ELSA-2020-5663

ULN >
Oracle Linux Errata repository >
ELSA-2020-5663

ELSA-2020-5663 - Unbreakable Enterprise kernel security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2020-04-27

Description

[5.4.17-2011.1.2]
- ctf: discard CTF from the vDSO (Nick Alcock) [Orabug: 31194036]

[5.4.17-2011.1.1]
- slcan: Don't transmit uninitialized stack data in padding (Richard Palethorpe) [Orabug: 31136750] {CVE-2020-11494}
- blktrace: Protect q->blk_trace with RCU (Jan Kara) [Orabug: 31123573] {CVE-2019-19768}
- KVM: x86: clear stale x86_emulate_ctxt->intercept value (Vitaly Kuznetsov) [Orabug: 31118688]
- perf/x86/amd: Add support for Large Increment per Cycle Events (Kim Phillips) [Orabug: 31104924]
- perf/x86/amd: Constrain Large Increment per Cycle events (Kim Phillips) [Orabug: 31104924]
- kvm/svm: PKU not currently supported (John Allen) [Orabug: 31104924]
- KVM: SVM: Override default MMIO mask if memory encryption is enabled (Tom Lendacky) [Orabug: 31104924]
- EDAC/amd64: Drop some family checks for newer systems (Yazen Ghannam) [Orabug: 31104924]
- x86/amd_nb: Add Family 19h PCI IDs (Yazen Ghannam) [Orabug: 31104924]
- EDAC/mce_amd: Always load on SMCA systems (Yazen Ghannam) [Orabug: 31104924]
- x86/MCE/AMD, EDAC/mce_amd: Add new Load Store unit McaType (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Add family ops for Family 19h Models 00h-0Fh (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Check for memory before fully initializing an instance (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Use cached data when checking for ECC (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Save max number of controllers to family type (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Gather hardware information early (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Make struct amd64_family_type global (Yazen Ghannam) [Orabug: 31104924]
- floppy: check FDC index for errors before assigning it (Linus Torvalds) [Orabug: 31067510] {CVE-2020-9383}
- KVM: SVM: Guard against DEACTIVATE when performing WBINVD/DF_FLUSH (Tom Lendacky) [Orabug: 31012269]
- KVM: SVM: Serialize access to the SEV ASID bitmap (Tom Lendacky) [Orabug: 31012269]
- iommu/vt-d: Allow devices with RMRRs to use identity domain (Lu Baolu) [Orabug: 31127400]

[5.4.17-2011.1.0]
- vhost: Check docket sk_family instead of call getname (Eugenio Perez) [Orabug: 31085989] {CVE-2020-10942}
- selftests/net: add definition for SOL_DCCP to fix compilation errors for old libc (Alan Maguire) [Orabug: 31078892]
- kernel: cpu.c: fix print typo about SMT status (Mihai Carabas) [Orabug: 31053334]
- nfs: optimise readdir cache page invalidation (Dai Ngo) [Orabug: 31044292]
- NFS: Directory page cache pages need to be locked when read (Trond Myklebust) [Orabug: 31044292]
- rds: transport module should be auto loaded when transport is set (Rao Shoaib) [Orabug: 31032126]
- efi: Fix a race and a buffer overflow while reading efivars via sysfs (Vladis Dronov) [Orabug: 31020408]
- net: Support GRO/GSO fraglist chaining. (Steffen Klassert) [Orabug: 30670829]
- net: Add fraglist GRO/GSO feature flags (Steffen Klassert) [Orabug: 30670829]
- udp: Support UDP fraglist GRO/GSO. (Steffen Klassert) [Orabug: 30670829]
- net: remove the check argument from __skb_gro_checksum_convert (Li RongQing) [Orabug: 30670829]
- Revert 'nvme_fc: add module to ops template to allow module references' (John Donnelly) [Orabug: 31119387]
- ext4: add cond_resched() to ext4_protect_reserved_inode (Shijie Luo) [Orabug: 31067112] {CVE-2020-8992}
- dsa: disable module unloading for ARM64 (Allen Pais) [Orabug: 30456791]
- bpf: Undo incorrect __reg_bound_offset32 handling (Daniel Borkmann) [Orabug: 31127385] {CVE-2020-8835}
- bpf: Fix tnum constraints for 32-bit comparisons (Jann Horn) [Orabug: 31127385] {CVE-2020-8835}

