ELSA-2020-5913
- ULN >
- Oracle Linux Errata repository >
- ELSA-2020-5913
ELSA-2020-5913 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2020-11-10 |
Description
[4.14.35-2025.402.2.1]
- powercap: restrict energy meter to root access (Kanth Ghatraju) [Orabug: 32040805] {CVE-2020-8694} {CVE-2020-8695}
[4.14.35-2025.402.2]
- ocfs2: fix remounting needed after setfacl command (Gang He)
- Fix multiple variable definition with syzkaller (Hans Westgaard Ry) [Orabug: 32008770]
- drm/vmwgfx: Use the dma scatter-gather iterator to get dma addresses (Thomas Hellstrom) [Orabug: 32010349]
- i40e: Corrects i40e_setup_tc and i40e_xdp defined but not used warnings (John Donnelly) [Orabug: 32034050]
- bnxt: Corrects warning: 'struct tc_cls_flower_offload' (John Donnelly) [Orabug: 32041757]
- SCSI: Corrects 'ret' not used warning (John Donnelly) [Orabug: 32041763]
- IB/mlx4: disable CQ time stamping (aru kolappan) [Orabug: 32042520]
- qed: Corrects warning: 'qed_iwarp_ll2_slowpath' defined but not used (John Donnelly) [Orabug: 32052276]
[4.14.35-2025.402.1]
- configfs: make ci_type field, some pointers and function arguments const (Bhumika Goyal) [Orabug: 32022427]
- IB/ipoib: Arm 'send_cq' to process completions in due time (Gerd Rausch) [Orabug: 31596798]
- hdlc_ppp: add range checks in ppp_cp_parse_cr() (Dan Carpenter) [Orabug: 31989189] {CVE-2020-25643}
- uek-rpm: Create initramfs at postinstall stage also. (Somasundaram Krishnasamy) [Orabug: 32010303]
- SUNRPC: Remove xprt_connect_status() again (John Donnelly) [Orabug: 32010341]
- geneve: add transport ports in route lookup for geneve (Mark Gray) [Orabug: 32014099] {CVE-2020-25645}
- nvme-fc: fix double-free scenarios on hw queues (James Smart) [Orabug: 32019898]
- xfs: fix warning: unused variable 'sb' (John Donnelly) [Orabug: 32010343]
- nvme-pci: remove queue_count_ops for write_queues and poll_queues (Minwoo Im) [Orabug: 32010357]
- nvme: Corrects warning: unused variable 'startka' (John Donnelly) [Orabug: 32010357]
- uek-rpm: config-aarch64-embedded add fast_kexec (Henry Willard) [Orabug: 32010273]
- arm64: kexec: Add optional fast shutdown for kexec (Henry Willard) [Orabug: 32010273]
- ocfs2: remove unused ocfs2_prepare_inode_for_refcount() (John Donnelly) [Orabug: 32007790]
- rds: fixes warning: unused variable 'cache_sz_k' (John Donnelly) [Orabug: 32008320]
- panic: move disabling iommu to after dump_stack() (John Donnelly) [Orabug: 32009003]
- uek-rpm: Add old OL keys to the default .blacklist keyring (Eric Snowberg) [Orabug: 31961118]
- certs: Add ability to preload revocation certs (Eric Snowberg) [Orabug: 31961118]
- certs: Move load_system_certificate_list to a common function (Eric Snowberg) [Orabug: 31961118]
- certs: Add EFI_CERT_X509_GUID support for dbx entries (Eric Snowberg) [Orabug: 31961118] {CVE-2020-26541}
- Revert 'l2tp: initialise PPP sessions before registering them' (George Kennedy) [Orabug: 31906205]
- btrfs: Don't submit any btree write bio if the fs has errors (Qu Wenruo) [Orabug: 31265337] {CVE-2019-19377} {CVE-2019-19377} {CVE-2019-19377}
- btrfs: only search for left_info if there is no right_info in try_merge_free_space (Josef Bacik) [Orabug: 31351023] {CVE-2019-19448} {CVE-2019-19448}
