ELSA-2021-9037

ULN >
Oracle Linux Errata repository >
ELSA-2021-9037

ELSA-2021-9037 - Unbreakable Enterprise kernel security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2021-02-08

Description

[5.4.17-2036.103.3]
- Revert 'rds: Deregister all FRWR mr with free_mr' (aru kolappan) [Orabug: 32426610]

[5.4.17-2036.103.2]
- A/A Bonding: Fix a one-byte-off kmalloc (Hakon Bugge) [Orabug: 32380824]
- netfilter: add and use nf_hook_slow_list() (Florian Westphal) [Orabug: 32372530] {CVE-2021-20177}
- net/rds: Fix gfp_t parameter (Hans Westgaard Ry) [Orabug: 32372158]
- uek-rpm: Report removed symbols also during kabi check (Somasundaram Krishnasamy) [Orabug: 32380061]
- uek-rpm: update kABI lists for new symbol (Dan Duval) [Orabug: 32378206]
- A/A Bonding: Introduce selective interface name inclusion (Hakon Bugge) [Orabug: 32350974]
- uek-rpm: add nfs_ssc to nano_modules (Calum Mackay) [Orabug: 32346419]
- target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 32248035] {CVE-2020-28374}

[5.4.17-2036.103.1]
- mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui) [Orabug: 32349203] {CVE-2020-36158}
- x86/process: Mark cpu inactive before offlining (Mridula Shastry) [Orabug: 32234812]
- add license checking to kABI checker (Dan Duval) [Orabug: 32355206]

