ELSA-2021-0856

ULN >
Oracle Linux Errata repository >
ELSA-2021-0856

ELSA-2021-0856 - kernel security and bug fix update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2021-03-17

Description

[3.10.0-1160.21.1.OL7]
- Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.3

[3.10.0-1160.21.1]
- [pinctrl] devicetree: Avoid taking direct reference to device name string (Aristeu Rozanski) [1922902] {CVE-2020-0427}
- [pinctrl] Delete an error message (Aristeu Rozanski) [1922902] {CVE-2020-0427}
- [tty] vt: keyboard, reorder user buffer handling in vt_do_kdgkb_ioctl (Aristeu Rozanski) [1896775] {CVE-2020-25656}
- [tty] vt: keyboard, rename i to kb_func in vt_do_kdgkb_ioctl (Aristeu Rozanski) [1896775] {CVE-2020-25656}
- [tty] vt: keyboard, extend func_buf_lock to readers (Aristeu Rozanski) [1896775] {CVE-2020-25656}
- [tty] vt: keyboard, simplify vt_kdgkbsent (Aristeu Rozanski) [1896775] {CVE-2020-25656}
- [tty] keyboard, do not speculate on func_table index (Aristeu Rozanski) [1896775] {CVE-2020-25656}
- [tty] vt: fix write/write race in ioctl(KDSKBSENT) handler (Aristeu Rozanski) [1896775] {CVE-2020-25656}
- [iommu] amd: return error on real irq alloc failure (Jerry Snitselaar) [1918273]
- [iommu] amd: Set DTE[IntTabLen] to represent 512 IRTEs (Jerry Snitselaar) [1921187]
- [iommu] amd: Increase interrupt remapping table limit to 512 entries (Jerry Snitselaar) [1921187]
- [scsi] lpfc: Fix LUN loss after cable pull (Dick Kennedy) [1875961]
- [scsi] lpfc: Fix NVMe rport deregister and registration during ADISC (Dick Kennedy) [1875961]
- [scsi] lpfc: Fix ADISC reception terminating login state if a NVME target (Dick Kennedy) [1875961]
- [netdrv] i40e: revert 'i40e: don't report link up for a VF who hasn't enabled queues' (Stefan Assmann) [1901064]

[3.10.0-1160.20.1]
- [md] Set prev_flush_start and flush_bio in an atomic way (Xiao Ni) [1889372]
- [md] improve variable names in md_flush_request() (Xiao Ni) [1889372]
- [kernel] timer: Fix potential bug in requeue_timers() (Waiman Long) [1914011]
- [x86] kvm: reinstate vendor-agnostic check on SPEC_CTRL cpuid bits (Vitaly Kuznetsov) [1890669]
- [x86] kvm: avoid incorrect writes to host MSR_IA32_SPEC_CTRL (Vitaly Kuznetsov) [1890669]
- [md] dm-mirror: fix a crash if the underlying block device doesn't have merge_bvec_fn (Mikulas Patocka) [1916407]
- [gpu] drm/i915: Fix use-after-free when destroying GEM context (Dave Airlie) [1814731] {CVE-2020-7053}

[3.10.0-1160.19.1]
- [kernel] watchdog: use nmi registers snapshot in hardlockup handler (Prarit Bhargava) [1916589]
- [nvme] nvmet: allow Keep Alive for Discovery controller (Gopal Tiwari) [1910817]
- [net] netfilter: ctnetlink: add a range check for l3/l4 protonum (Florian Westphal) [1888296] {CVE-2020-25211}
- [net] icmp: randomize the global rate limiter (Antoine Tenart) [1896515] {CVE-2020-25705}

[3.10.0-1160.18.1]
- [fs] nfs: Fix security label length not being reset (Dave Wysochanski) [1917504]
- [target] scsi: Fix XCOPY NAA identifier lookup (Maurizio Lombardi) [1900469] {CVE-2020-28374}
- [ipc] sem.c: fully initialize sem_array before making it visible (Vladis Dronov) [1877264]
- [netdrv] geneve: add transport ports in route lookup for geneve (Sabrina Dubroca) [1885144] {CVE-2020-25645}
- [kernel] perf/core: Fix race in the perf_mmap_close() function (Michael Petlan) [1869936] {CVE-2020-14351}

