ELSA-2021-0856
- ULN >
- Oracle Linux Errata repository >
- ELSA-2021-0856
ELSA-2021-0856 - kernel security and bug fix update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2021-03-17 |
Description
[3.10.0-1160.21.1.OL7]
- Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.3
[3.10.0-1160.21.1]
- [pinctrl] devicetree: Avoid taking direct reference to device name string (Aristeu Rozanski) [1922902] {CVE-2020-0427}
- [pinctrl] Delete an error message (Aristeu Rozanski) [1922902] {CVE-2020-0427}
- [tty] vt: keyboard, reorder user buffer handling in vt_do_kdgkb_ioctl (Aristeu Rozanski) [1896775] {CVE-2020-25656}
- [tty] vt: keyboard, rename i to kb_func in vt_do_kdgkb_ioctl (Aristeu Rozanski) [1896775] {CVE-2020-25656}
- [tty] vt: keyboard, extend func_buf_lock to readers (Aristeu Rozanski) [1896775] {CVE-2020-25656}
- [tty] vt: keyboard, simplify vt_kdgkbsent (Aristeu Rozanski) [1896775] {CVE-2020-25656}
- [tty] keyboard, do not speculate on func_table index (Aristeu Rozanski) [1896775] {CVE-2020-25656}
- [tty] vt: fix write/write race in ioctl(KDSKBSENT) handler (Aristeu Rozanski) [1896775] {CVE-2020-25656}
- [iommu] amd: return error on real irq alloc failure (Jerry Snitselaar) [1918273]
- [iommu] amd: Set DTE[IntTabLen] to represent 512 IRTEs (Jerry Snitselaar) [1921187]
- [iommu] amd: Increase interrupt remapping table limit to 512 entries (Jerry Snitselaar) [1921187]
- [scsi] lpfc: Fix LUN loss after cable pull (Dick Kennedy) [1875961]
- [scsi] lpfc: Fix NVMe rport deregister and registration during ADISC (Dick Kennedy) [1875961]
- [scsi] lpfc: Fix ADISC reception terminating login state if a NVME target (Dick Kennedy) [1875961]
- [netdrv] i40e: revert 'i40e: don't report link up for a VF who hasn't enabled queues' (Stefan Assmann) [1901064]
[3.10.0-1160.20.1]
- [md] Set prev_flush_start and flush_bio in an atomic way (Xiao Ni) [1889372]
- [md] improve variable names in md_flush_request() (Xiao Ni) [1889372]
- [kernel] timer: Fix potential bug in requeue_timers() (Waiman Long) [1914011]
- [x86] kvm: reinstate vendor-agnostic check on SPEC_CTRL cpuid bits (Vitaly Kuznetsov) [1890669]
- [x86] kvm: avoid incorrect writes to host MSR_IA32_SPEC_CTRL (Vitaly Kuznetsov) [1890669]
- [md] dm-mirror: fix a crash if the underlying block device doesn't have merge_bvec_fn (Mikulas Patocka) [1916407]
- [gpu] drm/i915: Fix use-after-free when destroying GEM context (Dave Airlie) [1814731] {CVE-2020-7053}
[3.10.0-1160.19.1]
- [kernel] watchdog: use nmi registers snapshot in hardlockup handler (Prarit Bhargava) [1916589]
- [nvme] nvmet: allow Keep Alive for Discovery controller (Gopal Tiwari) [1910817]
- [net] netfilter: ctnetlink: add a range check for l3/l4 protonum (Florian Westphal) [1888296] {CVE-2020-25211}
- [net] icmp: randomize the global rate limiter (Antoine Tenart) [1896515] {CVE-2020-25705}
[3.10.0-1160.18.1]
- [fs] nfs: Fix security label length not being reset (Dave Wysochanski) [1917504]
- [target] scsi: Fix XCOPY NAA identifier lookup (Maurizio Lombardi) [1900469] {CVE-2020-28374}
- [ipc] sem.c: fully initialize sem_array before making it visible (Vladis Dronov) [1877264]
- [netdrv] geneve: add transport ports in route lookup for geneve (Sabrina Dubroca) [1885144] {CVE-2020-25645}
- [kernel] perf/core: Fix race in the perf_mmap_close() function (Michael Petlan) [1869936] {CVE-2020-14351}
[3.10.0-1160.17.1]
- [x86] kvm: svm: Initialize prev_ga_tag before use ('Dr. David Alan Gilbert') [1909036]
- [scsi] scsi_dh: fix scheduling while atomic and also missing unlock in error path (Mike Snitzer) [1619147]
- [video] hyperv_fb: Fix the cache type when mapping the VRAM (Mohammed Gamal) [1908896]
- [video] hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (Mohammed Gamal) [1908896]
- [scsi] target: iscsi: Fix cmd abort fabric stop race (Maurizio Lombardi) [1784540]
- [scsi] target/iscsi: Avoid iscsit_release_commands_from_conn() deadlock (Maurizio Lombardi) [1784540]
- [s390] kernel/uv: handle length extension properly (Claudio Imbrenda) [1899172]
[3.10.0-1160.16.1]
- [tty] Fix ->pgrp locking in tiocspgrp() (Chris von Recklinghausen) [1908193] {CVE-2020-29661}
- [net] fix struct pid memory leak (Jay Shin) [1901797]
- [hid] Fix assumption that devices have inputs (Chris von Recklinghausen) [1821870] {CVE-2019-19532}
- [hid] microsoft: the driver now neeed MEMLESS_FF infrastructure (Chris von Recklinghausen) [1821870] {CVE-2019-19532}
- [hid] microsoft: Add rumble support for Xbox One S controller (Chris von Recklinghausen) [1821870] {CVE-2019-19532}
- [hid] microsoft: Convert private data to be a proper struct (Chris von Recklinghausen) [1821870] {CVE-2019-19532}
- [hid] revert 'hid: microsoft: fix invalid rdesc for 3k kbd' (Chris von Recklinghausen) [1821870] {CVE-2019-19532}
- [hid] input: ignore System Control application usages if not System Controls (Chris von Recklinghausen) [1821870] {CVE-2019-19532}
- [hid] hid-microsoft: Do the check for the ms usage page per device (Chris von Recklinghausen) [1821870] {CVE-2019-19532}
- [net] net-sysfs: take the rtnl lock when accessing xps_cpus_map and num_tc (Antoine Tenart) [1903819]
- [net] net-sysfs: take the rtnl lock when storing xps_cpus (Antoine Tenart) [1903819]
Related CVEs
| CVE-2020-7053 |
| CVE-2019-19532 |
| CVE-2020-25211 |
| CVE-2020-25645 |
| CVE-2020-25656 |
| CVE-2020-29661 |
| CVE-2020-0427 |
| CVE-2021-20265 |
| CVE-2020-14351 |
| CVE-2020-25705 |
| CVE-2020-28374 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (x86_64) | kernel-3.10.0-1160.21.1.el7.src.rpm | 96a410ae85c8bbea3a7d2fe30662b986 | ELBA-2021-1397-1 |
| bpftool-3.10.0-1160.21.1.el7.x86_64.rpm | 8ac8246a05a8aec01251520ed490b5ed | ELBA-2021-1397-1 | |
| kernel-3.10.0-1160.21.1.el7.x86_64.rpm | ccdf71a7b85269a8b0eabeeed53ad141 | ELBA-2021-1397-1 | |
| kernel-abi-whitelists-3.10.0-1160.21.1.el7.noarch.rpm | 49e32c9d2a04d3ef96b1ab93d076002e | ELBA-2021-1397-1 | |
| kernel-debug-3.10.0-1160.21.1.el7.x86_64.rpm | 0c2389330b4ba71e6264ceb1fc5a1be6 | ELBA-2021-1397-1 | |
| kernel-debug-devel-3.10.0-1160.21.1.el7.x86_64.rpm | 8493b4618d81f7261734a0a5810053e6 | ELBA-2021-1397-1 | |
| kernel-devel-3.10.0-1160.21.1.el7.x86_64.rpm | 064917ab8032a247762a8f2274107b1c | ELBA-2021-1397-1 | |
| kernel-doc-3.10.0-1160.21.1.el7.noarch.rpm | 20829c0b62da165e5bf5cd61d8ca3d2e | ELBA-2021-1397-1 | |
| kernel-headers-3.10.0-1160.21.1.el7.x86_64.rpm | 046c1024963065f2d5f2fc8c53028b35 | ELBA-2021-1397-1 | |
| kernel-tools-3.10.0-1160.21.1.el7.x86_64.rpm | d3c60b701d6eac373f66765a36679fc3 | ELBA-2021-1397-1 | |
| kernel-tools-libs-3.10.0-1160.21.1.el7.x86_64.rpm | 0100ad5415d6131d62c934b0e8464b29 | ELBA-2021-1397-1 | |
| kernel-tools-libs-devel-3.10.0-1160.21.1.el7.x86_64.rpm | 3471158f3df2d9f4fa16fa29fdac6269 | ELBA-2021-1397-1 | |
| perf-3.10.0-1160.21.1.el7.x86_64.rpm | 8f87d724771d5d9eb4f4d6d9cdb1e3b0 | ELSA-2021-9220 | |
| python-perf-3.10.0-1160.21.1.el7.x86_64.rpm | 2746a1f61aaf49138ed182d7a65dcdf1 | ELSA-2021-9220 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
