ELSA-2020-4286
- ULN >
- Oracle Linux Errata repository >
- ELSA-2020-4286
ELSA-2020-4286 - kernel security and bug fix update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2020-10-21 |
Description
[4.18.0-193.28.1_2.OL8]
- Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.3.el7
[4.18.0-193.28.1_2]
- [net] Bluetooth: L2CAP: Fix calling sk_filter on non-socket based channel (Gopal Tiwari) [1888256 1888258] {CVE-2020-12351}
- [net] Bluetooth: A2MP: Fix not initializing all members (Gopal Tiwari) [1888906 1888807] {CVE-2020-12352}
[4.18.0-193.27.1_2]
- [powerpc] powerpc/pseries: Do not initiate shutdown when system is running on UPS (Diego Domingos) [1882243 1870477]
- [video] vgacon: Fix for missing check in scrollback handling (Lyude Paul) [1859471 1859472] {CVE-2020-14331}
[4.18.0-193.26.1_2]
- [firmware] efi: don't reserve MOK config table memory region (Kairui Song) [1879988 1878584]
- [security] integrity: Load certs from the EFI MOK config table (Lenny Szubowicz) [1877528 1868306]
- [security] integrity: Move import of MokListRT certs to a separate routine (Lenny Szubowicz) [1877528 1868306]
- [firmware] efi: Support for MOK variable config table (Lenny Szubowicz) [1877528 1868306]
- [security] efi: Only print errors about failing to get certs if EFI vars are found (Lenny Szubowicz) [1877528 1804969]
- [fs] ceph: fix inode number handling on arches with 32-bit ino_t (Jeff Layton) [1875787 1866018]
- [fs] ceph: handle zero-length feature mask in session messages (Jeff Layton) [1875787 1866018]
- [fs] ceph: fix endianness bug when handling MDS session feature bits (Jeff Layton) [1875787 1866018]
- [netdrv] net/mlx5e: Fix missing cleanup of ethtool steering during rep rx cleanup (Alaa Hleihel) [1857777 1856660]
[4.18.0-193.25.1_2]
- [net] netfilter: conntrack: proc: rename stat column (Florian Westphal) [1882095 1875681]
- [net] netfilter: conntrack: add clash resolution stat counter (Florian Westphal) [1882095 1875681]
- [net] netfilter: conntrack: remove ignore stats (Florian Westphal) [1882095 1875681]
- [net] netfilter: conntrack: do not increment two error counters at same time (Florian Westphal) [1882095 1875681]
- [net] netfilter: conntrack: do not auto-delete clash entries on reply (Florian Westphal) [1882095 1875681]
- [fs] xfs: fix boundary test in xfs_attr_shortform_verify (Eric Sandeen) [1881085 1875316] {CVE-2020-14385}
- [kernel] time/tick-broadcast: Fix tick_broadcast_offline() lockdep complaint (Alexey Klimov) [1880081 1877380]
- [net] atomics/treewide: Rename __atomic_add_unless() => atomic_fetch_add_unless() (Yauheni Kaliuta) [1880081 1813370]
- [kernel] timers: Lower base clock forwarding threshold (Phil Auld) [1877417 1833096]
[4.18.0-193.24.1_2]
- [kernel] timers: Remove must_forward_clk (Phil Auld) [1877417 1833096]
- [kernel] timers: Spare timer softirq until next expiry (Phil Auld) [1877417 1833096]
- [kernel] timers: Expand clk forward logic beyond nohz (Phil Auld) [1877417 1833096]
- [kernel] timers: Reuse next expiry cache after nohz exit (Phil Auld) [1877417 1833096]
- [kernel] timers: Always keep track of next expiry (Phil Auld) [1877417 1833096]
- [kernel] timers: Optimize _next_timer_interrupt() level iteration (Phil Auld) [1877417 1833096]
- [kernel] timers: Add comments about calc_index() ceiling work (Phil Auld) [1877417 1833096]
- [kernel] timers: Move trigger_dyntick_cpu() to enqueue_timer() (Phil Auld) [1877417 1833096]
- [kernel] timers: Use only bucket expiry for base->next_expiry value (Phil Auld) [1877417 1833096]
- [kernel] timers: Preserve higher bits of expiration on index calculation (Phil Auld) [1877417 1833096]
- [kernel] timer: Fix wheel index calculation on last level (Phil Auld) [1877417 1833096]
- [kernel] timer: Prevent base->clk from moving backward (Phil Auld) [1877417 1833096]
- [kernel] timer: Read jiffies once when forwarding base clk (Phil Auld) [1877417 1833096]
- [infiniband] RDMA/umem: Fix ib_umem_find_best_pgsz() (Kamal Heib) [1872424 1856158]
- [net] net: accept an empty mask in /sys/class/net/*/queues/rx-*/rps_cpus (Nitesh Narayan Lal) [1870181 1868433]
- [net] net: Restrict receive packets queuing to housekeeping CPUs (Nitesh Narayan Lal) [1867174 1844520]
- [pci] PCI: Restrict probe functions to housekeeping CPUs (Nitesh Narayan Lal) [1867174 1844520]
- [lib] lib: Restrict cpumask_local_spread to houskeeping CPUs (Nitesh Narayan Lal) [1867174 1844520]
- [s390] s390/pci: Fix unexpected write combine on resource (Philipp Rudo) [1869276 1827311]
[4.18.0-193.23.1_2]
- [net] packet: fix overflow in tpacket_rcv (Hangbin Liu) [1876223 1876224] {CVE-2020-14386}
- [net] packet: make tp_drops atomic (Hangbin Liu) [1876223 1876224] {CVE-2020-14386}
[4.18.0-193.22.1_2]
- [crypto] pefile: Support multiple signatures in verify_pefile_signature (Lenny Szubowicz) [1877530 1862072]
- [crypto] Revert 'pefile: Tolerate other pefile signatures after first' (Bruno Meneguele)
- [infiniband] IB/hfi1: Fix another case where pq is left on waitlist (Kamal Heib) [1872766 1859209]
- [infiniband] IB/hfi1: Ensure pq is not left on waitlist (Kamal Heib) [1872766 1859209]
[4.18.0-193.21.1_2]
- [scsi] scsi: ibmvfc: Fix NULL return compiler warning (Steve Best) [1866371 1810653]
- [scsi] scsi: ibmvfc: Avoid loss of all paths during SVC node reboot (Steve Best) [1866371 1810653]
[4.18.0-193.20.1_2]
- [infiniband] IB/rdmavt: Fix RQ counting issues causing use of an invalid RWQE (Kamal Heib) [1872771 1850314]