- xfs: fix boundary test in xfs_attr_shortform_verify (Eric Sandeen) [Orabug: 31895824] {CVE-2020-14385}
- net: add high_order_alloc_disable sysctl (Eric Dumazet) [Orabug: 31907603]
- mm, page_alloc: double zone's batchsize (Aaron Lu) [Orabug: 31907603]
- mm/free_pcppages_bulk: prefetch buddy while not holding lock (Aaron Lu) [Orabug: 31907603]
- mm/free_pcppages_bulk: do not hold lock when picking pages to free (Aaron Lu) [Orabug: 31907603]
- ghes: Corrects: warning: unused variable 'vaddr' [-Wunused-variable] (John Donnelly) [Orabug: 31995830]
- ACPI: properties: Implement get_match_data() callback (Sinan Kaya) [Orabug: 31995830]
- blk-mq: warning: unused variable 'ctx' (John Donnelly) [Orabug: 31996284]
- x86/mitigations: Restore paranoid checks for int3 handling (Boris Ostrovsky) [Orabug: 31999336]
[4.14.35-2025.402.0]
- nbd_genl_status: null check for nla_nest_start (Navid Emamdoost) [Orabug: 31351789] {CVE-2019-16089}
- efi/x86/Add missing error handling to old_memmap 1:1 mapping code (Gen Zhang) [Orabug: 31351924] {CVE-2019-12380}
- RDS: add module parameter to allow module unload or not (Hans Westgaard Ry) [Orabug: 31503865]
- rds: Revert 'Disable module unload by default' (Hans Westgaard Ry) [Orabug: 31503865]
- rds/tcp: Enhance stats maintained by rds (Rao Shoaib) [Orabug: 31521372]
- EDAC/i10nm: Update driver to support different bus number config register offsets (Qiuxu Zhuo) [Orabug: 31645136]
- EDAC, {skx,i10nm}: Make some configurations CPU model specific (Qiuxu Zhuo) [Orabug: 31645136]
- mstflint_access: Update driver code to v4.15.0-1 from Github (Itay Avraham) [Orabug: 31682346]
- KVM: x86: minor code refactor and comments fixup around dirty logging (Anthony Yznaga) [Orabug: 31722765]
- KVM: x86: Manually flush collapsible SPTEs only when toggling flags (Sean Christopherson) [Orabug: 31722765]
- KVM: x86: avoid unnecessary rmap walks when creating/moving slots (Anthony Yznaga) [Orabug: 31722765]
- KVM: x86: remove unnecessary rmap walk of read-only memslots (Anthony Yznaga) [Orabug: 31722765]
- cgroup: fix cgroup_sk_alloc() for sk_clone_lock() (Cong Wang) [Orabug: 31779798] {CVE-2020-14356}
- bpf: ensure helper ids match between UEK5, UEK6 and upstream (Alan Maguire) [Orabug: 31860453]
- netfilter: ctnetlink: add a range check for l3/l4 protonum (Will McVicker) [Orabug: 31872862] {CVE-2020-25211}
- vgacon: remove software scrollback support (Linus Torvalds) [Orabug: 31914690] {CVE-2020-14390}
- fbcon: remove soft scrollback code (Linus Torvalds) [Orabug: 31914690] {CVE-2020-14390}
- KVM: nVMX: do not use dangling shadow VMCS after guest reset (Paolo Bonzini) [Orabug: 31941096]
- Revert 'usb: xhci: do not create and register shared_hcd when USB3.0 is disabled' (Thomas Tai) [Orabug: 31943628]
- uek-rpm: Use oracle-armset-1 to build uekemb2 (Dave Kleikamp) [Orabug: 31950869]
- block: allow for_each_bvec to support zero len bvec (Ming Lei) [Orabug: 31955141] {CVE-2020-25641}
- uek-rpm: Update secure boot UEK signing certificates (Brian Maly) [Orabug: 31979628]
Related CVEs
| CVE-2020-25643 |
| CVE-2019-16089 |
| CVE-2019-19377 |
| CVE-2019-19448 |
| CVE-2020-14390 |
| CVE-2020-8694 |
| CVE-2020-8695 |
| CVE-2020-25211 |
| CVE-2020-26541 |
| CVE-2020-25645 |
| CVE-2020-14356 |
| CVE-2020-14385 |