[3.10.0-1160.17.1]
- [x86] kvm: svm: Initialize prev_ga_tag before use ('Dr. David Alan Gilbert') [1909036]
- [scsi] scsi_dh: fix scheduling while atomic and also missing unlock in error path (Mike Snitzer) [1619147]
- [video] hyperv_fb: Fix the cache type when mapping the VRAM (Mohammed Gamal) [1908896]
- [video] hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (Mohammed Gamal) [1908896]
- [scsi] target: iscsi: Fix cmd abort fabric stop race (Maurizio Lombardi) [1784540]
- [scsi] target/iscsi: Avoid iscsit_release_commands_from_conn() deadlock (Maurizio Lombardi) [1784540]
- [s390] kernel/uv: handle length extension properly (Claudio Imbrenda) [1899172]

[3.10.0-1160.16.1]
- [tty] Fix ->pgrp locking in tiocspgrp() (Chris von Recklinghausen) [1908193] {CVE-2020-29661}
- [net] fix struct pid memory leak (Jay Shin) [1901797]
- [hid] Fix assumption that devices have inputs (Chris von Recklinghausen) [1821870] {CVE-2019-19532}
- [hid] microsoft: the driver now neeed MEMLESS_FF infrastructure (Chris von Recklinghausen) [1821870] {CVE-2019-19532}
- [hid] microsoft: Add rumble support for Xbox One S controller (Chris von Recklinghausen) [1821870] {CVE-2019-19532}
- [hid] microsoft: Convert private data to be a proper struct (Chris von Recklinghausen) [1821870] {CVE-2019-19532}
- [hid] revert 'hid: microsoft: fix invalid rdesc for 3k kbd' (Chris von Recklinghausen) [1821870] {CVE-2019-19532}
- [hid] input: ignore System Control application usages if not System Controls (Chris von Recklinghausen) [1821870] {CVE-2019-19532}
- [hid] hid-microsoft: Do the check for the ms usage page per device (Chris von Recklinghausen) [1821870] {CVE-2019-19532}
- [net] net-sysfs: take the rtnl lock when accessing xps_cpus_map and num_tc (Antoine Tenart) [1903819]
- [net] net-sysfs: take the rtnl lock when storing xps_cpus (Antoine Tenart) [1903819]

