ELSA-2021-3801
- ULN >
- Oracle Linux Errata repository >
- ELSA-2021-3801
ELSA-2021-3801 - kernel security and bug fix update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2021-10-12 |
Description
[3.10.0-1160.45.1.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)
[3.10.0-1160.45.1]
- CI: handle RT branches in a single config (Veronika Kabatova)
- CI: Drop private CI config (Veronika Kabatova)
- CI: extend template use (Veronika Kabatova)
- mm: page_counter: mitigate consequences of a page_counter underflow (Scott Wood) [2000973]
- KVM: nSVM: always intercept VMLOAD/VMSAVE when nested(CVE-2021-3656) (Jon Maloy) [1985425] {CVE-2021-3656}
- KVM: x86: Update vCPU's hv_clock before back to guest when tsc_offset is adjusted (Marcelo Tosatti) [1991856]
- KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (CVE-2021-3653) (Jon Maloy) [1985408] {CVE-2021-3653}
- scsi: qedf: Initiate cleanup for ELS commands as well (Nilesh Javali) [1982702]
[3.10.0-1160.44.1]
- fs: dlm: change handling of reconnects (Bob Peterson) [1834878]
- DLM: fix NULL pointer dereference in send_to_sock() (Bob Peterson) [1834878]
- DLM: fix to reschedule rwork (Bob Peterson) [1834878]
- DLM: fix to use sk_callback_lock correctly (Bob Peterson) [1834878]
- DLM: fix overflow dlm_cb_seq (Bob Peterson) [1834878]
- DLM: fix conversion deadlock when DLM_LKF_NODLCKWT flag is set (Bob Peterson) [1834878]
- DLM: use CF_CLOSE flag to stop dlm_send correctly (Bob Peterson) [1834878]
- DLM: Reanimate CF_WRITE_PENDING flag (Bob Peterson) [1834878]
- DLM: fix race condition between dlm_recoverd_stop and dlm_recoverd (Bob Peterson) [1834878]
- DLM: close othercon at send/receive error (Bob Peterson) [1834878]
- DLM: retry rcom when dlm_wait_function is timed out. (Bob Peterson) [1834878]
- DLM: fix to use sock_mutex correctly in xxx_accept_from_sock (Bob Peterson) [1834878]
- DLM: fix race condition between dlm_send and dlm_recv (Bob Peterson) [1834878]
- DLM: fix double list_del() (Bob Peterson) [1834878]
- DLM: Eliminate CF_WRITE_PENDING flag (Bob Peterson) [1834878]
- KVM: do not allow mapping valid but non-reference-counted pages (Jon Maloy) [1975511]
- vxlan: check return value of gro_cells_init() (Aristeu Rozanski) [1970618]
- KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (Jon Maloy) [1988218] {CVE-2021-37576}
[3.10.0-1160.43.1]
- PCI: hv: Add support for protocol 1.3 and support PCI_BUS_RELATIONS2 (Mohammed Gamal) [1984128]
- PCI: hv: Decouple the func definition in hv_dr_state from VSP message (Mohammed Gamal) [1984128]
- PCI: hv: Only queue new work items in hv_pci_devices_present() if necessary (Mohammed Gamal) [1984128]
- i40e: improve locking of mac_filter_hash (Stefan Assmann) [1993850]
- i40e: always propagate error value in i40e_set_vsi_promisc() (Stefan Assmann) [1993850]
- i40e: fix return of uninitialized aq_ret in i40e_set_vsi_promisc (Stefan Assmann) [1993850]
- i40e: Remove scheduling while atomic possibility (Stefan Assmann) [1993850]
- scsi: lpfc: Fix pt2pt discovery on SLI3 HBAs (Dick Kennedy) [1922479]
- qed: Disable 'MFW indication via attention' SPAM every 5 minutes (Manish Chopra) [1854544]
- NFS: Fix a performance regression caused by buffered IO locking (Benjamin Coddington) [1995649]
Related CVEs
| CVE-2021-3653 |
| CVE-2021-37576 |
| CVE-2021-22543 |
| CVE-2021-3656 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (x86_64) | kernel-3.10.0-1160.45.1.el7.src.rpm | c72f4686ef92bfa321f2a54da5c40f1c | - |
| bpftool-3.10.0-1160.45.1.el7.x86_64.rpm | aed416d72eb0a34ee1b5e57e53d8bf5d | - | |
| kernel-3.10.0-1160.45.1.el7.x86_64.rpm | 00c53ee2f0ed44ee655707bd63f93fbf | - | |
| kernel-abi-whitelists-3.10.0-1160.45.1.el7.noarch.rpm | bd8d3bc1c8a5d6e3cffdcb6ec7e78fcd | - | |
| kernel-debug-3.10.0-1160.45.1.el7.x86_64.rpm | b0b2692cdcde2185cf02fe866825c6f9 | - | |
| kernel-debug-devel-3.10.0-1160.45.1.el7.x86_64.rpm | 761b646f815f061bc05ea5a43650db87 | - | |
| kernel-devel-3.10.0-1160.45.1.el7.x86_64.rpm | 61e5bb48a92ff9f6a852d18025b9fc58 | - | |
| kernel-doc-3.10.0-1160.45.1.el7.noarch.rpm | 1ee42b4c194fbed2c4696ec7b3dfef7f | - | |
| kernel-headers-3.10.0-1160.45.1.el7.x86_64.rpm | d704736693d668f74223f4a458b47078 | - | |
| kernel-tools-3.10.0-1160.45.1.el7.x86_64.rpm | f7ab462a3694d65f3883af85e632ab58 | - | |
| kernel-tools-libs-3.10.0-1160.45.1.el7.x86_64.rpm | c9735a450aacbd65dccde212c9b2ea1c | - | |
| kernel-tools-libs-devel-3.10.0-1160.45.1.el7.x86_64.rpm | eb31f91ead99a0b17e377c995281d946 | - | |
| perf-3.10.0-1160.45.1.el7.x86_64.rpm | 69bb916d9a8795fa06644ac55b9e629b | - | |
| python-perf-3.10.0-1160.45.1.el7.x86_64.rpm | 035a9711990d8fa6b31db4be2924af65 | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
