ELSA-2020-5437

ULN >
Oracle Linux Errata repository >
ELSA-2020-5437

ELSA-2020-5437 - kernel security and bug fix update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2020-12-16

Description

[3.10.0-1160.11.1.OL7]
- Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.3

[3.10.0-1160.11.1]
- [netdrv] hdlc_ppp: add range checks in ppp_cp_parse_cr() (Guillaume Nault) [1882078] {CVE-2020-25643}
- [fs] ext4: fix potential negative array index in do_split() (Pavel Reichl) [1846164] {CVE-2020-14314}
- [fs] nfsd: apply umask on fs without ACL support ('J. Bruce Fields') [1870215] {CVE-2020-24394}
- [kernel] watchdog/core: Remove the park_in_progress obfuscation (Waiman Long) [1860661]
- [mm] swap_slots: recheck cache->slots_ret under spin_lock_irq() protection (Rafael Aquini) [1862915]
- [netdrv] ethernet: i40e: Set RX_ONLY mode for unicast promiscuous on VLAN (Stefan Assmann) [1845677]
- [infiniband] mlx5: Fix use-after-free in dereg_mr() (Alaa Hleihel) [1880184]

[3.10.0-1160.10.1]
- [md] dm-mirror: provide the merge method (Mikulas Patocka) [1890059]
- [nvme] nvme-rdma: cancel async events before freeing event struct (David Milburn) [1857397]
- [s390] dasd: Use struct_size() helper (Sterling Alexander) [1886477]
- [s390] dasd: fix inability to use DASD with DIAG driver (Sterling Alexander) [1886477]
- [hv] hv_utils: drain the timesync packets on onchannelcallback (Vitaly Kuznetsov) [1884735]
- [hv] hv_utils: return error if host timesysnc update is stale (Vitaly Kuznetsov) [1884735]
- [x86] cpu: Re-apply forced caps every time CPU caps are re-read (Herbert Xu) [1886792]
- [x86] cpu: Factor out application of forced CPU caps (Herbert Xu) [1886792]

[3.10.0-1160.9.1]
- [hv] hv: vmbus: Only notify Hyper-V for die events that are oops (Vitaly Kuznetsov) [1868130]
- [uapi] include: do not export changes made to struct ip_ct_sctp (Florian Westphal) [1887975]
- [net] openvswitch: free vport unless register_netdevice() succeeds (Timothy Redaelli) [1869190]
- [net] openvswitch: do not free vport if register_netdevice() is failed (Timothy Redaelli) [1869190]
- [kernel] signals: avoid random wakeups in sigsuspend() (Oleg Nesterov) [1704650]
- [fs] nfs: Fix getxattr kernel panic and memory overflow (Benjamin Coddington) [1880893] {CVE-2020-25212}

[3.10.0-1160.8.1]
- [kernel] sched/fair: Fix RCU stall upon -ENOMEM in sched_create_group() (Kenneth Yin) [1878000]
- [security] selinux: do not report error on connect(AF_UNSPEC) (Paolo Abeni) [1886305]
- [kernel] timer: Fix lockup in __run_timers() caused by large jiffies/timer_jiffies delta (Waiman Long) [1849716]
- [mm] revert 'mm/page_alloc: fix memmap_init_zone pageblock alignment' (Artem Savkov) [1878732]
- [mm] page_alloc: Make paranoid check in move_freepages a VM_BUG_ON (Artem Savkov) [1878732]
- [nvme] rdma: Avoid double freeing of async event data (Gopal Tiwari) [1878950]
- [pci] hv: Fix a timing issue which causes kdump to fail occasionally (Mohammed Gamal) [1846667]

[3.10.0-1160.7.1]
- [fs] xfs: fix off-by-one in inode alloc block reservation calculation (Brian Foster) [1857203]
- [fs] xfs: fix inode allocation block res calculation precedence (Brian Foster) [1857203]
- [powerpc] powernv/dump: Handle multiple writes to ack attribute (Gustavo Duarte) [1873189]
- [powerpc] powernv/dump: Fix race while processing OPAL dump (Gustavo Duarte) [1873189]
- [powerpc] powernv: opal-dump: Use IRQ_HANDLED instead of numbers in interrupt handler (Gustavo Duarte) [1873189]
- [powerpc] opal_elog: Handle multiple writes to ack attribute (Gustavo Duarte) [1873189]
- [powerpc] powernv/elog: Fix race while processing OPAL error log event (Gustavo Duarte) [1873189]
- [powerpc] powernv Adapt opal-elog and opal-dump to new sysfs_remove_file_self (Gustavo Duarte) [1873189]
- [powerpc] powernv: Fix opal-elog interrupt handler (Gustavo Duarte) [1873189]
- [net] flow_dissector: switch to siphash (Davide Caratti) [1835614] {CVE-2019-18282}
- [fs] xfs: fix boundary test in xfs_attr_shortform_verify (Eric Sandeen) [1875317] {CVE-2020-14385}
- [fs] cifs: make 'nodfs' mount opt a superblock flag (Leif Sahlberg) [1873033]
- [crypto] crypto: authenc - fix parsing key with misaligned rta_len (Herbert Xu) [1846355] {CVE-2020-10769}

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	kernel-3.10.0-1160.11.1.el7.src.rpm	af5c8ea1d9ff793c9af9dd709584986fed2b222fceb4748a4424b24485ca9254	ELSA-2025-1281	ol7_x86_64_latest
	kernel-3.10.0-1160.11.1.el7.src.rpm	af5c8ea1d9ff793c9af9dd709584986fed2b222fceb4748a4424b24485ca9254	ELSA-2025-1281	ol7_x86_64_optional_latest
	kernel-3.10.0-1160.11.1.el7.src.rpm	af5c8ea1d9ff793c9af9dd709584986fed2b222fceb4748a4424b24485ca9254	ELSA-2025-1281	ol7_x86_64_u9_patch
	bpftool-3.10.0-1160.11.1.el7.x86_64.rpm	033ca0013bc554fa1a53ee655b45a8f47f72e79593e30851d6f39ea18890ffcb	ELSA-2025-1281	ol7_x86_64_latest
	bpftool-3.10.0-1160.11.1.el7.x86_64.rpm	033ca0013bc554fa1a53ee655b45a8f47f72e79593e30851d6f39ea18890ffcb	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-3.10.0-1160.11.1.el7.x86_64.rpm	68df3e3a60c2c1f77524f10e86fff46af10caf9ff879c89d3cc015f2258ab4db	ELSA-2025-1281	ol7_x86_64_latest
	kernel-3.10.0-1160.11.1.el7.x86_64.rpm	68df3e3a60c2c1f77524f10e86fff46af10caf9ff879c89d3cc015f2258ab4db	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-abi-whitelists-3.10.0-1160.11.1.el7.noarch.rpm	2aad0cc60b2e39829b2349c45f0a845df49b0f506dc5f8636ede8493737959db	ELSA-2025-1281	ol7_x86_64_latest
	kernel-abi-whitelists-3.10.0-1160.11.1.el7.noarch.rpm	2aad0cc60b2e39829b2349c45f0a845df49b0f506dc5f8636ede8493737959db	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-debug-3.10.0-1160.11.1.el7.x86_64.rpm	b4c0e0519a861b37d51bca52fdefeb8e4d883d356a2a55b79a9f171df78290df	ELSA-2025-1281	ol7_x86_64_latest
	kernel-debug-3.10.0-1160.11.1.el7.x86_64.rpm	b4c0e0519a861b37d51bca52fdefeb8e4d883d356a2a55b79a9f171df78290df	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-debug-devel-3.10.0-1160.11.1.el7.x86_64.rpm	6dedd264fa1446f492cb1e0c435c7746f8b146cbece3742b3ed06bf55e5cdde3	ELSA-2025-1281	ol7_x86_64_latest
	kernel-debug-devel-3.10.0-1160.11.1.el7.x86_64.rpm	6dedd264fa1446f492cb1e0c435c7746f8b146cbece3742b3ed06bf55e5cdde3	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-devel-3.10.0-1160.11.1.el7.x86_64.rpm	93fdafb328a1cd4c364678431fd7e97f3c7531d534334bab98aa693d96c2eb25	ELSA-2025-1281	ol7_x86_64_latest
	kernel-devel-3.10.0-1160.11.1.el7.x86_64.rpm	93fdafb328a1cd4c364678431fd7e97f3c7531d534334bab98aa693d96c2eb25	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-doc-3.10.0-1160.11.1.el7.noarch.rpm	275538432c32a696966ba40505c76bbcfc537c322eed956e6c38497867bac883	ELSA-2025-1281	ol7_x86_64_latest
	kernel-doc-3.10.0-1160.11.1.el7.noarch.rpm	275538432c32a696966ba40505c76bbcfc537c322eed956e6c38497867bac883	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-headers-3.10.0-1160.11.1.el7.x86_64.rpm	3f2f2f78543ce75f4e7cc0b6dd619299128b49323d421ff9d6d70dcd8083b8b2	ELSA-2025-1281	exadata_dbserver_19.2.22.0.0_x86_64_base
	kernel-headers-3.10.0-1160.11.1.el7.x86_64.rpm	3f2f2f78543ce75f4e7cc0b6dd619299128b49323d421ff9d6d70dcd8083b8b2	ELSA-2025-1281	exadata_dbserver_19.3.16.0.0_x86_64_base
	kernel-headers-3.10.0-1160.11.1.el7.x86_64.rpm	3f2f2f78543ce75f4e7cc0b6dd619299128b49323d421ff9d6d70dcd8083b8b2	ELSA-2025-1281	exadata_dbserver_19.3.17.0.0_x86_64_base
	kernel-headers-3.10.0-1160.11.1.el7.x86_64.rpm	3f2f2f78543ce75f4e7cc0b6dd619299128b49323d421ff9d6d70dcd8083b8b2	ELSA-2025-1281	exadata_dbserver_20.1.6.0.0_x86_64_base
	kernel-headers-3.10.0-1160.11.1.el7.x86_64.rpm	3f2f2f78543ce75f4e7cc0b6dd619299128b49323d421ff9d6d70dcd8083b8b2	ELSA-2025-1281	exadata_dbserver_20.1.7.0.0_x86_64_base
	kernel-headers-3.10.0-1160.11.1.el7.x86_64.rpm	3f2f2f78543ce75f4e7cc0b6dd619299128b49323d421ff9d6d70dcd8083b8b2	ELSA-2025-1281	ol7_x86_64_latest
	kernel-headers-3.10.0-1160.11.1.el7.x86_64.rpm	3f2f2f78543ce75f4e7cc0b6dd619299128b49323d421ff9d6d70dcd8083b8b2	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-tools-3.10.0-1160.11.1.el7.x86_64.rpm	8d7f2d12fadfde2e735850a823fa992a26604349bd5f633c8dd2bbeb2274ab52	ELSA-2025-1281	ol7_x86_64_latest
	kernel-tools-3.10.0-1160.11.1.el7.x86_64.rpm	8d7f2d12fadfde2e735850a823fa992a26604349bd5f633c8dd2bbeb2274ab52	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-tools-libs-3.10.0-1160.11.1.el7.x86_64.rpm	80f6679b334d7673a6559b81b615586b6c799d0360e2a6aa22d61b184797c26e	ELSA-2025-1281	ol7_x86_64_latest
	kernel-tools-libs-3.10.0-1160.11.1.el7.x86_64.rpm	80f6679b334d7673a6559b81b615586b6c799d0360e2a6aa22d61b184797c26e	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-tools-libs-devel-3.10.0-1160.11.1.el7.x86_64.rpm	292b9480186efb1b1ca1b4c3f0b6abaafeec613669264202e27a1bf548c1e354	ELSA-2025-1281	ol7_x86_64_optional_latest
	perf-3.10.0-1160.11.1.el7.x86_64.rpm	e76f959344224e073d9e70779d55c4f1c67dd6b52616aacbdbdd3b6ae04c64f7	ELSA-2025-20019	ol7_x86_64_latest
	perf-3.10.0-1160.11.1.el7.x86_64.rpm	e76f959344224e073d9e70779d55c4f1c67dd6b52616aacbdbdd3b6ae04c64f7	ELSA-2025-20019	ol7_x86_64_u9_patch
	python-perf-3.10.0-1160.11.1.el7.x86_64.rpm	d9d50ab19fd1b15346e4b4b9bb6af38d3dd960277639506cd907f83a4b82784f	ELSA-2025-20019	ol7_x86_64_latest
	python-perf-3.10.0-1160.11.1.el7.x86_64.rpm	d9d50ab19fd1b15346e4b4b9bb6af38d3dd960277639506cd907f83a4b82784f	ELSA-2025-20019	ol7_x86_64_u9_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691