ELSA-2021-9006

ELSA-2021-9006 - Unbreakable Enterprise kernel security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2021-01-12

Description


[5.4.17-2036.102.0.2uek]
- xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel Wieczorkiewicz) [Orabug: 32260252] {CVE-2020-29569}
- xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
- xen/xenbus: Count pending messages for each watch (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
- xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
- xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
- xen/xenbus: Allow watches discard events before queueing (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}

[5.4.17-2036.102.0.1uek]
- target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 32248035] {CVE-2020-28374}

[5.4.17-2036.102.0uek]
- futex: Fix inode life-time issue (Peter Zijlstra) [Orabug: 32233515] {CVE-2020-14381}
- perf/core: Fix race in the perf_mmap_close() function (Jiri Olsa) [Orabug: 32233352] {CVE-2020-14351}
- intel_idle: Customize IceLake server support (Chen Yu) [Orabug: 32218858]
- dm crypt: Allow unaligned bio buffer lengths for skcipher devices (Sudhakar Panneerselvam) [Orabug: 32210418]
- vhost scsi: fix lun reset completion handling (Mike Christie) [Orabug: 32167069]
- vhost scsi: Add support for LUN resets. (Mike Christie) [Orabug: 32167069]
- vhost scsi: add lun parser helper (Mike Christie) [Orabug: 32167069]
- vhost scsi: fix cmd completion race (Mike Christie) [Orabug: 32167069]
- vhost scsi: alloc cmds per vq instead of session (Mike Christie) [Orabug: 32167069]
- vhost: Create accessors for virtqueues private_data (Eugenio Perez) [Orabug: 32167069]
- vhost: add helper to check if a vq has been setup (Mike Christie) [Orabug: 32167069]
- scsi: sd: Allow user to configure command retries (Mike Christie) [Orabug: 32167069]
- scsi: core: Add limitless cmd retry support (Mike Christie) [Orabug: 32167069]
- scsi: mpt3sas: Update driver version to 36.100.00.00 (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Handle trigger page after firmware update (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Add persistent MPI trigger page (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Add persistent SCSI sense trigger page (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Add persistent Event trigger page (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Add persistent Master trigger page (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Add persistent trigger pages support (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Sync time periodically between driver and firmware (Suganath Prabu S) [Orabug: 32242279]
- scsi: mpt3sas: Bump driver version to 35.101.00.00 (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Add module parameter multipath_on_hba (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Handle vSES vphy object during HBA reset (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Add bypass_dirty_port_flag parameter (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Handling HBA vSES device (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Set valid PhysicalPort in SMPPassThrough (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Update hba_port objects after host reset (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Get sas_device objects using device's rphy (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Rename transport_del_phy_from_an_existing_port() (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Get device objects using sas_address & portID (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Update hba_port's sas_address & phy_mask (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Rearrange _scsih_mark_responding_sas_device() (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Allocate memory for hba_port objects (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Define hba_port structure (Sreekanth Reddy) [Orabug: 32242279]
- scsi: mpt3sas: Fix ioctl timeout (Suganath Prabu S) [Orabug: 32242279]
- icmp: randomize the global rate limiter (Eric Dumazet) [Orabug: 32227958] {CVE-2020-25705}
- perf/x86/intel/uncore: Add box_offsets for free-running counters (Kan Liang) [Orabug: 32020885]
- perf/x86/intel/uncore: Factor out __snr_uncore_mmio_init_box (Kan Liang) [Orabug: 32020885]
- perf/x86/intel/uncore: Add Ice Lake server uncore support (Kan Liang) [Orabug: 32020885]


Related CVEs


CVE-2020-14351
CVE-2020-25705
CVE-2020-14381
CVE-2020-29568
CVE-2020-29569
CVE-2020-28374

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) kernel-uek-5.4.17-2036.102.0.2.el7uek.src.rpmdf05b59811bd461966bf9d109f7efca5-
kernel-uek-5.4.17-2036.102.0.2.el7uek.aarch64.rpm72a401afb59c4367d12f0c3f33071a7d-
kernel-uek-debug-5.4.17-2036.102.0.2.el7uek.aarch64.rpmc2d8aa4bff533597894591d3185297f3-
kernel-uek-debug-devel-5.4.17-2036.102.0.2.el7uek.aarch64.rpm54c27c36ead23729683f5d88308e9b0f-
kernel-uek-devel-5.4.17-2036.102.0.2.el7uek.aarch64.rpmd6c5f2c24220f7b42b2fc242d6120a26-
kernel-uek-doc-5.4.17-2036.102.0.2.el7uek.noarch.rpm56fb97c6e4b8887f36538119b88fbc0e-
kernel-uek-tools-5.4.17-2036.102.0.2.el7uek.aarch64.rpmcaa2a941b45ecce8e8cefb66a3491f7d-
kernel-uek-tools-libs-5.4.17-2036.102.0.2.el7uek.aarch64.rpme6509b1e1459be7dbf56ea55aab488fd-
perf-5.4.17-2036.102.0.2.el7uek.aarch64.rpm18ef801efab6db63bb50dd0375e6683e-
python-perf-5.4.17-2036.102.0.2.el7uek.aarch64.rpm6f9aaff8b8415ecaf2d90690199c48e0-
Oracle Linux 7 (x86_64) kernel-uek-5.4.17-2036.102.0.2.el7uek.src.rpmdf05b59811bd461966bf9d109f7efca5-
kernel-uek-5.4.17-2036.102.0.2.el7uek.x86_64.rpmaa6f3fee6abe17d770ded7fae82fb1b8-
kernel-uek-debug-5.4.17-2036.102.0.2.el7uek.x86_64.rpmdefe49d3029421c7fbb9283f4ca33fa2-
kernel-uek-debug-devel-5.4.17-2036.102.0.2.el7uek.x86_64.rpmfb8edf71199f518a3bfae790ce3cf494-
kernel-uek-devel-5.4.17-2036.102.0.2.el7uek.x86_64.rpm62cfa1cb3c794664cbcc7377e6f4a438-
kernel-uek-doc-5.4.17-2036.102.0.2.el7uek.noarch.rpm56fb97c6e4b8887f36538119b88fbc0e-
kernel-uek-tools-5.4.17-2036.102.0.2.el7uek.x86_64.rpm80c0bc7d6fd46ff6e98658299913e68a-
Oracle Linux 8 (aarch64) kernel-uek-5.4.17-2036.102.0.2.el8uek.src.rpm96f25e1f998388fbe01cf4c8eb66893f-
kernel-uek-5.4.17-2036.102.0.2.el8uek.aarch64.rpm1025e8ca2eb08d348fbb1130fb9ca1b9-
kernel-uek-debug-5.4.17-2036.102.0.2.el8uek.aarch64.rpma615775b6cfde7f1d726216bcb1bb576-
kernel-uek-debug-devel-5.4.17-2036.102.0.2.el8uek.aarch64.rpm3a6607a70860c0bd107cfb421ab4d004-
kernel-uek-devel-5.4.17-2036.102.0.2.el8uek.aarch64.rpmd47a20ce72398af688326642a7600beb-
kernel-uek-doc-5.4.17-2036.102.0.2.el8uek.noarch.rpm6fdbedf3987d82bb9dd30e8cfc1404cc-
Oracle Linux 8 (x86_64) kernel-uek-5.4.17-2036.102.0.2.el8uek.src.rpm96f25e1f998388fbe01cf4c8eb66893f-
kernel-uek-5.4.17-2036.102.0.2.el8uek.x86_64.rpmb0c97cade64198d9d398d3d1f55561af-
kernel-uek-debug-5.4.17-2036.102.0.2.el8uek.x86_64.rpmca603f9b29d48601a72e81ea7666ff87-
kernel-uek-debug-devel-5.4.17-2036.102.0.2.el8uek.x86_64.rpm826e82078346f24f61e960c561b44b87-
kernel-uek-devel-5.4.17-2036.102.0.2.el8uek.x86_64.rpmbe07932a7584921735b1a90afa403150-
kernel-uek-doc-5.4.17-2036.102.0.2.el8uek.noarch.rpm6fdbedf3987d82bb9dd30e8cfc1404cc-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete