ELSA-2020-3218

ULN >
Oracle Linux Errata repository >
ELSA-2020-3218

ELSA-2020-3218 - kernel security and bug fix update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2020-07-30

Description

[4.18.0-193.14.3_2.OL8]
- Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.3.el7

[4.18.0-193.14.3_2]
- Reverse keys order for dual-signing (Frantisek Hrbata) [1837433 1837434] {CVE-2020-10713}

[4.18.0-193.14.2_2]
- [kernel] Move to dual-signing to split signing keys up better (pjones) [1837433 1837434] {CVE-2020-10713}
- [crypto] pefile: Tolerate other pefile signatures after first (Lenny Szubowicz) [1837433 1837434] {CVE-2020-10713}
- [acpi] ACPI: configfs: Disallow loading ACPI tables when locked down (Lenny Szubowicz) [1852968 1852969] {CVE-2020-15780}
- [firmware] efi: Restrict efivar_ssdt_load when the kernel is locked down (Lenny Szubowicz) [1852948 1852949] {CVE-2019-20908}

[4.18.0-193.14.1_2]
- [md] dm mpath: add DM device name to Failing/Reinstating path log messages (Mike Snitzer) [1852050 1822975]
- [md] dm mpath: enhance queue_if_no_path debugging (Mike Snitzer) [1852050 1822975]
- [md] dm mpath: restrict queue_if_no_path state machine (Mike Snitzer) [1852050 1822975]
- [md] dm mpath: simplify __must_push_back (Mike Snitzer) [1852050 1822975]
- [md] dm: use DMDEBUG macros now that they use pr_debug variants (Mike Snitzer) [1852050 1822975]
- [include] dm: use dynamic debug instead of compile-time config option (Mike Snitzer) [1852050 1822975]
- [md] dm mpath: switch paths in dm_blk_ioctl() code path (Mike Snitzer) [1852050 1822975]
- [md] dm multipath: use updated MPATHF_QUEUE_IO on mapping for bio-based mpath (Mike Snitzer) [1852050 1822975]
- [md] dm: bump version of core and various targets (Mike Snitzer) [1852050 1822975]
- [md] dm mpath: Add timeout mechanism for queue_if_no_path (Mike Snitzer) [1852050 1822975]
- [md] dm mpath: use true_false for bool variable (Mike Snitzer) [1852050 1822975]
- [md] dm mpath: remove harmful bio-based optimization (Mike Snitzer) [1852050 1822975]
- [scsi] scsi: libiscsi: fall back to sendmsg for slab pages (Maurizio Lombardi) [1852048 1825775]
- [s390] s390/mm: fix panic in gup_fast on large pud (Philipp Rudo) [1853336 1816980]

Related CVEs

CVE-2019-20908

CVE-2020-15780

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 8 (aarch64)	kernel-4.18.0-193.14.3.el8_2.src.rpm	a74ab4629036cf5fdf54e1b60609b95e	-
	bpftool-4.18.0-193.14.3.el8_2.aarch64.rpm	5870c1894934164d474b45021baf0790	-
	kernel-cross-headers-4.18.0-193.14.3.el8_2.aarch64.rpm	9641d51c8c9afcdae083dc0a97b2c237	-
	kernel-headers-4.18.0-193.14.3.el8_2.aarch64.rpm	50a008bed867435a8db3bbd6561ecfe7	-
	kernel-tools-4.18.0-193.14.3.el8_2.aarch64.rpm	bb05294dd5bdd970ffe73d59a70728e0	-
	kernel-tools-libs-4.18.0-193.14.3.el8_2.aarch64.rpm	2c7cc8a267ca4281579bf39720f78b10	-
	kernel-tools-libs-devel-4.18.0-193.14.3.el8_2.aarch64.rpm	0b5fbe909b309ad09b2b7c4c1c20043e	-
	perf-4.18.0-193.14.3.el8_2.aarch64.rpm	25ee39a3bd2867bd804b89274724d8a2	-
	python3-perf-4.18.0-193.14.3.el8_2.aarch64.rpm	08da628ee4fbffc49e36e6d496968b45	-

Oracle Linux 8 (x86_64)	kernel-4.18.0-193.14.3.el8_2.src.rpm	a74ab4629036cf5fdf54e1b60609b95e	-
	bpftool-4.18.0-193.14.3.el8_2.x86_64.rpm	60c3ff0120aa1f9b201af4b4486bbe92	-
	kernel-4.18.0-193.14.3.el8_2.x86_64.rpm	21a144fa6c5bdbc6128e680234f3f606	-
	kernel-abi-whitelists-4.18.0-193.14.3.el8_2.noarch.rpm	288df2902f393fcff3e9467c23580110	-
	kernel-core-4.18.0-193.14.3.el8_2.x86_64.rpm	02681a4e7ee169679d5a2761ba507a6a	-
	kernel-cross-headers-4.18.0-193.14.3.el8_2.x86_64.rpm	95c539b8804c9815062ab3b45e426c20	-
	kernel-debug-4.18.0-193.14.3.el8_2.x86_64.rpm	bb0afe314caac65cb5b1bb604ec87f12	-
	kernel-debug-core-4.18.0-193.14.3.el8_2.x86_64.rpm	9651fcd798065b7b464279d105e60d76	-
	kernel-debug-devel-4.18.0-193.14.3.el8_2.x86_64.rpm	fd32e424364cd13725585400bbb16945	-
	kernel-debug-modules-4.18.0-193.14.3.el8_2.x86_64.rpm	91221d2ad4f30ec5ecec9813673feae5	-
	kernel-debug-modules-extra-4.18.0-193.14.3.el8_2.x86_64.rpm	674b03c6bb62c0c939237fe7483fff0a	-
	kernel-devel-4.18.0-193.14.3.el8_2.x86_64.rpm	e66a954769dd9baa7fb10c3cb48b737b	-
	kernel-doc-4.18.0-193.14.3.el8_2.noarch.rpm	b185cc400711e6defce8caebbdc23781	-
	kernel-headers-4.18.0-193.14.3.el8_2.x86_64.rpm	b860ffa246eec7bfde69a167b8110f57	-
	kernel-modules-4.18.0-193.14.3.el8_2.x86_64.rpm	14a5649bb6ab94068f06c3fbc4b9f836	-
	kernel-modules-extra-4.18.0-193.14.3.el8_2.x86_64.rpm	e9946486a76a88a3be39a7e008847a1a	-
	kernel-tools-4.18.0-193.14.3.el8_2.x86_64.rpm	dc0c3db57f1e0399f38d6475e35567ec	-
	kernel-tools-libs-4.18.0-193.14.3.el8_2.x86_64.rpm	f8a7483a50c9bb101b715734e0a48be4	-
	kernel-tools-libs-devel-4.18.0-193.14.3.el8_2.x86_64.rpm	dd33d0934c2812375694e67b95ebfee8	-
	perf-4.18.0-193.14.3.el8_2.x86_64.rpm	6c073075ebcf1c8e9a2672c8dc3b3e1c	-
	python3-perf-4.18.0-193.14.3.el8_2.x86_64.rpm	22ff7ecfb0b95c336095aa996450ee6d	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691