Oracle Errata System
Oracle Linux
5.3
2021-09-09T12:48:52
ELSA-2020-2664: kernel security and bug fix update (IMPORTANT)
Oracle Linux 7
[3.10.0-1127.13.1.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
[3.10.0-1127.13.1]
- [x86] x86/speculation: Support old struct x86_cpu_id & x86_match_cpu() kABI (Waiman Long) [1827187 1827188] {CVE-2020-0543}
- [documentation] x86/speculation: Add Ivy Bridge to affected list (Waiman Long) [1827187 1827188] {CVE-2020-0543}
- [documentation] x86/speculation: Add SRBDS vulnerability and mitigation documentation (Waiman Long) [1827187 1827188] {CVE-2020-0543}
- [x86] x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Waiman Long) [1827187 1827188] {CVE-2020-0543}
- [x86] x86/cpu: Add 'table' argument to cpu_matches() (Waiman Long) [1827187 1827188] {CVE-2020-0543}
- [x86] x86/cpu: Add a steppings field to struct x86_cpu_id (Waiman Long) [1827187 1827188] {CVE-2020-0543}
- [x86] x86/cpu/bugs: Convert to new matching macros (Waiman Long) [1827187 1827188] {CVE-2020-0543}
- [x86] x86/cpu: Add consistent CPU match macros (Waiman Long) [1827187 1827188] {CVE-2020-0543}
- [cpufreq] x86/devicetable: Move x86 specific macro out of generic code (Waiman Long) [1827187 1827188] {CVE-2020-0543}
header (Waiman Long) [1827187 1827188] {CVE-2020-0543}
[3.10.0-1127.12.1]
- [x86] x86/speculation: Prevent deadlock on ssb_state::lock (Waiman Long) [1841121 1836322]
- [vfio] vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (Alex Williamson) [1837297 1820632] {CVE-2020-12888}
- [vfio] vfio-pci: Fault mmaps to enable vma tracking (Alex Williamson) [1837297 1820632] {CVE-2020-12888}
- [vfio] vfio/type1: Support faulting PFNMAP vmas (Alex Williamson) [1837297 1820632] {CVE-2020-12888}
- [vfio] vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() (Alex Williamson) [1837297 1820632] {CVE-2020-12888}
- [vfio] vfio/pci: call irq_bypass_unregister_producer() before freeing irq (Alex Williamson) [1837297 1820632] {CVE-2020-12888}
- [vfio] vfio_pci: Enable memory accesses before calling pci_map_rom (Alex Williamson) [1837297 1820632] {CVE-2020-12888}
[3.10.0-1127.11.1]
- [fs] cachefiles: Fix race between read_waiter and read_copier involving op->to_do (Dave Wysochanski) [1839757 1829662]
IMPORTANT
Copyright 2020 Oracle, Inc.
CVE-2020-12888
kernel-headers
kernel
kernel-tools-libs-devel
bpftool
oraclelinux-release
kernel-abi-whitelists
kernel-debug
kernel-tools-libs
kernel-devel
kernel-doc
kernel-debug-devel
python-perf
kernel-tools
perf
72f97b74ec551f03
^7
x86_64
0:3.10.0-1127.13.1.el7