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	kernel-uek-5.4.17-2011.1.2.el7uek.src.rpm	f8d49f0c0afe64b0198b63b1d994a5143d7e8e41aa8fbcac7ca5ffa0d48a9f34	ELSA-2025-20190	ol7_aarch64_UEKR6
	kernel-uek-5.4.17-2011.1.2.el7uek.aarch64.rpm	a1d47425b10a8d3a6bb7eb198473ff75b9e36feb6268985ef97c564c66cb1533	ELSA-2025-20190	ol7_aarch64_UEKR6
	kernel-uek-debug-5.4.17-2011.1.2.el7uek.aarch64.rpm	d1b9ac60d315debbf4c63bafff1ac937893b4106dbb3d6027ee632fd6f2beddd	ELSA-2025-20190	ol7_aarch64_UEKR6
	kernel-uek-debug-devel-5.4.17-2011.1.2.el7uek.aarch64.rpm	d6a035bdcc8db63ad50a3e2f38bfcf4e4c9d3d29bb7cc99cd0fe83d5079ad2d7	ELSA-2025-20190	ol7_aarch64_UEKR6
	kernel-uek-devel-5.4.17-2011.1.2.el7uek.aarch64.rpm	d383ab90fe21567a2fab98e5951405e55bf75c27edbd7ea055f313d9839373b9	ELSA-2025-20190	ol7_aarch64_UEKR6
	kernel-uek-doc-5.4.17-2011.1.2.el7uek.noarch.rpm	48f0cc73c5f2674f5175a6533bd449176e60b4e65d4b1f30aa043394f2bd7420	ELSA-2025-20190	ol7_aarch64_UEKR6
	kernel-uek-tools-5.4.17-2011.1.2.el7uek.aarch64.rpm	aa3f5f06c02bc7abc00331da46048059f39b5a64771cfc4aef0d7491dff676bb	ELSA-2025-20190	ol7_aarch64_UEKR6
	kernel-uek-tools-libs-5.4.17-2011.1.2.el7uek.aarch64.rpm	dfb542d663e51afeadf7fc2ee7cd65d325c23f486ad587a9e6ce1f108ad2dda4	ELSA-2025-20019	ol7_aarch64_UEKR6
	perf-5.4.17-2011.1.2.el7uek.aarch64.rpm	a5b9f6098c841ad60339c42977ac64591eed13592a82c4acd64460bd86d4b57e	ELSA-2025-20019	ol7_aarch64_UEKR6
	python-perf-5.4.17-2011.1.2.el7uek.aarch64.rpm	1625c8cf5fd11a574ae1edbe6f52deb3ef701e503cb18010337c52fa6356f1e2	ELSA-2025-20019	ol7_aarch64_UEKR6

Oracle Linux 7 (x86_64)	kernel-uek-5.4.17-2011.1.2.el7uek.src.rpm	f8d49f0c0afe64b0198b63b1d994a5143d7e8e41aa8fbcac7ca5ffa0d48a9f34	ELSA-2025-20190	ol7_x86_64_UEKR6
	kernel-uek-5.4.17-2011.1.2.el7uek.x86_64.rpm	d666aa72a1f0586de773e4003b1f20c0fe9e2ab75288816c16dff74455b4fff2	ELSA-2025-20190	ol7_x86_64_UEKR6
	kernel-uek-debug-5.4.17-2011.1.2.el7uek.x86_64.rpm	dffdcd2c61849c7767999efcfbbe8b4cc066f0fd69bb57ebe798247e19ba91ea	ELSA-2025-20190	ol7_x86_64_UEKR6
	kernel-uek-debug-devel-5.4.17-2011.1.2.el7uek.x86_64.rpm	e8b52c4af09b98f729fb801bb521006f0363977705f279353cbf610b29be57aa	ELSA-2025-20190	ol7_x86_64_UEKR6
	kernel-uek-devel-5.4.17-2011.1.2.el7uek.x86_64.rpm	6be6f3cfb60571e3916d1cf82d4212c69542201e083cc4144d51e43d689d1a58	ELSA-2025-20190	ol7_x86_64_UEKR6
	kernel-uek-doc-5.4.17-2011.1.2.el7uek.noarch.rpm	48f0cc73c5f2674f5175a6533bd449176e60b4e65d4b1f30aa043394f2bd7420	ELSA-2025-20190	ol7_x86_64_UEKR6
	kernel-uek-tools-5.4.17-2011.1.2.el7uek.x86_64.rpm	81e7e9b18ad0418529291d86b3bc31e97251cd3c091f4b6657277fcb475a8234	ELSA-2025-20190	ol7_x86_64_UEKR6

