ELSA-2020-5473
- ULN >
- Oracle Linux Errata repository >
- ELSA-2020-5473
ELSA-2020-5473 - kernel security and bug fix update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2020-12-17 |
Description
[4.18.0-240.8.1_3.OL8]
- Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.3.el7
[4.18.0-240.8.1_3]
- [s390] s390/dasd: Fix zero write for FBA devices (Ming Lei) [1896787 1881760]
- [s390] mm/gup: fix gup_fast with dynamic page table folding (Philipp Rudo) [1896351 1883266]
- [netdrv] ibmveth: Identify ingress large send packets (Gustavo Duarte) [1896299 1887038]
- [netdrv] ibmveth: Switch order of ibmveth_helper calls (Gustavo Duarte) [1896299 1887038]
[4.18.0-240.7.1_3]
- [fs] writeback: Drop I_DIRTY_TIME_EXPIRE (Waiman Long) [1901547 1860031]
- [fs] writeback: Fix sync livelock due to b_dirty_time processing (Waiman Long) [1901547 1860031]
- [fs] writeback: Avoid skipping inode writeback (Waiman Long) [1901547 1860031]
- [fs] writeback: Protect inode->i_io_list with inode->i_lock (Waiman Long) [1901547 1860031]
- [fs] fs: Introduce DCACHE_DONTCACHE (Waiman Long) [1901547 1860031]
- [fs] fs: Lift XFS_IDONTCACHE to the VFS layer (Waiman Long) [1901547 1860031]
- [fs] dcache: sort the freeing-without-RCU-delay mess for good (Waiman Long) [1901547 1860031]
- [net] ip_tunnel_core: Fix build for archs without _HAVE_ARCH_IPV6_CSUM (Aaron Conole) [1885766 1849736]
- [tools] selftests: pmtu.sh: Add tests for UDP tunnels handled by Open vSwitch (Aaron Conole) [1885766 1849736]
- [tools] selftests: pmtu.sh: Add tests for bridged UDP tunnels (Aaron Conole) [1885766 1849736]
- [net] geneve: Support for PMTU discovery on directly bridged links (Aaron Conole) [1885766 1849736]
- [net] vxlan: Support for PMTU discovery on directly bridged links (Aaron Conole) [1885766 1849736]
- [net] tunnels: PMTU discovery support for directly bridged IP packets (Aaron Conole) [1885766 1849736]
- [net] ipv4: route: Ignore output interface in FIB lookup for PMTU route (Aaron Conole) [1885766 1849736]
- [netdrv] geneve: add transport ports in route lookup for geneve (Mark Gray) [1891818 1884481] {CVE-2020-25645}
- [kernel] PM: hibernate: Batch hibernate and resume IO requests (Lenny Szubowicz) [1894629 1868096]
- [md] dm: fix comment in __dm_suspend() (Mike Snitzer) [1890233 1881531]
- [md] dm: fold dm_process_bio() into dm_make_request() (Mike Snitzer) [1890233 1881531]
- [md] dm: fix missing imposition of queue_limits from dm_wq_work() thread (Mike Snitzer) [1890233 1881531]
- [md] dm: optimize max_io_len() by inlining max_io_len_target_boundary() (Mike Snitzer) [1890233 1881531]
- [md] dm: push md->immutable_target optimization down to __process_bio() (Mike Snitzer) [1890233 1881531]
- [md] dm: change max_io_len() to use blk_max_size_offset() (Mike Snitzer) [1890233 1881531]
- [md] dm table: stack 'chunk_sectors' limit to account for target-specific splitting (Mike Snitzer) [1890233 1881531]
