d6b7b77330cdcfcce2af1e253cae165f33fe64c908c292ecca-ol8_x86_64_u1_baseos_patch
kernel-tools-libs-4.18.0-147.5.1.el8_1.x86_64.rpmed93cd86079d3809dee6fc67ac3f53c23b83b22cca1863302339edccb274c45f-ol8_x86_64_baseos_latest
kernel-tools-libs-4.18.0-147.5.1.el8_1.x86_64.rpmed93cd86079d3809dee6fc67ac3f53c23b83b22cca1863302339edccb274c45f-ol8_x86_64_u1_baseos_patch
kernel-tools-libs-devel-4.18.0-147.5.1.el8_1.x86_64.rpme6c3ac86bc1c2f856f85dc59c572c8913de2532f4e3f4eb5a3c7b78c1d3b6ded-ol8_x86_64_codeready_builder
perf-4.18.0-147.5.1.el8_1.x86_64.rpm6da60b356ff1bdab87ed1732e40189e650c643371032572978c6cba227e60ee6-ol8_x86_64_baseos_latest
perf-4.18.0-147.5.1.el8_1.x86_64.rpm6da60b356ff1bdab87ed1732e40189e650c643371032572978c6cba227e60ee6-ol8_x86_64_u1_baseos_patch
python3-perf-4.18.0-147.5.1.el8_1.x86_64.rpm1a7bcc6ed1c086f9574a576dc31ffe344937af55cdb5772b19719c0eccc43b74-ol8_x86_64_baseos_latest
python3-perf-4.18.0-147.5.1.el8_1.x86_64.rpm1a7bcc6ed1c086f9574a576dc31ffe344937af55cdb5772b19719c0eccc43b74-ol8_x86_64_u1_baseos_patch



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights