ELSA-2020-1372
- ULN >
- Oracle Linux Errata repository >
- ELSA-2020-1372
ELSA-2020-1372 - kernel security and bug fix update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2020-04-09 |
Description
[4.18.0-147.8.1_1.OL8]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
[4.18.0-147.8.1_1]
- rebuild, due infrastructure issues last kernel build wasn't signed properly [1807231 1807216]
[4.18.0-147.7.1_1]
- [hid] hiddev: do cleanup in failure of opening a device (Benjamin Tissoires) [1803458 1803460] {CVE-2019-19527}
- [hid] hiddev: avoid opening a disconnected device (Benjamin Tissoires) [1803458 1803460] {CVE-2019-19527}
- [nvme] nvmet: fix discover log page when offsets are used (Gopal Tiwari) [1801216 1745836]
- [netdrv] ibmvnic: Serialize device queries (Steve Best) [1794060 1778037]
- [netdrv] ibmvnic: Bound waits for device queries (Steve Best) [1794060 1778037]
- [netdrv] ibmvnic: Terminate waiting device threads after loss of service (Steve Best) [1794060 1778037]
- [netdrv] ibmvnic: Fix completion structure initialization (Steve Best) [1794060 1778037]
- [netdrv] ibmvnic: Ignore H_FUNCTION return from H_EOI to tolerate XIVE mode (Steve Best) [1794060 1778037]
- [tools] selftests/powerpc: Fix compile error on tlbie_test due to newer gcc (Desnes Augusto Nunes do Rosario) [1794058 1755707]
- [tools] selftests/powerpc: Add test case for tlbie vs mtpidr ordering issue (Desnes Augusto Nunes do Rosario) [1794058 1755707]
- [powerpc] powerpc/mm: Fixup tlbie vs mtpidr/mtlpidr ordering issue on POWER9 (Desnes Augusto Nunes do Rosario) [1794058 1755707]
- [powerpc] powerpc/book3s64/radix: Rename CPU_FTR_P9_TLBIE_BUG feature flag (Desnes Augusto Nunes do Rosario) [1794058 1755707]
- [powerpc] powerpc/book3s64/mm: Don't do tlbie fixup for some hardware revisions (Desnes Augusto Nunes do Rosario) [1794058 1755707]
[4.18.0-147.6.1_1]
- [crypto] crypto: chelsio - count incomplete block in IV (Jonathan Toppins) [1798527 1725813]
- [crypto] crypto: chelsio - Fix softlockup with heavy I/O (Jonathan Toppins) [1798527 1725813]
- [crypto] crypto: chelsio - Fix NULL pointer dereference (Jonathan Toppins) [1798527 1725813]
- [nvme] nvme: Treat discovery subsystems as unique subsystems (Ewan Milne) [1798381 1757525]
- [mm] mm/page-writeback.c: don't break integrity writeback on ->writepage() error (Christoph von Recklinghausen) [1797962 1782117]
- [lib] crc-t10dif: crc_t10dif_mutex can be static (Vladis Dronov) [1797961 1769462]
- [lib] crc-t10dif: Allow current transform to be inspected in sysfs (Vladis Dronov) [1797961 1769462]
- [lib] crc-t10dif: Pick better transform if one becomes available (Vladis Dronov) [1797961 1769462]
- [crypto] api - Introduce notifier for new crypto algorithms (Vladis Dronov) [1797961 1769462]
- [block] blk-mq: make sure that line break can be printed (Ming Lei) [1797960 1741462]
- [block] blk-mq: avoid sysfs buffer overflow with too many CPU cores (Ming Lei) [1797960 1741462]