- [block] block: allow 'chunk_sectors' to be non-power-of-2 (Mike Snitzer) [1890233 1881531]
- [block] block: use lcm_not_zero() when stacking chunk_sectors (Mike Snitzer) [1890233 1881531]
- [md] dm: fix bio splitting and its bio completion order for regular IO (Mike Snitzer) [1890233 1881531]
[4.18.0-240.6.1_3]
- [arm64] paravirt: Initialize steal time when cpu is online (Andrew Jones) [1898758 1879137]
- [kvm] Revert 'x86/kvm: Move context tracking where it belongs' (Nitesh Narayan Lal) [1897716 1890284]
- [pci] hv: Fix hibernation in case interrupts are not re-created (Mohammed Gamal) [1896435 1846838]
- [hv] hv: vmbus: hibernation: do not hang forever in vmbus_bus_resume() (Mohammed Gamal) [1896434 1876519]
- [netdrv] hv_netvsc: Cache the current data path to avoid duplicate call and message (Mohammed Gamal) [1896433 1876527]
- [netdrv] hv_netvsc: Switch the data path at the right time during hibernation (Mohammed Gamal) [1896433 1876527]
- [netdrv] hv_netvsc: Fix hibernation for mlx5 VF driver (Mohammed Gamal) [1896433 1876527]
- [tools] selftests/powerpc: Make alignment handler test P9N DD2.1 vector CI load workaround (Gustavo Duarte) [1897278 1887442]
- [powerpc] powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation (Gustavo Duarte) [1897278 1887442]
[4.18.0-240.5.1_3]
- [crypto] crypto: testmgr - mark cts(cbc(aes)) as FIPS allowed (Vladis Dronov) [1886189 1855161]
[4.18.0-240.4.1_3]
- [kernel] sched/features: Fix !CONFIG_JUMP_LABEL case (Daniel Bristot de Oliveira) [1894073 1885850]
[4.18.0-240.3.1_3]
- [iommu] iommu/amd: Fix the overwritten field in IVMD header (Baoquan He) [1888113 1869148]
- [fs] xfs: trim IO to found COW extent limit (Eric Sandeen) [1886895 1882549]
- [char] random32: update the net random state on interrupt and activity (Donghai Qiao) [1888233 1867569] {CVE-2020-16166}
- [net] openvswitch: fixes crash if nf_conncount_init() fails (Eelco Chaudron) [1879935 1876445]
[4.18.0-240.2.1_3]
- [tools] selftests: rtnetlink: Test bridge enslavement with different parent IDs (Jonathan Toppins) [1886017 1860479]
- [tools] selftests: rtnetlink: correct the final return value for the test (Jonathan Toppins) [1886017 1860479]
- [net] Fix bridge enslavement failure (Jonathan Toppins) [1886017 1860479]
- [net] netfilter: conntrack: proc: rename stat column (Florian Westphal) [1882094 1875681]
- [net] netfilter: conntrack: add clash resolution stat counter (Florian Westphal) [1882094 1875681]
- [net] netfilter: conntrack: remove ignore stats (Florian Westphal) [1882094 1875681]
- [net] netfilter: conntrack: do not increment two error counters at same time (Florian Westphal) [1882094 1875681]
- [net] netfilter: conntrack: do not auto-delete clash entries on reply (Florian Westphal) [1882094 1875681]
- [kernel] time/tick-broadcast: Fix tick_broadcast_offline() lockdep complaint (Alexey Klimov) [1880080 1877380]
Related CVEs