Oracle Linux 8 (aarch64)	kernel-uek-5.4.17-2011.1.2.el8uek.src.rpm	344fa751a047987f97354792eebd6f768860b1ab903daa637231d87ea5b2aa59	-	ol8_aarch64_baseos_latest
	kernel-uek-5.4.17-2011.1.2.el8uek.src.rpm	344fa751a047987f97354792eebd6f768860b1ab903daa637231d87ea5b2aa59	-	ol8_aarch64_developer_UEKR6
	kernel-uek-5.4.17-2011.1.2.el8uek.src.rpm	344fa751a047987f97354792eebd6f768860b1ab903daa637231d87ea5b2aa59	-	ol8_aarch64_u2_baseos_base
	kernel-uek-5.4.17-2011.1.2.el8uek.aarch64.rpm	d25842a7ff57e7af1b6ef1821fb167b8037591c7cee4a17c551d940287708eeb	-	ol8_aarch64_baseos_latest
	kernel-uek-5.4.17-2011.1.2.el8uek.aarch64.rpm	d25842a7ff57e7af1b6ef1821fb167b8037591c7cee4a17c551d940287708eeb	-	ol8_aarch64_developer_UEKR6
	kernel-uek-5.4.17-2011.1.2.el8uek.aarch64.rpm	d25842a7ff57e7af1b6ef1821fb167b8037591c7cee4a17c551d940287708eeb	-	ol8_aarch64_u2_baseos_base
	kernel-uek-debug-5.4.17-2011.1.2.el8uek.aarch64.rpm	1114d3f23ebdf39bd21dbbc5a8ba7d2444a7f05810ce7c1a42b36114844559c5	-	ol8_aarch64_baseos_latest
	kernel-uek-debug-5.4.17-2011.1.2.el8uek.aarch64.rpm	1114d3f23ebdf39bd21dbbc5a8ba7d2444a7f05810ce7c1a42b36114844559c5	-	ol8_aarch64_developer_UEKR6
	kernel-uek-debug-5.4.17-2011.1.2.el8uek.aarch64.rpm	1114d3f23ebdf39bd21dbbc5a8ba7d2444a7f05810ce7c1a42b36114844559c5	-	ol8_aarch64_u2_baseos_base
	kernel-uek-debug-devel-5.4.17-2011.1.2.el8uek.aarch64.rpm	28b1ae1caa571074a3abf66604955cb01fe3d538296213c223db5111cacc2423	-	ol8_aarch64_baseos_latest
	kernel-uek-debug-devel-5.4.17-2011.1.2.el8uek.aarch64.rpm	28b1ae1caa571074a3abf66604955cb01fe3d538296213c223db5111cacc2423	-	ol8_aarch64_developer_UEKR6
	kernel-uek-debug-devel-5.4.17-2011.1.2.el8uek.aarch64.rpm	28b1ae1caa571074a3abf66604955cb01fe3d538296213c223db5111cacc2423	-	ol8_aarch64_u2_baseos_base
	kernel-uek-devel-5.4.17-2011.1.2.el8uek.aarch64.rpm	9aba5a2e700d9e7b15d012253bcd04941871277fdf148ee5869c9a940b601071	-	ol8_aarch64_baseos_latest
	kernel-uek-devel-5.4.17-2011.1.2.el8uek.aarch64.rpm	9aba5a2e700d9e7b15d012253bcd04941871277fdf148ee5869c9a940b601071	-	ol8_aarch64_developer_UEKR6
	kernel-uek-devel-5.4.17-2011.1.2.el8uek.aarch64.rpm	9aba5a2e700d9e7b15d012253bcd04941871277fdf148ee5869c9a940b601071	-	ol8_aarch64_u2_baseos_base
	kernel-uek-doc-5.4.17-2011.1.2.el8uek.noarch.rpm	3f3ff5c8d5be66158aa893146fd3624743dbc9dfdadd48c55ce7f39e27607f3e	-	ol8_aarch64_baseos_latest
	kernel-uek-doc-5.4.17-2011.1.2.el8uek.noarch.rpm	3f3ff5c8d5be66158aa893146fd3624743dbc9dfdadd48c55ce7f39e27607f3e	-	ol8_aarch64_developer_UEKR6
	kernel-uek-doc-5.4.17-2011.1.2.el8uek.noarch.rpm	3f3ff5c8d5be66158aa893146fd3624743dbc9dfdadd48c55ce7f39e27607f3e	-	ol8_aarch64_u2_baseos_base

Oracle Linux 8 (x86_64)	kernel-uek-5.4.17-2011.1.2.el8uek.src.rpm	344fa751a047987f97354792eebd6f768860b1ab903daa637231d87ea5b2aa59	-	ol8_x86_64_UEKR6
	kernel-uek-5.4.17-2011.1.2.el8uek.x86_64.rpm	c75748d8fde1d61c497fbe2f3ba7bcafd5ea1666b53776dd4587e2542faa923e	-	ol8_x86_64_UEKR6
	kernel-uek-debug-5.4.17-2011.1.2.el8uek.x86_64.rpm	f1753af203fa68c8ad7c42397fe4cd07c713b91c5880c69c77e40c870bf950bd	-	ol8_x86_64_UEKR6
	kernel-uek-debug-devel-5.4.17-2011.1.2.el8uek.x86_64.rpm	3d1243859ff9001886ce971038ff2eab6773f7c1bbe3491a15d0228a2476e40e	-	ol8_x86_64_UEKR6
	kernel-uek-devel-5.4.17-2011.1.2.el8uek.x86_64.rpm	be64f48f52c1bc7badcab3d1d6ff56726b2a4cc3b8567c2f96deddfd9de470ff	-	ol8_x86_64_UEKR6
	kernel-uek-doc-5.4.17-2011.1.2.el8uek.noarch.rpm	3f3ff5c8d5be66158aa893146fd3624743dbc9dfdadd48c55ce7f39e27607f3e	-	ol8_x86_64_UEKR6

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691