ELSA-2020-5663

ELSA-2020-5663 - Unbreakable Enterprise kernel security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2020-04-27

Description


[5.4.17-2011.1.2]
- ctf: discard CTF from the vDSO (Nick Alcock) [Orabug: 31194036]

[5.4.17-2011.1.1]
- slcan: Don't transmit uninitialized stack data in padding (Richard Palethorpe) [Orabug: 31136750] {CVE-2020-11494}
- blktrace: Protect q->blk_trace with RCU (Jan Kara) [Orabug: 31123573] {CVE-2019-19768}
- KVM: x86: clear stale x86_emulate_ctxt->intercept value (Vitaly Kuznetsov) [Orabug: 31118688]
- perf/x86/amd: Add support for Large Increment per Cycle Events (Kim Phillips) [Orabug: 31104924]
- perf/x86/amd: Constrain Large Increment per Cycle events (Kim Phillips) [Orabug: 31104924]
- kvm/svm: PKU not currently supported (John Allen) [Orabug: 31104924]
- KVM: SVM: Override default MMIO mask if memory encryption is enabled (Tom Lendacky) [Orabug: 31104924]
- EDAC/amd64: Drop some family checks for newer systems (Yazen Ghannam) [Orabug: 31104924]
- x86/amd_nb: Add Family 19h PCI IDs (Yazen Ghannam) [Orabug: 31104924]
- EDAC/mce_amd: Always load on SMCA systems (Yazen Ghannam) [Orabug: 31104924]
- x86/MCE/AMD, EDAC/mce_amd: Add new Load Store unit McaType (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Add family ops for Family 19h Models 00h-0Fh (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Check for memory before fully initializing an instance (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Use cached data when checking for ECC (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Save max number of controllers to family type (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Gather hardware information early (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Make struct amd64_family_type global (Yazen Ghannam) [Orabug: 31104924]
- floppy: check FDC index for errors before assigning it (Linus Torvalds) [Orabug: 31067510] {CVE-2020-9383}
- KVM: SVM: Guard against DEACTIVATE when performing WBINVD/DF_FLUSH (Tom Lendacky) [Orabug: 31012269]
- KVM: SVM: Serialize access to the SEV ASID bitmap (Tom Lendacky) [Orabug: 31012269]
- iommu/vt-d: Allow devices with RMRRs to use identity domain (Lu Baolu) [Orabug: 31127400]

[5.4.17-2011.1.0]
- vhost: Check docket sk_family instead of call getname (Eugenio Perez) [Orabug: 31085989] {CVE-2020-10942}
- selftests/net: add definition for SOL_DCCP to fix compilation errors for old libc (Alan Maguire) [Orabug: 31078892]
- kernel: cpu.c: fix print typo about SMT status (Mihai Carabas) [Orabug: 31053334]
- nfs: optimise readdir cache page invalidation (Dai Ngo) [Orabug: 31044292]
- NFS: Directory page cache pages need to be locked when read (Trond Myklebust) [Orabug: 31044292]
- rds: transport module should be auto loaded when transport is set (Rao Shoaib) [Orabug: 31032126]
- efi: Fix a race and a buffer overflow while reading efivars via sysfs (Vladis Dronov) [Orabug: 31020408]
- net: Support GRO/GSO fraglist chaining. (Steffen Klassert) [Orabug: 30670829]
- net: Add fraglist GRO/GSO feature flags (Steffen Klassert) [Orabug: 30670829]
- udp: Support UDP fraglist GRO/GSO. (Steffen Klassert) [Orabug: 30670829]
- net: remove the check argument from __skb_gro_checksum_convert (Li RongQing) [Orabug: 30670829]
- Revert 'nvme_fc: add module to ops template to allow module references' (John Donnelly) [Orabug: 31119387]
- ext4: add cond_resched() to ext4_protect_reserved_inode (Shijie Luo) [Orabug: 31067112] {CVE-2020-8992}
- dsa: disable module unloading for ARM64 (Allen Pais) [Orabug: 30456791]
- bpf: Undo incorrect __reg_bound_offset32 handling (Daniel Borkmann) [Orabug: 31127385] {CVE-2020-8835}
- bpf: Fix tnum constraints for 32-bit comparisons (Jann Horn) [Orabug: 31127385] {CVE-2020-8835}