| CVE-2020-16166 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 8 (aarch64) | kernel-4.18.0-240.8.1.el8_3.src.rpm | f0bde435bd177866dada20b36ff2ccd8 | - |
| bpftool-4.18.0-240.8.1.el8_3.aarch64.rpm | 3b731d3cdea2795ab35b10d9e9af5c05 | - | |
| kernel-cross-headers-4.18.0-240.8.1.el8_3.aarch64.rpm | 4708711c8df317c481c748f56e59f54b | - | |
| kernel-headers-4.18.0-240.8.1.el8_3.aarch64.rpm | ed0bb9572c83f369e467f3b1593f85e3 | - | |
| kernel-tools-4.18.0-240.8.1.el8_3.aarch64.rpm | ccb1b4f452a5fd5b923583541da35c92 | - | |
| kernel-tools-libs-4.18.0-240.8.1.el8_3.aarch64.rpm | 08fc008696a06b4732d629efcdb106a1 | - | |
| kernel-tools-libs-devel-4.18.0-240.8.1.el8_3.aarch64.rpm | e3b5026a3dba219e8ff9b00621e02b47 | - | |
| perf-4.18.0-240.8.1.el8_3.aarch64.rpm | 9504f705521c1ba46ef1e910f1aad681 | - | |
| python3-perf-4.18.0-240.8.1.el8_3.aarch64.rpm | c0703a664010fc4935950308e9292feb | - | |
| Oracle Linux 8 (x86_64) | kernel-4.18.0-240.8.1.el8_3.src.rpm | f0bde435bd177866dada20b36ff2ccd8 | - |
| bpftool-4.18.0-240.8.1.el8_3.x86_64.rpm | a23c8cf9c3f8d486651781feee003c48 | - | |
| kernel-4.18.0-240.8.1.el8_3.x86_64.rpm | dc41e6c4c7600582f06365ad43573ba2 | - | |
| kernel-abi-whitelists-4.18.0-240.8.1.el8_3.noarch.rpm | 7489cdcd167b35159094ecba9f3db8a2 | - | |
| kernel-core-4.18.0-240.8.1.el8_3.x86_64.rpm | 9b6bd430747772f5c605fb0cdabf6f1f | - | |
| kernel-cross-headers-4.18.0-240.8.1.el8_3.x86_64.rpm | 38ede7cf419f9e3920007b1f85f8a8f0 | - | |
| kernel-debug-4.18.0-240.8.1.el8_3.x86_64.rpm | 223203d979e98cc90c403f51df480770 | - | |
| kernel-debug-core-4.18.0-240.8.1.el8_3.x86_64.rpm | 5f1a49cc1c1edfcc79c61226e398fec2 | - | |
| kernel-debug-devel-4.18.0-240.8.1.el8_3.x86_64.rpm | 83b9e9e4fd6c4d9953576d401f683db7 | - | |
| kernel-debug-modules-4.18.0-240.8.1.el8_3.x86_64.rpm | 5140c0c9829d9d573b02ef86024bf3fe | - | |
| kernel-debug-modules-extra-4.18.0-240.8.1.el8_3.x86_64.rpm | 59b85f9d608770a5840201679f3a4c56 | - | |
| kernel-devel-4.18.0-240.8.1.el8_3.x86_64.rpm | 742b909702fe4dc784ddbabd436c9dc9 | - | |
| kernel-doc-4.18.0-240.8.1.el8_3.noarch.rpm | f8a6ae570a85c2b78daf9ba14fce0284 | - | |
| kernel-headers-4.18.0-240.8.1.el8_3.x86_64.rpm | 3e5c7fef769cf34bc43e08b49484a132 | - | |
| kernel-modules-4.18.0-240.8.1.el8_3.x86_64.rpm | 30e420543371bf7a04a9336c68804fc9 | - | |
| kernel-modules-extra-4.18.0-240.8.1.el8_3.x86_64.rpm | 50ae2263666cf21a587362aed101f486 | - | |
| kernel-tools-4.18.0-240.8.1.el8_3.x86_64.rpm | ba9993e7321463515f321c4a0c0933df | - | |
| kernel-tools-libs-4.18.0-240.8.1.el8_3.x86_64.rpm | aa0551f20d3425c7ad4f9335566e4dbb | - | |
| kernel-tools-libs-devel-4.18.0-240.8.1.el8_3.x86_64.rpm | 3f4a461146e4b73622158a4b990e4205 | - | |
| perf-4.18.0-240.8.1.el8_3.x86_64.rpm | d020afaf2b15051ccd03bcabed595143 | - | |
| python3-perf-4.18.0-240.8.1.el8_3.x86_64.rpm | 5d3871b2f73a8758e8337d3501c5d7ee | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