| CVE-2020-25641 |
| CVE-2019-12380 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 7 (aarch64) | kernel-uek-4.14.35-2025.402.2.1.el7uek.src.rpm | 9ee01c536734a31ed802f45ac99269736d39db795d70bb0c8ca5301905d332ba | ELSA-2025-20190 | ol7_aarch64_latest |
| kernel-uek-4.14.35-2025.402.2.1.el7uek.src.rpm | 9ee01c536734a31ed802f45ac99269736d39db795d70bb0c8ca5301905d332ba | ELSA-2025-20190 | ol7_aarch64_u9_patch | |
| kernel-uek-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 7e8bdbe7cd6a11151640fe27d98ed178c50c462f92f04938e5d865fb0aa3616b | ELSA-2025-20190 | ol7_aarch64_latest | |
| kernel-uek-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 7e8bdbe7cd6a11151640fe27d98ed178c50c462f92f04938e5d865fb0aa3616b | ELSA-2025-20190 | ol7_aarch64_u9_patch | |
| kernel-uek-debug-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 90aa9112284c142aed3caf744b3bc46e60dd16f258b683e4ca8ff3df90718a80 | ELSA-2025-20190 | ol7_aarch64_latest | |
| kernel-uek-debug-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 90aa9112284c142aed3caf744b3bc46e60dd16f258b683e4ca8ff3df90718a80 | ELSA-2025-20190 | ol7_aarch64_u9_patch | |
| kernel-uek-debug-devel-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 11c2005b7c852c3d79c34d9387eaaff7564aee0da307846e45ce5e441a7ba461 | ELSA-2025-20190 | ol7_aarch64_latest | |
| kernel-uek-debug-devel-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 11c2005b7c852c3d79c34d9387eaaff7564aee0da307846e45ce5e441a7ba461 | ELSA-2025-20190 | ol7_aarch64_u9_patch | |
| kernel-uek-devel-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 6ef809c36ec26595c532dac3a08ae08bb257a13070ce890a1e7e5b2c08cd87a3 | ELSA-2025-20190 | ol7_aarch64_latest | |
| kernel-uek-devel-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 6ef809c36ec26595c532dac3a08ae08bb257a13070ce890a1e7e5b2c08cd87a3 | ELSA-2025-20190 | ol7_aarch64_u9_patch | |
| kernel-uek-headers-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 8945d07dc87a91dccdda5dc352abc1a89e3ada88bbb318d6bbb48a75d3e59211 | ELBA-2025-20014 | ol7_aarch64_latest | |
| kernel-uek-headers-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 8945d07dc87a91dccdda5dc352abc1a89e3ada88bbb318d6bbb48a75d3e59211 | ELBA-2025-20014 | ol7_aarch64_u9_patch | |
| kernel-uek-tools-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 002a41edd365b17957e3898f7d8b46c56b2315ccecf92bef5634b799677759f6 | ELSA-2025-20190 | ol7_aarch64_latest | |
| kernel-uek-tools-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 002a41edd365b17957e3898f7d8b46c56b2315ccecf92bef5634b799677759f6 | ELSA-2025-20190 | ol7_aarch64_u9_patch | |
| kernel-uek-tools-libs-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 7e7a0cc6eb8b01f675fffefed5b3bd432e74ddde6edbe316e7d7125f20d9a222 | ELSA-2025-20019 | ol7_aarch64_latest | |
| kernel-uek-tools-libs-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 7e7a0cc6eb8b01f675fffefed5b3bd432e74ddde6edbe316e7d7125f20d9a222 | ELSA-2025-20019 | ol7_aarch64_u9_patch | |
| kernel-uek-tools-libs-devel-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 4f2e50533248005f4773dc28b47f801204dc3c514c039eb668dfd58db93520c8 | ELBA-2025-20014 | ol7_aarch64_latest | |
| kernel-uek-tools-libs-devel-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 4f2e50533248005f4773dc28b47f801204dc3c514c039eb668dfd58db93520c8 | ELBA-2025-20014 | ol7_aarch64_u9_patch | |
| perf-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 60affc2ebe9140d3cc71488a60999207dfe2a3977c744df973c95766f8dbcfa2 | ELSA-2025-20019 | ol7_aarch64_latest | |
| perf-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 60affc2ebe9140d3cc71488a60999207dfe2a3977c744df973c95766f8dbcfa2 | ELSA-2025-20019 | ol7_aarch64_u9_patch | |
| python-perf-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 1155798328e9bc9a881a13eed43c78690f58e5f28332bc9db536eb02cfc98dc8 | ELSA-2025-20019 | ol7_aarch64_latest | |
| python-perf-4.14.35-2025.402.2.1.el7uek.aarch64.rpm | 1155798328e9bc9a881a13eed43c78690f58e5f28332bc9db536eb02cfc98dc8 | ELSA-2025-20019 | ol7_aarch64_u9_patch | |
| Oracle Linux 7 (x86_64) | kernel-uek-4.14.35-2025.402.2.1.el7uek.src.rpm | 9ee01c536734a31ed802f45ac99269736d39db795d70bb0c8ca5301905d332ba | ELSA-2025-20190 | ol7_x86_64_UEKR5 |
| kernel-uek-4.14.35-2025.402.2.1.el7uek.src.rpm | 9ee01c536734a31ed802f45ac99269736d39db795d70bb0c8ca5301905d332ba | ELSA-2025-20190 | ol7_x86_64_UEKR5_archive | |
| kernel-uek-4.14.35-2025.402.2.1.el7uek.x86_64.rpm | 05ab9ae8af6521c85ff392590e8e2be13d135e95dd701ea3e39829555a64e487 | ELSA-2025-20190 | ol7_x86_64_UEKR5 | |
| kernel-uek-4.14.35-2025.402.2.1.el7uek.x86_64.rpm | 05ab9ae8af6521c85ff392590e8e2be13d135e95dd701ea3e39829555a64e487 | ELSA-2025-20190 | ol7_x86_64_UEKR5_archive | |
| kernel-uek-debug-4.14.35-2025.402.2.1.el7uek.x86_64.rpm | cf2f04a2847d9c3f49e23aae50306fc8f2bfaec8aab4168d564029ba6e12ad90 | ELSA-2025-20190 | ol7_x86_64_UEKR5 | |
| kernel-uek-debug-4.14.35-2025.402.2.1.el7uek.x86_64.rpm | cf2f04a2847d9c3f49e23aae50306fc8f2bfaec8aab4168d564029ba6e12ad90 | ELSA-2025-20190 | ol7_x86_64_UEKR5_archive | |
| kernel-uek-debug-devel-4.14.35-2025.402.2.1.el7uek.x86_64.rpm | 3cf872c1f15568230e2da43bddf52360233ff829b8b67f985f37c9fc136c238f | ELSA-2025-20190 | ol7_x86_64_UEKR5 | |
| kernel-uek-debug-devel-4.14.35-2025.402.2.1.el7uek.x86_64.rpm | 3cf872c1f15568230e2da43bddf52360233ff829b8b67f985f37c9fc136c238f | ELSA-2025-20190 | ol7_x86_64_UEKR5_archive | |
| kernel-uek-devel-4.14.35-2025.402.2.1.el7uek.x86_64.rpm | b09616f33ef210314fe0ab1982c20d8b518503220886af3e85e0fa5f47d234a2 | ELSA-2025-20190 | ol7_x86_64_UEKR5 | |
| kernel-uek-devel-4.14.35-2025.402.2.1.el7uek.x86_64.rpm | b09616f33ef210314fe0ab1982c20d8b518503220886af3e85e0fa5f47d234a2 | ELSA-2025-20190 | ol7_x86_64_UEKR5_archive | |
| kernel-uek-doc-4.14.35-2025.402.2.1.el7uek.noarch.rpm | 480544ffdc4b3f0cf7d6f530120a47c614c9db37d4567d2697a3a984f35e93e7 | ELSA-2025-20190 | ol7_x86_64_UEKR5 | |
| kernel-uek-doc-4.14.35-2025.402.2.1.el7uek.noarch.rpm | 480544ffdc4b3f0cf7d6f530120a47c614c9db37d4567d2697a3a984f35e93e7 | ELSA-2025-20190 | ol7_x86_64_UEKR5_archive | |
| kernel-uek-tools-4.14.35-2025.402.2.1.el7uek.x86_64.rpm | 19e44771d6adb65fa55e84d63efbaa2381e2305492d721f5419be9432aac7c11 | ELSA-2025-20190 | ol7_x86_64_UEKR5 | |
| kernel-uek-tools-4.14.35-2025.402.2.1.el7uek.x86_64.rpm | 19e44771d6adb65fa55e84d63efbaa2381e2305492d721f5419be9432aac7c11 | ELSA-2025-20190 | ol7_x86_64_UEKR5_archive | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