Related CVEs


CVE-2019-19768
CVE-2020-10942
CVE-2020-11494
CVE-2020-8992
CVE-2020-9383
CVE-2020-8835

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (aarch64) kernel-uek-5.4.17-2011.1.2.el7uek.src.rpmf8d49f0c0afe64b0198b63b1d994a5143d7e8e41aa8fbcac7ca5ffa0d48a9f34ELSA-2025-20190ol7_aarch64_UEKR6
kernel-uek-5.4.17-2011.1.2.el7uek.aarch64.rpma1d47425b10a8d3a6bb7eb198473ff75b9e36feb6268985ef97c564c66cb1533ELSA-2025-20190ol7_aarch64_UEKR6
kernel-uek-debug-5.4.17-2011.1.2.el7uek.aarch64.rpmd1b9ac60d315debbf4c63bafff1ac937893b4106dbb3d6027ee632fd6f2bedddELSA-2025-20190ol7_aarch64_UEKR6
kernel-uek-debug-devel-5.4.17-2011.1.2.el7uek.aarch64.rpmd6a035bdcc8db63ad50a3e2f38bfcf4e4c9d3d29bb7cc99cd0fe83d5079ad2d7ELSA-2025-20190ol7_aarch64_UEKR6
kernel-uek-devel-5.4.17-2011.1.2.el7uek.aarch64.rpmd383ab90fe21567a2fab98e5951405e55bf75c27edbd7ea055f313d9839373b9ELSA-2025-20190ol7_aarch64_UEKR6
kernel-uek-doc-5.4.17-2011.1.2.el7uek.noarch.rpm48f0cc73c5f2674f5175a6533bd449176e60b4e65d4b1f30aa043394f2bd7420ELSA-2025-20190ol7_aarch64_UEKR6
kernel-uek-tools-5.4.17-2011.1.2.el7uek.aarch64.rpmaa3f5f06c02bc7abc00331da46048059f39b5a64771cfc4aef0d7491dff676bbELSA-2025-20190ol7_aarch64_UEKR6
kernel-uek-tools-libs-5.4.17-2011.1.2.el7uek.aarch64.rpmdfb542d663e51afeadf7fc2ee7cd65d325c23f486ad587a9e6ce1f108ad2dda4ELSA-2025-20019ol7_aarch64_UEKR6
perf-5.4.17-2011.1.2.el7uek.aarch64.rpma5b9f6098c841ad60339c42977ac64591eed13592a82c4acd64460bd86d4b57eELSA-2025-20019ol7_aarch64_UEKR6
python-perf-5.4.17-2011.1.2.el7uek.aarch64.rpm1625c8cf5fd11a574ae1edbe6f52deb3ef701e503cb18010337c52fa6356f1e2ELSA-2025-20019ol7_aarch64_UEKR6
Oracle Linux 7 (x86_64) kernel-uek-5.4.17-2011.1.2.el7uek.src.rpmf8d49f0c0afe64b0198b63b1d994a5143d7e8e41aa8fbcac7ca5ffa0d48a9f34ELSA-2025-20190ol7_x86_64_UEKR6
kernel-uek-5.4.17-2011.1.2.el7uek.x86_64.rpmd666aa72a1f0586de773e4003b1f20c0fe9e2ab75288816c16dff74455b4fff2ELSA-2025-20190ol7_x86_64_UEKR6
kernel-uek-debug-5.4.17-2011.1.2.el7uek.x86_64.rpmdffdcd2c61849c7767999efcfbbe8b4cc066f0fd69bb57ebe798247e19ba91eaELSA-2025-20190ol7_x86_64_UEKR6
kernel-uek-debug-devel-5.4.17-2011.1.2.el7uek.x86_64.rpme8b52c4af09b98f729fb801bb521006f0363977705f279353cbf610b29be57aaELSA-2025-20190ol7_x86_64_UEKR6
kernel-uek-devel-5.4.17-2011.1.2.el7uek.x86_64.rpm6be6f3cfb60571e3916d1cf82d4212c69542201e083cc4144d51e43d689d1a58ELSA-2025-20190ol7_x86_64_UEKR6
kernel-uek-doc-5.4.17-2011.1.2.el7uek.noarch.rpm48f0cc73c5f2674f5175a6533bd449176e60b4e65d4b1f30aa043394f2bd7420ELSA-2025-20190ol7_x86_64_UEKR6
kernel-uek-tools-5.4.17-2011.1.2.el7uek.x86_64.rpm81e7e9b18ad0418529291d86b3bc31e97251cd3c091f4b6657277fcb475a8234ELSA-2025-20190ol7_x86_64_UEKR6
Oracle Linux 8 (aarch64) kernel-uek-5.4.17-2011.1.2.el8uek.src.rpm344fa751a047987f97354792eebd6f768860b1ab903daa637231d87ea5b2aa59-ol8_aarch64_baseos_latest
kernel-uek-5.4.17-2011.1.2.el8uek.src.rpm344fa751a047987f97354792eebd6f768860b1ab903daa637231d87ea5b2aa59-ol8_aarch64_developer_UEKR6
kernel-uek-5.4.17-2011.1.2.el8uek.src.rpm344fa751a047987f97354792eebd6f768860b1ab903daa637231d87ea5b2aa59-ol8_aarch64_u2_baseos_base
kernel-uek-5.4.17-2011.1.2.el8uek.aarch64.rpmd25842a7ff57e7af1b6ef1821fb167b8037591c7cee4a17c551d940287708eeb-ol8_aarch64_baseos_latest
kernel-uek-5.4.17-2011.1.2.el8uek.aarch64.rpmd25842a7ff57e7af1b6ef1821fb167b8037591c7cee4a17c551d940287708eeb-ol8_aarch64_developer_UEKR6
kernel-uek-5.4.17-2011.1.2.el8uek.aarch64.rpmd25842a7ff57e7af1b6ef1821fb167b8037591c7cee4a17c551d940287708eeb-ol8_aarch64_u2_baseos_base
kernel-uek-debug-5.4.17-2011.1.2.el8uek.aarch64.rpm1114d3f23ebdf39bd21dbbc5a8ba7d2444a7f05810ce7c1a42b36114844559c5-ol8_aarch64_baseos_latest
kernel-uek-debug-5.4.17-2011.1.2.el8uek.aarch64.rpm1114d3f23ebdf39bd21dbbc5a8ba7d2444a7f05810ce7c1a42b36114844559c5-ol8_aarch64_developer_UEKR6
kernel-uek-debug-5.4.17-2011.1.2.el8uek.aarch64.rpm1114d3f23ebdf39bd21dbbc5a8ba7d2444a7f05810ce7c1a42b36114844559c5-ol8_aarch64_u2_baseos_base
kernel-uek-debug-devel-5.4.17-2011.1.2.el8uek.aarch64.rpm28b1ae1caa571074a3abf66604955cb01fe3d538296213c223db5111cacc2423-ol8_aarch64_baseos_latest
kernel-uek-debug-devel-5.4.17-2011.1.2.el8uek.aarch64.rpm28b1ae1caa571074a3abf66604955cb01fe3d538296213c223db5111cacc2423-ol8_aarch64_developer_UEKR6
kernel-uek-debug-devel-5.4.17-2011.1.2.el8uek.aarch64.rpm28b1ae1caa571074a3abf66604955cb01fe3d538296213c223db5111cacc2423-ol8_aarch64_u2_baseos_base
kernel-uek-devel-5.4.17-2011.1.2.el8uek.aarch64.rpm9aba5a2e700d9e7b15d012253bcd04941871277fdf148ee5869c9a940b601071-ol8_aarch64_baseos_latest
kernel-uek-devel-5.4.17-2011.1.2.el8uek.aarch64.rpm9aba5a2e700d9e7b15d012253bcd04941871277fdf148ee5869c9a940b601071-ol8_aarch64_developer_UEKR6
kernel-uek-devel-5.4.17-2011.1.2.el8uek.aarch64.rpm9aba5a2e700d9e7b15d012253bcd04941871277fdf148ee5869c9a940b601071-ol8_aarch64_u2_baseos_base
kernel-uek-doc-5.4.17-2011.1.2.el8uek.noarch.rpm3f3ff5c8d5be66158aa893146fd3624743dbc9dfdadd48c55ce7f39e27607f3e-ol8_aarch64_baseos_latest
kernel-uek-doc-5.4.17-2011.1.2.el8uek.noarch.rpm3f3ff5c8d5be66158aa893146fd3624743dbc9dfdadd48c55ce7f39e27607f3e-ol8_aarch64_developer_UEKR6
kernel-uek-doc-5.4.17-2011.1.2.el8uek.noarch.rpm3f3ff5c8d5be66158aa893146fd3624743dbc9dfdadd48c55ce7f39e27607f3e-ol8_aarch64_u2_baseos_base
Oracle Linux 8 (x86_64) kernel-uek-5.4.17-2011.1.2.el8uek.src.rpm344fa751a047987f97354792eebd6f768860b1ab903daa637231d87ea5b2aa59-ol8_x86_64_UEKR6
kernel-uek-5.4.17-2011.1.2.el8uek.x86_64.rpmc75748d8fde1d61c497fbe2f3ba7bcafd5ea1666b53776dd4587e2542faa923e-ol8_x86_64_UEKR6
kernel-uek-debug-5.4.17-2011.1.2.el8uek.x86_64.rpmf1753af203fa68c8ad7c42397fe4cd07c713b91c5880c69c77e40c870bf950bd-ol8_x86_64_UEKR6
kernel-uek-debug-devel-5.4.17-2011.1.2.el8uek.x86_64.rpm3d1243859ff9001886ce971038ff2eab6773f7c1bbe3491a15d0228a2476e40e-ol8_x86_64_UEKR6
kernel-uek-devel-5.4.17-2011.1.2.el8uek.x86_64.rpmbe64f48f52c1bc7badcab3d1d6ff56726b2a4cc3b8567c2f96deddfd9de470ff-ol8_x86_64_UEKR6
kernel-uek-doc-5.4.17-2011.1.2.el8uek.noarch.rpm3f3ff5c8d5be66158aa893146fd3624743dbc9dfdadd48c55ce7f39e27607f3e-ol8_x86_64_UEKR6



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete