ELSA-2020-3218

ULN >
Oracle Linux Errata repository >
ELSA-2020-3218

ELSA-2020-3218 - kernel security and bug fix update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2020-07-30

Description

[4.18.0-193.14.3_2.OL8]
- Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.3.el7

[4.18.0-193.14.3_2]
- Reverse keys order for dual-signing (Frantisek Hrbata) [1837433 1837434] {CVE-2020-10713}

[4.18.0-193.14.2_2]
- [kernel] Move to dual-signing to split signing keys up better (pjones) [1837433 1837434] {CVE-2020-10713}
- [crypto] pefile: Tolerate other pefile signatures after first (Lenny Szubowicz) [1837433 1837434] {CVE-2020-10713}
- [acpi] ACPI: configfs: Disallow loading ACPI tables when locked down (Lenny Szubowicz) [1852968 1852969] {CVE-2020-15780}
- [firmware] efi: Restrict efivar_ssdt_load when the kernel is locked down (Lenny Szubowicz) [1852948 1852949] {CVE-2019-20908}

[4.18.0-193.14.1_2]
- [md] dm mpath: add DM device name to Failing/Reinstating path log messages (Mike Snitzer) [1852050 1822975]
- [md] dm mpath: enhance queue_if_no_path debugging (Mike Snitzer) [1852050 1822975]
- [md] dm mpath: restrict queue_if_no_path state machine (Mike Snitzer) [1852050 1822975]
- [md] dm mpath: simplify __must_push_back (Mike Snitzer) [1852050 1822975]
- [md] dm: use DMDEBUG macros now that they use pr_debug variants (Mike Snitzer) [1852050 1822975]
- [include] dm: use dynamic debug instead of compile-time config option (Mike Snitzer) [1852050 1822975]
- [md] dm mpath: switch paths in dm_blk_ioctl() code path (Mike Snitzer) [1852050 1822975]
- [md] dm multipath: use updated MPATHF_QUEUE_IO on mapping for bio-based mpath (Mike Snitzer) [1852050 1822975]
- [md] dm: bump version of core and various targets (Mike Snitzer) [1852050 1822975]
- [md] dm mpath: Add timeout mechanism for queue_if_no_path (Mike Snitzer) [1852050 1822975]
- [md] dm mpath: use true_false for bool variable (Mike Snitzer) [1852050 1822975]
- [md] dm mpath: remove harmful bio-based optimization (Mike Snitzer) [1852050 1822975]
- [scsi] scsi: libiscsi: fall back to sendmsg for slab pages (Maurizio Lombardi) [1852048 1825775]
- [s390] s390/mm: fix panic in gup_fast on large pud (Philipp Rudo) [1853336 1816980]

Related CVEs

CVE-2019-20908

CVE-2020-15780

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	kernel-4.18.0-193.14.3.el8_2.src.rpm	02d359ea4f680a89a0f6c950cc675de3b5aa7c902e72e4342dd4ff83fc1d8f35	-	ol8_aarch64_baseos_latest
	kernel-4.18.0-193.14.3.el8_2.src.rpm	02d359ea4f680a89a0f6c950cc675de3b5aa7c902e72e4342dd4ff83fc1d8f35	-	ol8_aarch64_codeready_builder
	kernel-4.18.0-193.14.3.el8_2.src.rpm	02d359ea4f680a89a0f6c950cc675de3b5aa7c902e72e4342dd4ff83fc1d8f35	-	ol8_aarch64_u2_baseos_patch
	bpftool-4.18.0-193.14.3.el8_2.aarch64.rpm	fdab4d11d47a49cb790c64d6a8a8607bced6dad8e20ef7baef51fa5e84650c90	-	ol8_aarch64_baseos_latest
	bpftool-4.18.0-193.14.3.el8_2.aarch64.rpm	fdab4d11d47a49cb790c64d6a8a8607bced6dad8e20ef7baef51fa5e84650c90	-	ol8_aarch64_u2_baseos_patch
	kernel-cross-headers-4.18.0-193.14.3.el8_2.aarch64.rpm	e01b52507b9729a6b9cf9be13fc42b9f2f579dff8e2be628463aa7edf189392d	-	ol8_aarch64_baseos_latest
	kernel-cross-headers-4.18.0-193.14.3.el8_2.aarch64.rpm	e01b52507b9729a6b9cf9be13fc42b9f2f579dff8e2be628463aa7edf189392d	-	ol8_aarch64_u2_baseos_patch
	kernel-headers-4.18.0-193.14.3.el8_2.aarch64.rpm	d4d2239208ab4a4b90ee3761938b329b3ede24359562e6360fed13d9ecf51a64	-	ol8_aarch64_baseos_latest
	kernel-headers-4.18.0-193.14.3.el8_2.aarch64.rpm	d4d2239208ab4a4b90ee3761938b329b3ede24359562e6360fed13d9ecf51a64	-	ol8_aarch64_u2_baseos_patch
	kernel-tools-4.18.0-193.14.3.el8_2.aarch64.rpm	87ee0e727bf6ac1122f6a96d2d236af901e8a256da228725642c174216e8b48e	-	ol8_aarch64_baseos_latest
	kernel-tools-4.18.0-193.14.3.el8_2.aarch64.rpm	87ee0e727bf6ac1122f6a96d2d236af901e8a256da228725642c174216e8b48e	-	ol8_aarch64_u2_baseos_patch
	kernel-tools-libs-4.18.0-193.14.3.el8_2.aarch64.rpm	c82bda36f8e7cd4661363cb9f65f67ab281fae9791a1ae666d4affba59d0f8b0	-	ol8_aarch64_baseos_latest
	kernel-tools-libs-4.18.0-193.14.3.el8_2.aarch64.rpm	c82bda36f8e7cd4661363cb9f65f67ab281fae9791a1ae666d4affba59d0f8b0	-	ol8_aarch64_u2_baseos_patch
	kernel-tools-libs-devel-4.18.0-193.14.3.el8_2.aarch64.rpm	b69ccf4316d765cd442a6cbd8d038e784e1162f95e1d4e85cabc239360d89669	-	ol8_aarch64_codeready_builder
	perf-4.18.0-193.14.3.el8_2.aarch64.rpm	cf777c6847f75d15373ab4fa3b61e0871be8f92ade83d076ef7f0008816bdf5e	-	ol8_aarch64_baseos_latest
	perf-4.18.0-193.14.3.el8_2.aarch64.rpm	cf777c6847f75d15373ab4fa3b61e0871be8f92ade83d076ef7f0008816bdf5e	-	ol8_aarch64_u2_baseos_patch
	python3-perf-4.18.0-193.14.3.el8_2.aarch64.rpm	28fc937e2a97a0db22f0a3e1c935e4a8d027375d9a5c69762d215c053b224f41	-	ol8_aarch64_baseos_latest
	python3-perf-4.18.0-193.14.3.el8_2.aarch64.rpm	28fc937e2a97a0db22f0a3e1c935e4a8d027375d9a5c69762d215c053b224f41	-	ol8_aarch64_u2_baseos_patch

Oracle Linux 8 (x86_64)	kernel-4.18.0-193.14.3.el8_2.src.rpm	02d359ea4f680a89a0f6c950cc675de3b5aa7c902e72e4342dd4ff83fc1d8f35	-	ol8_x86_64_baseos_latest
	kernel-4.18.0-193.14.3.el8_2.src.rpm	02d359ea4f680a89a0f6c950cc675de3b5aa7c902e72e4342dd4ff83fc1d8f35	-	ol8_x86_64_codeready_builder
	kernel-4.18.0-193.14.3.el8_2.src.rpm	02d359ea4f680a89a0f6c950cc675de3b5aa7c902e72e4342dd4ff83fc1d8f35	-	ol8_x86_64_u2_baseos_patch
	bpftool-4.18.0-193.14.3.el8_2.x86_64.rpm	ba77139661c71c36a5e2d85f635ce73dd5f96d8a0321f56a072b4b540256ffe5	-	ol8_x86_64_baseos_latest
	bpftool-4.18.0-193.14.3.el8_2.x86_64.rpm	ba77139661c71c36a5e2d85f635ce73dd5f96d8a0321f56a072b4b540256ffe5	-	ol8_x86_64_u2_baseos_patch
	kernel-4.18.0-193.14.3.el8_2.x86_64.rpm	7020cff349ea40c80730ca99e732e46429ec0ba2d8106fbb90014a7130126180	-	ol8_x86_64_baseos_latest
	kernel-4.18.0-193.14.3.el8_2.x86_64.rpm	7020cff349ea40c80730ca99e732e46429ec0ba2d8106fbb90014a7130126180	-	ol8_x86_64_u2_baseos_patch
	kernel-abi-whitelists-4.18.0-193.14.3.el8_2.noarch.rpm	d6f0add28cc8531ba3e73c8e2f7476c82d6ed80f0cfa56eed3a077f795759c24	-	ol8_x86_64_baseos_latest
	kernel-abi-whitelists-4.18.0-193.14.3.el8_2.noarch.rpm	d6f0add28cc8531ba3e73c8e2f7476c82d6ed80f0cfa56eed3a077f795759c24	-	ol8_x86_64_u2_baseos_patch
	kernel-core-4.18.0-193.14.3.el8_2.x86_64.rpm	d35d9f2ace2fc927c177adb8c1ea283d90c2f4683e437aaffa0a60efc5775b15	-	ol8_x86_64_baseos_latest
	kernel-core-4.18.0-193.14.3.el8_2.x86_64.rpm	d35d9f2ace2fc927c177adb8c1ea283d90c2f4683e437aaffa0a60efc5775b15	-	ol8_x86_64_u2_baseos_patch
	kernel-cross-headers-4.18.0-193.14.3.el8_2.x86_64.rpm	469ca41ea3f1fb89b6bcddad37f608ee57d4d2f0444954505ed88becf11a560a	-	ol8_x86_64_baseos_latest
	kernel-cross-headers-4.18.0-193.14.3.el8_2.x86_64.rpm	469ca41ea3f1fb89b6bcddad37f608ee57d4d2f0444954505ed88becf11a560a	-	ol8_x86_64_u2_baseos_patch
	kernel-debug-4.18.0-193.14.3.el8_2.x86_64.rpm	18a0e46175cd687d7a968d1c1b255edb15f4f08a37f4fc6a2ef9184c7018d48f	-	ol8_x86_64_baseos_latest
	kernel-debug-4.18.0-193.14.3.el8_2.x86_64.rpm	18a0e46175cd687d7a968d1c1b255edb15f4f08a37f4fc6a2ef9184c7018d48f	-	ol8_x86_64_u2_baseos_patch
	kernel-debug-core-4.18.0-193.14.3.el8_2.x86_64.rpm	2f292f25aad8176fe985e1f74a7ba4171ba6802f09939108880cc928735994be	-	ol8_x86_64_baseos_latest
	kernel-debug-core-4.18.0-193.14.3.el8_2.x86_64.rpm	2f292f25aad8176fe985e1f74a7ba4171ba6802f09939108880cc928735994be	-	ol8_x86_64_u2_baseos_patch
	kernel-debug-devel-4.18.0-193.14.3.el8_2.x86_64.rpm	00ee3be5ec2f90bbad80f9f9df1a266321ca10f348bc00821f59efabd86123e8	-	ol8_x86_64_baseos_latest
	kernel-debug-devel-4.18.0-193.14.3.el8_2.x86_64.rpm	00ee3be5ec2f90bbad80f9f9df1a266321ca10f348bc00821f59efabd86123e8	-	ol8_x86_64_u2_baseos_patch
	kernel-debug-modules-4.18.0-193.14.3.el8_2.x86_64.rpm	5d6ad2ec5b6d2dd89b12fc8532768cd17341505e932f4e8238cc8479e68ba1a2	-	ol8_x86_64_baseos_latest
	kernel-debug-modules-4.18.0-193.14.3.el8_2.x86_64.rpm	5d6ad2ec5b6d2dd89b12fc8532768cd17341505e932f4e8238cc8479e68ba1a2	-	ol8_x86_64_u2_baseos_patch
	kernel-debug-modules-extra-4.18.0-193.14.3.el8_2.x86_64.rpm	63ef79dbf77a7fec8a5dc96ef7dcd8fb2aa3a9e3312c657b81b5bd68eac1c7d6	-	ol8_x86_64_baseos_latest
	kernel-debug-modules-extra-4.18.0-193.14.3.el8_2.x86_64.rpm	63ef79dbf77a7fec8a5dc96ef7dcd8fb2aa3a9e3312c657b81b5bd68eac1c7d6	-	ol8_x86_64_u2_baseos_patch
	kernel-devel-4.18.0-193.14.3.el8_2.x86_64.rpm	885ae73e60327999bae4e831730fe12745f2662ffbace2c3e5aebfdc5eae4587	-	ol8_x86_64_baseos_latest
	kernel-devel-4.18.0-193.14.3.el8_2.x86_64.rpm	885ae73e60327999bae4e831730fe12745f2662ffbace2c3e5aebfdc5eae4587	-	ol8_x86_64_u2_baseos_patch
	kernel-doc-4.18.0-193.14.3.el8_2.noarch.rpm	4fe611e9a17e72c45b4567f3e1cbee1103ca13b9ad960716676a349e59b766ae	-	ol8_x86_64_baseos_latest
	kernel-doc-4.18.0-193.14.3.el8_2.noarch.rpm	4fe611e9a17e72c45b4567f3e1cbee1103ca13b9ad960716676a349e59b766ae	-	ol8_x86_64_u2_baseos_patch
	kernel-headers-4.18.0-193.14.3.el8_2.x86_64.rpm	71a52b13924af89a05546fbcfcbb3f6b865d19a933e81520656fa097b4586838	-	ol8_x86_64_baseos_latest
	kernel-headers-4.18.0-193.14.3.el8_2.x86_64.rpm	71a52b13924af89a05546fbcfcbb3f6b865d19a933e81520656fa097b4586838	-	ol8_x86_64_u2_baseos_patch
	kernel-modules-4.18.0-193.14.3.el8_2.x86_64.rpm	52da4b8cea2b3946be8ffaac7746935aa1a0cb7a3d3794bc24c75fe628232f89	-	ol8_x86_64_baseos_latest
	kernel-modules-4.18.0-193.14.3.el8_2.x86_64.rpm	52da4b8cea2b3946be8ffaac7746935aa1a0cb7a3d3794bc24c75fe628232f89	-	ol8_x86_64_u2_baseos_patch
	kernel-modules-extra-4.18.0-193.14.3.el8_2.x86_64.rpm	85ac41ea5b6f70d6e31523397802824768919117baf4e579ed019a54e019f50a	-	ol8_x86_64_baseos_latest
	kernel-modules-extra-4.18.0-193.14.3.el8_2.x86_64.rpm	85ac41ea5b6f70d6e31523397802824768919117baf4e579ed019a54e019f50a	-	ol8_x86_64_u2_baseos_patch
	kernel-tools-4.18.0-193.14.3.el8_2.x86_64.rpm	910ff43db4f2bc74904ca03d616233484f08ca80eaebdc450c7a78e090d0e912	-	ol8_x86_64_baseos_latest
	kernel-tools-4.18.0-193.14.3.el8_2.x86_64.rpm	910ff43db4f2bc74904ca03d616233484f08ca80eaebdc450c7a78e090d0e912	-	ol8_x86_64_u2_baseos_patch
	kernel-tools-libs-4.18.0-193.14.3.el8_2.x86_64.rpm	7a7189f404e69d1fee0bb5d224a0c842c532fddee042bd4e49dba240e2cd2c0d	-	ol8_x86_64_baseos_latest
	kernel-tools-libs-4.18.0-193.14.3.el8_2.x86_64.rpm	7a7189f404e69d1fee0bb5d224a0c842c532fddee042bd4e49dba240e2cd2c0d	-	ol8_x86_64_u2_baseos_patch
	kernel-tools-libs-devel-4.18.0-193.14.3.el8_2.x86_64.rpm	ac4312e94d92e039de643e4c54322d268c9e273d2342fd89de3367463d98a702	-	ol8_x86_64_codeready_builder
	perf-4.18.0-193.14.3.el8_2.x86_64.rpm	bc6b9b10bb70ee7c14a99994cb349e6001c9ac0f4f93f1965725a66e05484bb5	-	ol8_x86_64_baseos_latest
	perf-4.18.0-193.14.3.el8_2.x86_64.rpm	bc6b9b10bb70ee7c14a99994cb349e6001c9ac0f4f93f1965725a66e05484bb5	-	ol8_x86_64_u2_baseos_patch
	python3-perf-4.18.0-193.14.3.el8_2.x86_64.rpm	1a934330a418cac442f6027d198c4c60e6b15616b083fc1763e25672ab43a819	-	ol8_x86_64_baseos_latest
	python3-perf-4.18.0-193.14.3.el8_2.x86_64.rpm	1a934330a418cac442f6027d198c4c60e6b15616b083fc1763e25672ab43a819	-	ol8_x86_64_u2_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691