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	kernel-3.10.0-1160.21.1.el7.src.rpm	9b4a103160b0c8402916a76840ece03579033a9594e8375de9667dbf9f6275f0	ELSA-2025-1281	ol7_x86_64_latest
	kernel-3.10.0-1160.21.1.el7.src.rpm	9b4a103160b0c8402916a76840ece03579033a9594e8375de9667dbf9f6275f0	ELSA-2025-1281	ol7_x86_64_optional_latest
	kernel-3.10.0-1160.21.1.el7.src.rpm	9b4a103160b0c8402916a76840ece03579033a9594e8375de9667dbf9f6275f0	ELSA-2025-1281	ol7_x86_64_u9_patch
	bpftool-3.10.0-1160.21.1.el7.x86_64.rpm	f86416bee18da1b4fe129565ff16785c432313caea08f412b8fb2f54ce08bd33	ELSA-2025-1281	ol7_x86_64_latest
	bpftool-3.10.0-1160.21.1.el7.x86_64.rpm	f86416bee18da1b4fe129565ff16785c432313caea08f412b8fb2f54ce08bd33	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-3.10.0-1160.21.1.el7.x86_64.rpm	ee4ff9da1dc36916110a099932a9266e65dab5f8bcfc4657e05da556049f0866	ELSA-2025-1281	ol7_x86_64_latest
	kernel-3.10.0-1160.21.1.el7.x86_64.rpm	ee4ff9da1dc36916110a099932a9266e65dab5f8bcfc4657e05da556049f0866	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-abi-whitelists-3.10.0-1160.21.1.el7.noarch.rpm	b540076a03a6c33caf18b1b6070af819e674eb8cfc2d2009a295934ae03fa0b1	ELSA-2025-1281	ol7_x86_64_latest
	kernel-abi-whitelists-3.10.0-1160.21.1.el7.noarch.rpm	b540076a03a6c33caf18b1b6070af819e674eb8cfc2d2009a295934ae03fa0b1	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-debug-3.10.0-1160.21.1.el7.x86_64.rpm	b6c972c88b5dac035683bb030dff7fed9c5271624ea9edf29bfdc15ad89c76f9	ELSA-2025-1281	ol7_x86_64_latest
	kernel-debug-3.10.0-1160.21.1.el7.x86_64.rpm	b6c972c88b5dac035683bb030dff7fed9c5271624ea9edf29bfdc15ad89c76f9	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-debug-devel-3.10.0-1160.21.1.el7.x86_64.rpm	cc0e5103a6468b50930e5cd31d9c7b449139396c40c340792e4fd2462cf09aaf	ELSA-2025-1281	ol7_x86_64_latest
	kernel-debug-devel-3.10.0-1160.21.1.el7.x86_64.rpm	cc0e5103a6468b50930e5cd31d9c7b449139396c40c340792e4fd2462cf09aaf	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-devel-3.10.0-1160.21.1.el7.x86_64.rpm	e2bbdf9a36d48ce418377b37db31645c132b32cab6eb0d5a4e8057e10199a17b	ELSA-2025-1281	ol7_x86_64_latest
	kernel-devel-3.10.0-1160.21.1.el7.x86_64.rpm	e2bbdf9a36d48ce418377b37db31645c132b32cab6eb0d5a4e8057e10199a17b	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-doc-3.10.0-1160.21.1.el7.noarch.rpm	304c4c0df3f1d96f3850f72d6677808c18538bf85dd152ac36bdc44ae087aa3b	ELSA-2025-1281	ol7_x86_64_latest
	kernel-doc-3.10.0-1160.21.1.el7.noarch.rpm	304c4c0df3f1d96f3850f72d6677808c18538bf85dd152ac36bdc44ae087aa3b	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-headers-3.10.0-1160.21.1.el7.x86_64.rpm	2a2f0d60cdb8ec0fe31e7e1e7e8d814e16016ecd0ece55e4b5e510fd2609140f	ELSA-2025-1281	ol7_x86_64_latest
	kernel-headers-3.10.0-1160.21.1.el7.x86_64.rpm	2a2f0d60cdb8ec0fe31e7e1e7e8d814e16016ecd0ece55e4b5e510fd2609140f	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-tools-3.10.0-1160.21.1.el7.x86_64.rpm	675b6246f5580efc3fafe54100691048d384e8a7780448a46b1ee7d7024d9b94	ELSA-2025-1281	ol7_x86_64_latest
	kernel-tools-3.10.0-1160.21.1.el7.x86_64.rpm	675b6246f5580efc3fafe54100691048d384e8a7780448a46b1ee7d7024d9b94	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64.rpm	d242d630c58645782732d66a6e2850d7c9751c953691b8a2481d7e211305126d	ELSA-2025-1281	ol7_x86_64_latest
	kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64.rpm	d242d630c58645782732d66a6e2850d7c9751c953691b8a2481d7e211305126d	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-tools-libs-devel-3.10.0-1160.21.1.el7.x86_64.rpm	6893cea290a81ab23eba89e1158c0c8420c976ee728cda7ca8803d899802c2f7	ELSA-2025-1281	ol7_x86_64_optional_latest
	perf-3.10.0-1160.21.1.el7.x86_64.rpm	451c9f1d159f5ad13a17bbb6353f7655e1b788cebe3d208d044092906d3c70be	ELSA-2025-20019	ol7_x86_64_latest
	perf-3.10.0-1160.21.1.el7.x86_64.rpm	451c9f1d159f5ad13a17bbb6353f7655e1b788cebe3d208d044092906d3c70be	ELSA-2025-20019	ol7_x86_64_u9_patch
	python-perf-3.10.0-1160.21.1.el7.x86_64.rpm	8262ecec778c98acfe754cf7fcc4a96fe983e3fde19a77fe6b3b6ab9f6b7e18d	ELSA-2025-20019	ol7_x86_64_latest
	python-perf-3.10.0-1160.21.1.el7.x86_64.rpm	8262ecec778c98acfe754cf7fcc4a96fe983e3fde19a77fe6b3b6ab9f6b7e18d	ELSA-2025-20019	ol7_x86_64_u9_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691