[5.4.17-2036.103.0]
- lockd: don't use interval-based rebinding over TCP (Calum Mackay) [Orabug: 32337715]
- tools: update header files in the tools directory (Thomas Tai) [Orabug: 32321484]
- perf: Fix a kABI breakage in perf_event.h (Thomas Tai) [Orabug: 32321484]
- perf/x86: Fix n_metric for cancelled txn (Peter Zijlstra) [Orabug: 32321484]
- perf/x86: Fix n_pair for cancelled txn (Peter Zijlstra) [Orabug: 32321484]
- perf/x86/intel: Check perf metrics feature for each CPU (Kan Liang) [Orabug: 32321484]
- perf/x86/intel: Support per-thread RDPMC TopDown metrics (Kan Liang) [Orabug: 32321484]
- perf/x86/intel: Support TopDown metrics on Ice Lake (Kan Liang) [Orabug: 32321484]
- perf/x86: Use event_base_rdpmc for the RDPMC userspace support (Kan Liang) [Orabug: 32321484]
- perf/x86: Add a macro for RDPMC offset of fixed counters (Kan Liang) [Orabug: 32321484]
- perf/x86/intel: Generic support for hardware TopDown metrics (Kan Liang) [Orabug: 32321484]
- perf/core: Add a new PERF_EV_CAP_SIBLING event capability (Kan Liang) [Orabug: 32321484]
- perf/core: Unify {pinned,flexible}_sched_in() (Peter Zijlstra) [Orabug: 32321484]
- perf/x86/intel: Use switch in intel_pmu_disable/enable_event (Kan Liang) [Orabug: 32321484]
- perf/x86: Keep LBR records unchanged in host context for guest usage (Like Xu) [Orabug: 32321484]
- perf/x86/intel: Fix the name of perf METRICS (Kan Liang) [Orabug: 32321484]
- perf/x86/intel: Move BTS index to 47 (Kan Liang) [Orabug: 32321484]
- perf/x86/intel: Introduce the fourth fixed counter (Kan Liang) [Orabug: 32321484]
- perf/x86/intel: Name the global status bit in NMI handler (Kan Liang) [Orabug: 32321484]
- perf/x86: Add constraint to create guest LBR event without hw counter (Like Xu) [Orabug: 32321484]
- perf/x86/lbr: Add interface to get LBR information (Like Xu) [Orabug: 32321484]
- perf/x86/core: Refactor hw->idx checks and cleanup (Like Xu) [Orabug: 32321484]
- perf/x86/intel: Avoid unnecessary PEBS_ENABLE MSR access in PMI (Kan Liang) [Orabug: 32321484]
- perf/x86: Provide stubs of KVM helpers for non-Intel CPUs (Sean Christopherson) [Orabug: 32321484]
- partitions/efi: Enable no warning option for the GPT warnings related to alternative header (Saeed Mirzamohammadi) [Orabug: 32302136]
- Revert 'cpu/hotplug: avoid race between cpuset_hotplug_workfn and later hotplug' (Daniel Jordan) [Orabug: 32295229]
- cpuset: fix race between hotplug work and later CPU offline (Daniel Jordan) [Orabug: 32295229]
- uek-rpm: aarch64: update PMU configs for Altra (Dave Kleikamp) [Orabug: 32290034]
- driver/perf: Add PMU driver for the ARM DMC-620 memory controller (Tuan Phan) [Orabug: 32290034]
- perf: arm-cmn: Fix conversion specifiers for node type (Will Deacon) [Orabug: 32290034]
- perf: arm-cmn: Fix unsigned comparison to less than zero (Will Deacon) [Orabug: 32290034]
- perf: Add Arm CMN-600 PMU driver (Robin Murphy) [Orabug: 32290034]
- perf: Add Arm CMN-600 DT binding (Robin Murphy) [Orabug: 32290034]
- perf: arm_dsu: Support DSU ACPI devices (Tuan Phan) [Orabug: 32290034]
- arm64: acpi: Make apei_claim_sea() synchronise with APEI's irq work (James Morse) [Orabug: 32290034]
- ACPI: APEI: Kick the memory_failure() queue for synchronous errors (James Morse) [Orabug: 32290034]
- iommu/arm-smmu-v3: Don't reserve implementation defined register space (Jean-Philippe Brucker) [Orabug: 32290034]
- Revert 'BACKPORT: perf: Add Arm CMN-600 DT binding' (Dave Kleikamp) [Orabug: 32290034]
- Revert 'BACKPORT: WIP: perf: Add Arm CMN-600 PMU driver' (Dave Kleikamp) [Orabug: 32290034]
- Revert 'BACKPORT: WIP: perf/arm-cmn: Add ACPI support' (Dave Kleikamp) [Orabug: 32290034]
- Revert 'perf: Add ARM DMC-620 PMU driver.' (Dave Kleikamp) [Orabug: 32290034]
- Revert 'BACKPORT: ACPI / APEI: Kick the memory_failure() queue for synchronous errors' (Dave Kleikamp) [Orabug: 32290034]
- Revert 'BACKPORT: arm64: acpi: Make apei_claim_sea() synchronise with APEI's irq work' (Dave Kleikamp) [Orabug: 32290034]
- Revert 'Perf: arm-cmn: Allow irq to be shared.' (Dave Kleikamp) [Orabug: 32290034]
- Revert 'perf: arm_cmn: improve and make it work on 2P.' (Dave Kleikamp) [Orabug: 32290034]
- Revert 'perf: arm_dsu: Allow IRQ to be shared among devices.' (Dave Kleikamp) [Orabug: 32290034]
- Revert 'perf: arm_dsu: Support ACPI mode.' (Dave Kleikamp) [Orabug: 32290034]
- Revert 'perf: arm_dmc620: Update ACPI ID.' (Dave Kleikamp) [Orabug: 32290034]
- Revert 'perf: avoid breaking KABI by reusing enum' (Dave Kleikamp) [Orabug: 32290034]
- Revert 'perf/smmuv3: Allow sharing MMIO registers with the SMMU driver' (Dave Kleikamp) [Orabug: 32290034]
- tty: Fix ->session locking (Jann Horn) [Orabug: 32266677] {CVE-2020-29660}
- tty: Fix ->pgrp locking in tiocspgrp() (Jann Horn) [Orabug: 32266677] {CVE-2020-29660}
- xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel Wieczorkiewicz) [Orabug: 32260252] {CVE-2020-29569}
- xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
- xen/xenbus: Count pending messages for each watch (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
- xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
- xen/xenbus: Add 'will_handle' callback support in xenbus_watch_path() (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
- xen/xenbus: Allow watches discard events before queueing (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
- KVM: x86: clflushopt should be treated as a no-op by emulation (David Edmondson) [Orabug: 32251910]