- [scsi] hpsa: update driver version (Joseph Szczypek) [1797519 1761968]
- [scsi] scsi: hpsa: add missing hunks in reset-patch (Joseph Szczypek) [1797519 1761968]
- [arm64] arm64: compat: Workaround Neoverse-N1 #1542419 for compat user-space (Mark Salter) [1797518 1757828]
- [arm64] arm64: Fake the IminLine size on systems affected by Neoverse-N1 #1542419 (Mark Salter) [1797518 1757828]
- [arm64] arm64: errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419 (Mark Salter) [1797518 1757828]
- [arm64] arm64: Handle erratum 1418040 as a superset of erratum 1188873 (Mark Salter) [1797518 1757828]
- [arm64] arm64: errata: Add workaround for Cortex-A76 erratum #1463225 (Mark Salter) [1797518 1757828]
- [arm64] arm64: Kconfig: Tidy up errata workaround help text (Mark Salter) [1797518 1757828]
- [arm64] arm64: Apply ARM64_ERRATUM_1188873 to Neoverse-N1 (Mark Salter) [1797518 1757828]
- [arm64] arm64: Add part number for Neoverse N1 (Mark Salter) [1797518 1757828]
- [arm64] arm64: Make ARM64_ERRATUM_1188873 depend on COMPAT (Mark Salter) [1797518 1757828]
- [arm64] arm64: Restrict ARM64_ERRATUM_1188873 mitigation to AArch32 (Mark Salter) [1797518 1757828]
- [arm64] arm64: arch_timer: avoid unused function warning (Mark Salter) [1797518 1757828]
- [arm64] arm64: Add workaround for Cortex-A76 erratum 1286807 (Mark Salter) [1797518 1757828]
- [md] dm snapshot: rework COW throttling to fix deadlock (Mike Snitzer) [1796490 1758605]
- [md] dm snapshot: introduce account_start_copy() and account_end_copy() (Mike Snitzer) [1796490 1758605]
- [block] fix memleak of bio integrity data (Ming Lei) [1795338 1779898]
- [powerpc] xive: Prevent page fault issues in the machine crash handler (Diego Domingos) [1795337 1756116]
- [scsi] scsi: megaraid_sas: IRQ poll to avoid CPU hard lockups (Tomas Henzl) [1795335 1726251]
- [powerpc] powerpc/perf: Disable trace_imc pmu (Steve Best) [1794061 1785573]
- [s390] s390/qeth: ensure linear access to packet headers (Philipp Rudo) [1794059 1781085]
- [s390] s390/qeth: guard against runt packets (Philipp Rudo) [1794059 1781085]
- [s390] s390/qeth: handle skb allocation error gracefully (Philipp Rudo) [1794059 1781085]
- [s390] s390/qeth: drop unwanted packets earlier in RX path (Philipp Rudo) [1794059 1781085]
- [s390] s390/qeth: support per-frame invalidation (Philipp Rudo) [1794059 1781085]
- [s390] s390/qeth: gather more detailed RX dropped/error statistics (Philipp Rudo) [1794059 1781085]
- [s390] s390/net: Mark expected switch fall-throughs (Philipp Rudo) [1794059 1781085]
- [s390] s390/qeth: consolidate skb RX processing in L3 driver (Philipp Rudo) [1794059 1781085]
- [s390] s390/qeth: remove RX seqno in skb->cb (Philipp Rudo) [1794059 1781085]
- [powerpc] kvm: ppc: book3s hv: Flush link stack on guest exit to host kernel (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}
- [powerpc] book3s64: Fix link stack flush on context switch (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}
- [powerpc] 64s: support nospectre_v2 cmdline option (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}
- [powerpc] fsl: Update Spectre v2 reporting (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}
- [powerpc] fsl: Add nospectre_v2 command line argument (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}
- [powerpc] fsl: Fix spectre_v2 mitigations reporting (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}
- [powerpc] 64: Make meltdown reporting Book3S 64 specific (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}
- [powerpc] 64: Disable the speculation barrier from the command line (Gustavo Duarte) [1794056 1777686] {CVE-2019-18660}
- [firmware] efi/memreserve: Register reservations as 'reserved' in /proc/iomem (Bhupesh Sharma) [1792200 1772730]
- [firmware] efi/memreserve: deal with memreserve entries in unmapped memory (Bhupesh Sharma) [1792200 1772730]
- [s390] s390/cpum_sf: save TOD clock base in SDBs for time conversion (Philipp Rudo) [1792198 1743504]
- [s390] s390/sclp: Fix bit checked for has_sipl (Philipp Rudo) [1791408 1748347]
- [scsi] qla2xxx: Fix incorrect SFUB length used for Secure Flash Update MB Cmd (Himanshu Madhani) [1790350 1782598]
- [scsi] qla2xxx: Added support for MPI and PEP regions for ISP28XX (Himanshu Madhani) [1790350 1782598]
- [scsi] qla2xxx: Correctly retrieve and interpret active flash region (Himanshu Madhani) [1790350 1782598]
- [powerpc] powerpc/tm: Fix FP/VMX unavailable exceptions inside a transaction (Gustavo Duarte) [1788862 1750653] {CVE-2019-15030}
- [powerpc] powerpc/tm: Fix restoring FP/VMX facility incorrectly on interrupts (Gustavo Duarte) [1791630 1750653] {CVE-2019-15031}
- [scsi] scsi: qla2xxx: Fix different size DMA Alloc/Unmap (Himanshu Madhani) [1788206 1753031]
- [scsi] qla2xxx: call dma_free_coherent with correct size in all cases in qla24xx_sp_unmap (Himanshu Madhani) [1788206 1753031]
- [fs] devpts_pty_kill(): don't bother with d_delete() (Eric Sandeen) [1783959 1772718]
- [fs] devpts: always delete dcache dentry-s in dput() (Eric Sandeen) [1783959 1772718]
Related CVEs
| CVE-2019-18660 |
| CVE-2019-15030 |
| CVE-2019-15031 |
| CVE-2019-19527 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 8 (aarch64) | kernel-4.18.0-147.8.1.el8_1.src.rpm | be0e0a41eea1ba94fe23ffda09b6dc2f4541b101f11da68ecc7b3b41b20960ce | - | ol8_aarch64_codeready_builder |
| kernel-tools-libs-devel-4.18.0-147.8.1.el8_1.aarch64.rpm | 1a7fca7ec3fc1d661eea73193108995a3391d77832dcdca2d5f34f98a0666f2e | - | ol8_aarch64_codeready_builder | |
| Oracle Linux 8 (x86_64) | kernel-4.18.0-147.8.1.el8_1.src.rpm | be0e0a41eea1ba94fe23ffda09b6dc2f4541b101f11da68ecc7b3b41b20960ce | - | ol8_x86_64_baseos_latest |
| kernel-4.18.0-147.8.1.el8_1.src.rpm | be0e0a41eea1ba94fe23ffda09b6dc2f4541b101f11da68ecc7b3b41b20960ce | - | ol8_x86_64_codeready_builder | |
| kernel-4.18.0-147.8.1.el8_1.src.rpm | be0e0a41eea1ba94fe23ffda09b6dc2f4541b101f11da68ecc7b3b41b20960ce | - | ol8_x86_64_u1_baseos_patch | |
| bpftool-4.18.0-147.8.1.el8_1.x86_64.rpm | 08ca322f4b91e4a5860aec20e84099274d2659a7ffb39cefaa3cc2ae7da60344 | - | ol8_x86_64_baseos_latest | |
| bpftool-4.18.0-147.8.1.el8_1.x86_64.rpm | 08ca322f4b91e4a5860aec20e84099274d2659a7ffb39cefaa3cc2ae7da60344 | - | ol8_x86_64_u1_baseos_patch | |
| kernel-4.18.0-147.8.1.el8_1.x86_64.rpm | c5eddda74facdd15c15d4b707d210393b87664954b49347133c73373cc605092 | - | ol8_x86_64_baseos_latest | |
| kernel-4.18.0-147.8.1.el8_1.x86_64.rpm | c5eddda74facdd15c15d4b707d210393b87664954b49347133c73373cc605092 | - | ol8_x86_64_u1_baseos_patch | |
| kernel-abi-whitelists-4.18.0-147.8.1.el8_1.noarch.rpm | a2c90606ae84000ca04ead71aea98e84d8e62ed574a38383f6258a7a68dac3d7 | - | ol8_x86_64_baseos_latest | |
| kernel-abi-whitelists-4.18.0-147.8.1.el8_1.noarch.rpm | a2c90606ae84000ca04ead71aea98e84d8e62ed574a38383f6258a7a68dac3d7 | - | ol8_x86_64_u1_baseos_patch | |
| kernel-core-4.18.0-147.8.1.el8_1.x86_64.rpm | 8d941ebe92c23303c201b3b7e33f3b59a9a9ff9225589e9c3e46eecce5d9bad7 | - | ol8_x86_64_baseos_latest | |
| kernel-core-4.18.0-147.8.1.el8_1.x86_64.rpm | 8d941ebe92c23303c201b3b7e33f3b59a9a9ff9225589e9c3e46eecce5d9bad7 | - | ol8_x86_64_u1_baseos_patch | |
| kernel-cross-headers-4.18.0-147.8.1.el8_1.x86_64.rpm | 479ffe51dac0e0d9a3556f16722a40eeb65c7a0349ff097110e047a40f93b848 | - | ol8_x86_64_baseos_latest | |
| kernel-cross-headers-4.18.0-147.8.1.el8_1.x86_64.rpm | 479ffe51dac0e0d9a3556f16722a40eeb65c7a0349ff097110e047a40f93b848 | - | ol8_x86_64_u1_baseos_patch | |
| kernel-debug-4.18.0-147.8.1.el8_1.x86_64.rpm | b60789c6520205df2e5f9953f3af22ee4db95083b2bd416dd3a71d987133ee21 | - | ol8_x86_64_baseos_latest | |
| kernel-debug-4.18.0-147.8.1.el8_1.x86_64.rpm | b60789c6520205df2e5f9953f3af22ee4db95083b2bd416dd3a71d987133ee21 | - | ol8_x86_64_u1_baseos_patch | |
| kernel-debug-core-4.18.0-147.8.1.el8_1.x86_64.rpm | 5847c3ef1dcd77a9ac8ba565e9b650cb801397d2270c2ad6574b2c64b2ec51d5 | - | ol8_x86_64_baseos_latest | |
| kernel-debug-core-4.18.0-147.8.1.el8_1.x86_64.rpm | 5847c3ef1dcd77a9ac8ba565e9b650cb801397d2270c2ad6574b2c64b2ec51d5 | - | ol8_x86_64_u1_baseos_patch | |
| kernel-debug-devel-4.18.0-147.8.1.el8_1.x86_64.rpm | c913ec91f2038bb889d9eb002d92b4d2659e67ef6eabc7a60b8abc2f60d29607 | - | ol8_x86_64_baseos_latest | |
| kernel-debug-devel-4.18.0-147.8.1.el8_1.x86_64.rpm | c913ec91f2038bb889d9eb002d92b4d2659e67ef6eabc7a60b8abc2f60d29607 | - | ol8_x86_64_u1_baseos_patch | |
| kernel-debug-modules-4.18.0-147.8.1.el8_1.x86_64.rpm | 330b41ad29b7a1d69cab84b1305ad687d0974e9b6be703ec0a15cf9729b75594 | - | ol8_x86_64_baseos_latest | |
| kernel-debug-modules-4.18.0-147.8.1.el8_1.x86_64.rpm | 330b41ad29b7a1d69cab84b1305ad687d0974e9b6be703ec0a15cf9729b75594 | - | ol8_x86_64_u1_baseos_patch | |
| kernel-debug-modules-extra-4.18.0-147.8.1.el8_1.x86_64.rpm | 29dd7ebc173833814e691db7558f3857ccb55fa92773f7ae6677982834e9b67d | - | ol8_x86_64_baseos_latest | |
| kernel-debug-modules-extra-4.18.0-147.8.1.el8_1.x86_64.rpm | 29dd7ebc173833814e691db7558f3857ccb55fa92773f7ae6677982834e9b67d | - | ol8_x86_64_u1_baseos_patch | |
| kernel-devel-4.18.0-147.8.1.el8_1.x86_64.rpm | c79e9aa443e849129ed4fd89fa2ed4def47a3222dee550687042c3968e577e42 | - | ol8_x86_64_baseos_latest | |
| kernel-devel-4.18.0-147.8.1.el8_1.x86_64.rpm | c79e9aa443e849129ed4fd89fa2ed4def47a3222dee550687042c3968e577e42 | - | ol8_x86_64_u1_baseos_patch | |
| kernel-doc-4.18.0-147.8.1.el8_1.noarch.rpm | 341da5071e968854e3a96fddd5621d53220d14c2c16c7f40d343bbff4ac05991 | - | ol8_x86_64_baseos_latest | |
| kernel-doc-4.18.0-147.8.1.el8_1.noarch.rpm | 341da5071e968854e3a96fddd5621d53220d14c2c16c7f40d343bbff4ac05991 | - | ol8_x86_64_u1_baseos_patch | |
| kernel-headers-4.18.0-147.8.1.el8_1.x86_64.rpm | 54110b74f073b3204ce342123508fdef4696aba482f36cc183c3e7cb057bd9f3 | - | ol8_x86_64_baseos_latest | |
| kernel-headers-4.18.0-147.8.1.el8_1.x86_64.rpm | 54110b74f073b3204ce342123508fdef4696aba482f36cc183c3e7cb057bd9f3 | - | ol8_x86_64_u1_baseos_patch | |
| kernel-modules-4.18.0-147.8.1.el8_1.x86_64.rpm | 3e7c986e54b0486a1469c0f0734286e332d11b620872f42e7edfd8433c6019f4 | - | ol8_x86_64_baseos_latest | |
| kernel-modules-4.18.0-147.8.1.el8_1.x86_64.rpm | 3e7c986e54b0486a1469c0f0734286e332d11b620872f42e7edfd8433c6019f4 | - | ol8_x86_64_u1_baseos_patch | |
| kernel-modules-extra-4.18.0-147.8.1.el8_1.x86_64.rpm | c6b9edce6bfc94bec29387c52b063739393ef6ee8e887bb9bec0b2b04e8983be | - | ol8_x86_64_baseos_latest | |
| kernel-modules-extra-4.18.0-147.8.1.el8_1.x86_64.rpm | c6b9edce6bfc94bec29387c52b063739393ef6ee8e887bb9bec0b2b04e8983be | - | ol8_x86_64_u1_baseos_patch | |
| kernel-tools-4.18.0-147.8.1.el8_1.x86_64.rpm | 18d6dd6404616bcef2d3959532464020e159ade1d29b8a34dc42551ed6009306 | - | ol8_x86_64_baseos_latest | |
| kernel-tools-4.18.0-147.8.1.el8_1.x86_64.rpm | 18d6dd6404616bcef2d3959532464020e159ade1d29b8a34dc42551ed6009306 | - | ol8_x86_64_u1_baseos_patch | |
| kernel-tools-libs-4.18.0-147.8.1.el8_1.x86_64.rpm | 41d9be9ae96b70c81844840aa1b6be6f631425b83ba2ef8a89221abca99f39ef | - | ol8_x86_64_baseos_latest | |
| kernel-tools-libs-4.18.0-147.8.1.el8_1.x86_64.rpm | 41d9be9ae96b70c81844840aa1b6be6f631425b83ba2ef8a89221abca99f39ef | - | ol8_x86_64_u1_baseos_patch | |
| kernel-tools-libs-devel-4.18.0-147.8.1.el8_1.x86_64.rpm | d751baa6dff5c245666c775a5a9f3399745665c10d6b91b7814db4500f2c552c | - | ol8_x86_64_codeready_builder | |
| perf-4.18.0-147.8.1.el8_1.x86_64.rpm | 245968c57e9c9c2aee60125224d1278f9376394ea4107fea7ad1797827c2a587 | - | ol8_x86_64_baseos_latest | |
| perf-4.18.0-147.8.1.el8_1.x86_64.rpm | 245968c57e9c9c2aee60125224d1278f9376394ea4107fea7ad1797827c2a587 | - | ol8_x86_64_u1_baseos_patch | |
| python3-perf-4.18.0-147.8.1.el8_1.x86_64.rpm | 351c393794b33ce1a0c1a051a3e27fc2b96fd884e3bd781182043475f0442620 | - | ol8_x86_64_baseos_latest | |
| python3-perf-4.18.0-147.8.1.el8_1.x86_64.rpm | 351c393794b33ce1a0c1a051a3e27fc2b96fd884e3bd781182043475f0442620 | - | ol8_x86_64_u1_baseos_patch | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