- [block] blk-mq: Rerun dispatching in the case of budget contention (Ming Lei) [1869779 1824037]
- [block] blk-mq: Add blk_mq_delay_run_hw_queues() API call (Ming Lei) [1869779 1824037]
- [block] blk-mq: In blk_mq_dispatch_rq_list() 'no budget' is a reason to kick (Ming Lei) [1869779 1824037]
- [block] blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (Ming Lei) [1869779 1824037]
- [md] dm mpath: use double checked locking in fast path (Mike Snitzer) [1869386 1848651]
- [md] dm mpath: rename current_pgpath to pgpath in multipath_prepare_ioctl (Mike Snitzer) [1869386 1848651]
- [md] dm mpath: rework __map_bio() (Mike Snitzer) [1869386 1848651]
- [md] dm mpath: factor out multipath_queue_bio (Mike Snitzer) [1869386 1848651]
- [md] dm mpath: push locking down to must_push_back_rq() (Mike Snitzer) [1869386 1848651]
- [md] dm mpath: take m->lock spinlock when testing QUEUE_IF_NO_PATH (Mike Snitzer) [1869386 1848651]
- [md] dm mpath: changes from initial m->flags locking audit (Mike Snitzer) [1869386 1848651]
- [md] dm rq: don't call blk_mq_queue_stopped() in dm_stop_queue() (Mike Snitzer) [1869386 1848651]
- [md] dm: do not use waitqueue for request-based DM (Mike Snitzer) [1869386 1848651]
- [block] blk-mq: consider non-idle request as 'inflight' in blk_mq_rq_inflight() (Mike Snitzer) [1869386 1848651]
- [kernel] sched/deadline: Initialize ->dl_boosted (Phil Auld) [1867612 1854179]
- [kernel] sched/core: Fix PI boosting between RT and DEADLINE tasks (Phil Auld) [1867612 1854179]
- [net] net/smc: tolerate future SMCD versions (Philipp Rudo) [1866390 1854992]
- [net] openvswitch: fixes potential deadlock in dp cleanup code (Eelco Chaudron) [1859216 1845662]
- [net] openvswitch: reorder masks array based on usage (Eelco Chaudron) [1859216 1845662]
- [net] openvswitch: take into account de-fragmentation/gso_size in execute_check_pkt_len (Lorenzo Bianconi) [1860169 1851888]
Related CVEs
| CVE-2020-14331 |
| CVE-2020-14385 |
| CVE-2020-12351 |
| CVE-2020-14386 |
| CVE-2020-12352 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 8 (aarch64) | kernel-4.18.0-193.28.1.el8_2.src.rpm | ff887bb0f9697fbc73bacf6726893e53a2c25af9321fd9c9f3fafd7d3c66ddcc | - | ol8_aarch64_baseos_latest |
| kernel-4.18.0-193.28.1.el8_2.src.rpm | ff887bb0f9697fbc73bacf6726893e53a2c25af9321fd9c9f3fafd7d3c66ddcc | - | ol8_aarch64_u2_baseos_patch | |
| bpftool-4.18.0-193.28.1.el8_2.aarch64.rpm | 2ba0c98938a3814977fcf68ad9c41c48e4e6c51c6e962599c79bc85e02ad7b71 | - | ol8_aarch64_baseos_latest | |
| bpftool-4.18.0-193.28.1.el8_2.aarch64.rpm | 2ba0c98938a3814977fcf68ad9c41c48e4e6c51c6e962599c79bc85e02ad7b71 | - | ol8_aarch64_u2_baseos_patch | |
| kernel-cross-headers-4.18.0-193.28.1.el8_2.aarch64.rpm | c18eb65a0109e5effcf891ed40a750c775efefec968c03610647c8ba172faf2f | - | ol8_aarch64_baseos_latest | |
| kernel-cross-headers-4.18.0-193.28.1.el8_2.aarch64.rpm | c18eb65a0109e5effcf891ed40a750c775efefec968c03610647c8ba172faf2f | - | ol8_aarch64_u2_baseos_patch | |
| kernel-headers-4.18.0-193.28.1.el8_2.aarch64.rpm | 1ed1029bd406ffb95276d0bc97be1fa73912b9364bcab49d7835a61ca7352360 | - | ol8_aarch64_baseos_latest | |
| kernel-headers-4.18.0-193.28.1.el8_2.aarch64.rpm | 1ed1029bd406ffb95276d0bc97be1fa73912b9364bcab49d7835a61ca7352360 | - | ol8_aarch64_u2_baseos_patch | |
| kernel-tools-4.18.0-193.28.1.el8_2.aarch64.rpm | 4aa99506e719ae313ec610adc1818d64a6f4905bea34e202fabd1f494e10ed81 | - | ol8_aarch64_baseos_latest | |
| kernel-tools-4.18.0-193.28.1.el8_2.aarch64.rpm | 4aa99506e719ae313ec610adc1818d64a6f4905bea34e202fabd1f494e10ed81 | - | ol8_aarch64_u2_baseos_patch | |
| kernel-tools-libs-4.18.0-193.28.1.el8_2.aarch64.rpm | 2b224ce8849fe48e3a8de59d6b01edc412465d8b83518caa1e05056bbd5e5e89 | - | ol8_aarch64_baseos_latest | |
| kernel-tools-libs-4.18.0-193.28.1.el8_2.aarch64.rpm | 2b224ce8849fe48e3a8de59d6b01edc412465d8b83518caa1e05056bbd5e5e89 | - | ol8_aarch64_u2_baseos_patch | |
| perf-4.18.0-193.28.1.el8_2.aarch64.rpm | f58f4007162cf36fb18b045553113e21ec068191bde087e5121782a46efca43f | - | ol8_aarch64_baseos_latest | |
| perf-4.18.0-193.28.1.el8_2.aarch64.rpm | f58f4007162cf36fb18b045553113e21ec068191bde087e5121782a46efca43f | - | ol8_aarch64_u2_baseos_patch | |
| python3-perf-4.18.0-193.28.1.el8_2.aarch64.rpm | a0e9f59847886b99b1febda97894d7e97613d0288fa1683cdbda0333e7bf0893 | - | ol8_aarch64_baseos_latest | |
| python3-perf-4.18.0-193.28.1.el8_2.aarch64.rpm | a0e9f59847886b99b1febda97894d7e97613d0288fa1683cdbda0333e7bf0893 | - | ol8_aarch64_u2_baseos_patch | |
| Oracle Linux 8 (x86_64) | kernel-4.18.0-193.28.1.el8_2.src.rpm | ff887bb0f9697fbc73bacf6726893e53a2c25af9321fd9c9f3fafd7d3c66ddcc | - | ol8_x86_64_baseos_latest |
| kernel-4.18.0-193.28.1.el8_2.src.rpm | ff887bb0f9697fbc73bacf6726893e53a2c25af9321fd9c9f3fafd7d3c66ddcc | - | ol8_x86_64_codeready_builder | |
| kernel-4.18.0-193.28.1.el8_2.src.rpm | ff887bb0f9697fbc73bacf6726893e53a2c25af9321fd9c9f3fafd7d3c66ddcc | - | ol8_x86_64_u2_baseos_patch | |
| bpftool-4.18.0-193.28.1.el8_2.x86_64.rpm | fe0ab941914aa5a0aab04e682d9355a538b6d120b3464b57effb4c4adda65560 | - | ol8_x86_64_baseos_latest | |
| bpftool-4.18.0-193.28.1.el8_2.x86_64.rpm | fe0ab941914aa5a0aab04e682d9355a538b6d120b3464b57effb4c4adda65560 | - | ol8_x86_64_u2_baseos_patch | |
| kernel-4.18.0-193.28.1.el8_2.x86_64.rpm | a1f52d7926c71c35e012db1cc0b076d7dd9e859644e3b2a04b456d0b911d395f | - | ol8_x86_64_baseos_latest | |
| kernel-4.18.0-193.28.1.el8_2.x86_64.rpm | a1f52d7926c71c35e012db1cc0b076d7dd9e859644e3b2a04b456d0b911d395f | - | ol8_x86_64_u2_baseos_patch | |
| kernel-abi-whitelists-4.18.0-193.28.1.el8_2.noarch.rpm | c434a845791540b10f85739c406aa1fdd6679be2a771fe1fd1c024136c35ad99 | - | ol8_x86_64_baseos_latest | |
| kernel-abi-whitelists-4.18.0-193.28.1.el8_2.noarch.rpm | c434a845791540b10f85739c406aa1fdd6679be2a771fe1fd1c024136c35ad99 | - | ol8_x86_64_u2_baseos_patch | |
| kernel-core-4.18.0-193.28.1.el8_2.x86_64.rpm | 42d34bc2670804b9daf6499c8d54572792be47b4dd1ece29ab1c9ef63b31cac2 | - | ol8_x86_64_baseos_latest | |
| kernel-core-4.18.0-193.28.1.el8_2.x86_64.rpm | 42d34bc2670804b9daf6499c8d54572792be47b4dd1ece29ab1c9ef63b31cac2 | - | ol8_x86_64_u2_baseos_patch | |
| kernel-cross-headers-4.18.0-193.28.1.el8_2.x86_64.rpm | e2194a733a4104acc8865216fc3d5198a0cce870b9e743ae135951edf3b563eb | - | ol8_x86_64_baseos_latest | |
| kernel-cross-headers-4.18.0-193.28.1.el8_2.x86_64.rpm | e2194a733a4104acc8865216fc3d5198a0cce870b9e743ae135951edf3b563eb | - | ol8_x86_64_u2_baseos_patch | |
| kernel-debug-4.18.0-193.28.1.el8_2.x86_64.rpm | 413fdbb7e862673d12092531084a62894be304dc3810a82c3b0dae4ba8db1eb2 | - | ol8_x86_64_baseos_latest | |
| kernel-debug-4.18.0-193.28.1.el8_2.x86_64.rpm | 413fdbb7e862673d12092531084a62894be304dc3810a82c3b0dae4ba8db1eb2 | - | ol8_x86_64_u2_baseos_patch | |
| kernel-debug-core-4.18.0-193.28.1.el8_2.x86_64.rpm | 07dd447cae1a2c746cc532e80ed7a4ff0a7ee8725c8f7a0c7eafca18a1c97e46 | - | ol8_x86_64_baseos_latest | |
| kernel-debug-core-4.18.0-193.28.1.el8_2.x86_64.rpm | 07dd447cae1a2c746cc532e80ed7a4ff0a7ee8725c8f7a0c7eafca18a1c97e46 | - | ol8_x86_64_u2_baseos_patch | |
| kernel-debug-devel-4.18.0-193.28.1.el8_2.x86_64.rpm | 5eb4afd16cac00d730711c90f740b00e80d4236f606b8c2d9b45bbb098f34acb | - | ol8_x86_64_baseos_latest | |
| kernel-debug-devel-4.18.0-193.28.1.el8_2.x86_64.rpm | 5eb4afd16cac00d730711c90f740b00e80d4236f606b8c2d9b45bbb098f34acb | - | ol8_x86_64_u2_baseos_patch | |
| kernel-debug-modules-4.18.0-193.28.1.el8_2.x86_64.rpm | e8060fc1ada078e71f6c0a346869f100f8260ecd7f228335dad8b7c2d5aad168 | - | ol8_x86_64_baseos_latest | |
| kernel-debug-modules-4.18.0-193.28.1.el8_2.x86_64.rpm | e8060fc1ada078e71f6c0a346869f100f8260ecd7f228335dad8b7c2d5aad168 | - | ol8_x86_64_u2_baseos_patch | |
| kernel-debug-modules-extra-4.18.0-193.28.1.el8_2.x86_64.rpm | c383488e9822ae133f1e246c6b4e8de59141c4bdd3ada375cf6e999528665165 | - | ol8_x86_64_baseos_latest | |
| kernel-debug-modules-extra-4.18.0-193.28.1.el8_2.x86_64.rpm | c383488e9822ae133f1e246c6b4e8de59141c4bdd3ada375cf6e999528665165 | - | ol8_x86_64_u2_baseos_patch | |
| kernel-devel-4.18.0-193.28.1.el8_2.x86_64.rpm | bdd955271a2307e23f83005d89608d1011b27a87529479e8755fdabd544bc32e | - | ol8_x86_64_baseos_latest | |
| kernel-devel-4.18.0-193.28.1.el8_2.x86_64.rpm | bdd955271a2307e23f83005d89608d1011b27a87529479e8755fdabd544bc32e | - | ol8_x86_64_u2_baseos_patch | |
| kernel-doc-4.18.0-193.28.1.el8_2.noarch.rpm | df0c39853a895d644d0140f52799e2338e6d6d231366caafcac4d73cdb6a3ab2 | - | ol8_x86_64_baseos_latest | |
| kernel-doc-4.18.0-193.28.1.el8_2.noarch.rpm | df0c39853a895d644d0140f52799e2338e6d6d231366caafcac4d73cdb6a3ab2 | - | ol8_x86_64_u2_baseos_patch | |
| kernel-headers-4.18.0-193.28.1.el8_2.x86_64.rpm | 6779ab3bdb5eee27aa61c3cec71faa48976e171aa2a7c881731af73516d01473 | - | ol8_x86_64_baseos_latest | |
| kernel-headers-4.18.0-193.28.1.el8_2.x86_64.rpm | 6779ab3bdb5eee27aa61c3cec71faa48976e171aa2a7c881731af73516d01473 | - | ol8_x86_64_u2_baseos_patch | |
| kernel-modules-4.18.0-193.28.1.el8_2.x86_64.rpm | 7a945508153b5b79b9e6d4a23a8bc2f8b6d806aab06884a5a0f1740d6c4e2568 | - | ol8_x86_64_baseos_latest | |
| kernel-modules-4.18.0-193.28.1.el8_2.x86_64.rpm | 7a945508153b5b79b9e6d4a23a8bc2f8b6d806aab06884a5a0f1740d6c4e2568 | - | ol8_x86_64_u2_baseos_patch | |
| kernel-modules-extra-4.18.0-193.28.1.el8_2.x86_64.rpm | 8348d618022e5a5cfb27ede3b1ebe26e1db764bbca2afd25c8da5baf4270cf06 | - | ol8_x86_64_baseos_latest | |
| kernel-modules-extra-4.18.0-193.28.1.el8_2.x86_64.rpm | 8348d618022e5a5cfb27ede3b1ebe26e1db764bbca2afd25c8da5baf4270cf06 | - | ol8_x86_64_u2_baseos_patch | |
| kernel-tools-4.18.0-193.28.1.el8_2.x86_64.rpm | c8e10940c46405a7d9506214b228963d39294ded2a7d660b882e347feed694be | - | ol8_x86_64_baseos_latest | |
| kernel-tools-4.18.0-193.28.1.el8_2.x86_64.rpm | c8e10940c46405a7d9506214b228963d39294ded2a7d660b882e347feed694be | - | ol8_x86_64_u2_baseos_patch | |
| kernel-tools-libs-4.18.0-193.28.1.el8_2.x86_64.rpm | a5688d5c20306c7fed326c399e574f22f712a7c1db9cbaa1268b159e1f685ea8 | - | ol8_x86_64_baseos_latest | |
| kernel-tools-libs-4.18.0-193.28.1.el8_2.x86_64.rpm | a5688d5c20306c7fed326c399e574f22f712a7c1db9cbaa1268b159e1f685ea8 | - | ol8_x86_64_u2_baseos_patch | |
| perf-4.18.0-193.28.1.el8_2.x86_64.rpm | db7a6ef28e7fec652f9f0056ef6d3596cc8fff4429c4e1c44bce7bc2b17fa5fd | - | ol8_x86_64_baseos_latest | |
| perf-4.18.0-193.28.1.el8_2.x86_64.rpm | db7a6ef28e7fec652f9f0056ef6d3596cc8fff4429c4e1c44bce7bc2b17fa5fd | - | ol8_x86_64_u2_baseos_patch | |
| python3-perf-4.18.0-193.28.1.el8_2.x86_64.rpm | 6ce6973fe929069f6bea728023f340277b2b9972a88b5d01ea237ea710193b8f | - | ol8_x86_64_baseos_latest | |
| python3-perf-4.18.0-193.28.1.el8_2.x86_64.rpm | 6ce6973fe929069f6bea728023f340277b2b9972a88b5d01ea237ea710193b8f | - | ol8_x86_64_u2_baseos_patch | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