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 7 (aarch64)	kernel-uek-5.4.17-2036.103.3.el7uek.src.rpm	3dfba71323357b896ed0b99dbfd37e2b	ELSA-2021-9220
	kernel-uek-5.4.17-2036.103.3.el7uek.aarch64.rpm	a46f101f862fbb5fd1d5de7507d2708a	ELSA-2021-9220
	kernel-uek-debug-5.4.17-2036.103.3.el7uek.aarch64.rpm	99d721576809355d7fcf4979440893e6	ELSA-2021-9220
	kernel-uek-debug-devel-5.4.17-2036.103.3.el7uek.aarch64.rpm	2488b433224e36e4a65edf5703b30e2e	ELSA-2021-9220
	kernel-uek-devel-5.4.17-2036.103.3.el7uek.aarch64.rpm	d6c209b089ca1a94a231210d30397009	ELSA-2021-9220
	kernel-uek-doc-5.4.17-2036.103.3.el7uek.noarch.rpm	b9f49cfb818619a31c814fe9e3d08ab6	ELSA-2021-9220
	kernel-uek-tools-5.4.17-2036.103.3.el7uek.aarch64.rpm	7b1b01833622c209fe3ee99ba8bd0e4b	ELSA-2021-9220
	kernel-uek-tools-libs-5.4.17-2036.103.3.el7uek.aarch64.rpm	f76898f85644bcaa53545ae02f886215	ELSA-2021-9220
	perf-5.4.17-2036.103.3.el7uek.aarch64.rpm	26f89343592ae56c2a24e152dc66b5e5	ELSA-2021-9220
	python-perf-5.4.17-2036.103.3.el7uek.aarch64.rpm	b77c543b9ae7b8366025ed998637e7f2	ELSA-2021-9220

Oracle Linux 7 (x86_64)	kernel-uek-5.4.17-2036.103.3.el7uek.src.rpm	3dfba71323357b896ed0b99dbfd37e2b	ELSA-2021-9220
	kernel-uek-5.4.17-2036.103.3.el7uek.x86_64.rpm	ee079c532322617bc3cb0cfa4116325b	ELSA-2021-9220
	kernel-uek-debug-5.4.17-2036.103.3.el7uek.x86_64.rpm	e43154abe3973ee64e4492ff9b83a2bc	ELSA-2021-9220
	kernel-uek-debug-devel-5.4.17-2036.103.3.el7uek.x86_64.rpm	9187bb5e901ce095e992aa80a6d9b606	ELSA-2021-9220
	kernel-uek-devel-5.4.17-2036.103.3.el7uek.x86_64.rpm	bbf87d75249beded6925432b3b713935	ELSA-2021-9220
	kernel-uek-doc-5.4.17-2036.103.3.el7uek.noarch.rpm	b9f49cfb818619a31c814fe9e3d08ab6	ELSA-2021-9220
	kernel-uek-tools-5.4.17-2036.103.3.el7uek.x86_64.rpm	cffbf6fa7162074249998d0a39e86ea2	ELSA-2021-9220

Oracle Linux 8 (aarch64)	kernel-uek-5.4.17-2036.103.3.el8uek.src.rpm	6b23458d0db18808920dfbafb139dfcb	-
	kernel-uek-5.4.17-2036.103.3.el8uek.aarch64.rpm	723a095d3450a0ae7efce78dbca5c368	-
	kernel-uek-debug-5.4.17-2036.103.3.el8uek.aarch64.rpm	472f8690176521dba8f51f89ff68ee7f	-
	kernel-uek-debug-devel-5.4.17-2036.103.3.el8uek.aarch64.rpm	2da5940b1434d0a9adf6fddec1302b23	-
	kernel-uek-devel-5.4.17-2036.103.3.el8uek.aarch64.rpm	c03716ae49caedb8388d9f20c307d4be	-
	kernel-uek-doc-5.4.17-2036.103.3.el8uek.noarch.rpm	2e072f9190fd66c36e4807b8137f2a0f	-

Oracle Linux 8 (x86_64)	kernel-uek-5.4.17-2036.103.3.el8uek.src.rpm	6b23458d0db18808920dfbafb139dfcb	-
	kernel-uek-5.4.17-2036.103.3.el8uek.x86_64.rpm	05fd4aae8cd4bfdcd324f70fbb9acd81	-
	kernel-uek-debug-5.4.17-2036.103.3.el8uek.x86_64.rpm	b7ba688e106ffa67375fe048bb5c2d4c	-
	kernel-uek-debug-devel-5.4.17-2036.103.3.el8uek.x86_64.rpm	81be0191b8f71a72a8d3044f110fe210	-
	kernel-uek-devel-5.4.17-2036.103.3.el8uek.x86_64.rpm	274dcaf2edb2143e190a88634c0f9453	-
	kernel-uek-doc-5.4.17-2036.103.3.el8uek.noarch.rpm	2e072f9190fd66c36e4807b8137f2a0f	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691