[El-errata] ELSA-2020-2082 Important: Oracle Linux 7 kernel security and bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu May 14 10:21:42 PDT 2020 

Oracle Linux Security Advisory ELSA-2020-2082

http://linux.oracle.com/errata/ELSA-2020-2082.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
bpftool-3.10.0-1127.8.2.el7.x86_64.rpm
kernel-3.10.0-1127.8.2.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-1127.8.2.el7.noarch.rpm
kernel-debug-3.10.0-1127.8.2.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1127.8.2.el7.x86_64.rpm
kernel-devel-3.10.0-1127.8.2.el7.x86_64.rpm
kernel-doc-3.10.0-1127.8.2.el7.noarch.rpm
kernel-headers-3.10.0-1127.8.2.el7.x86_64.rpm
kernel-tools-3.10.0-1127.8.2.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1127.8.2.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1127.8.2.el7.x86_64.rpm
perf-3.10.0-1127.8.2.el7.x86_64.rpm
python-perf-3.10.0-1127.8.2.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-1127.8.2.el7.src.rpm



Description of changes:

[3.10.0-1127.8.2.el7.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel 
(olkmod_signing_key.x509)(alexey.petrenko at oracle.com)
- Update x509.genkey [Orabug: 24817676]

[3.10.0-1127.8.2.el7]
- [net] netlabel: cope with NULL catmap (Paolo Abeni) [1827239 1827240] 
{CVE-2020-10711}

[3.10.0-1127.8.1.el7]
- [scsi] scsi: qla2xxx: initialize fc4_type_priority (Nilesh Javali) 
[1827274 1808129]

[3.10.0-1127.7.1.el7]
- [net] sched: flower: insert new filter to idr after setting its mask 
(Davide Caratti) [1824548 1785141]
- [netdrv] r8169: fix network stalls due to missing bit TXCFG_AUTO_FIFO 
(Corinna Vinschen) [1822548 1787263]
- [net] net_sched: remove a bogus warning in hfsc (Davide Caratti) 
[1821262 1781323]
- [net] tcp: make tcp_space() aware of socket backlog (Guillaume Nault) 
[1817499 1790840]
- [scsi] iscsi: Avoid potential deadlock in iscsi_if_rx func (Oleksandr 
Natalenko) [1817497 1715986]
- [scsi] scsi: avoid repetitive logging of device offline messages 
(Nilesh Javali) [1815596 1798042]
- [scsi] qla2xxx: Fix I/Os being passed down when FC device is being 
deleted (Nilesh Javali) [1815596 1798042]
- [scsi] scsi: qla2xxx: Fix unbound sleep in fcport delete path (Nilesh 
Javali) [1815596 1798042]
- [scsi] scsi: qla2xxx: Fix hang in fcport delete path (Nilesh Javali) 
[1815596 1798042]
- [scsi] scsi: qla2xxx: Fix stuck session in GNL (Nilesh Javali) 
[1815596 1798042]
- [scsi] scsi: qla2xxx: Correct fcport flags handling (Nilesh Javali) 
[1815596 1798042]
- [scsi] scsi: qla2xxx: Remove defer flag to indicate immeadiate port 
loss (Nilesh Javali) [1815596 1798042]
- [scsi] scsi: megaraid_sas: fixup MSIx interrupt setup during resume 
(Tomas Henzl) [1813249 1807077]
- [md] dm mpath: call clear_request_fn_mpio() in 
multipath_release_clone() (Mike Snitzer) [1812937 1806400]
- [scsi] scsi: implement .cleanup_rq callback (Mike Snitzer) [1812937 
1806400]
- [md] blk-mq: add callback of .cleanup_rq (Mike Snitzer) [1812937 1806400]
- [md] dm rq: fix checking of dm_dispatch_clone_request's return value 
(Ming Lei) [1814537 1805401]

[3.10.0-1127.6.1.el7]
- [x86] x86/debug: Extend the lower bound of crash kernel low 
reservations (Pingfan Liu) [1817502 1811511]

[3.10.0-1127.5.1.el7]
- [netdrv] hv/netvsc: Fix NULL dereference at single queue mode fallback 
(Mohammed Gamal) [1817935 1806488]
- [netdrv] hv/netvsc: fix handling of fallback to single queue mode 
(Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix unwanted rx_table reset (Mohammed Gamal) 
[1817935 1806488]
- [netdrv] hv_netvsc: Fix tx_table init in rndis_set_subchannel() 
(Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: fix typos in code comments (Mohammed Gamal) 
[1817935 1806488]
- [netdrv] hv_netvsc: Fix a deadlock by getting rtnl lock earlier in 
netvsc_probe() (Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix hash key value reset after other ops (Mohammed 
Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Refactor assignments of struct netvsc_device_info 
(Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: split sub-channel setup into async and sync 
(Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix send_table offset in case of a host bug 
(Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Add NetVSP v6 and v6.1 into version negotiation 
(Mohammed Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: Fix offset usage in netvsc_send_table() (Mohammed 
Gamal) [1817935 1806488]
- [netdrv] hv_netvsc: simplify receive side calling arguments (Mohammed 
Gamal) [1817935 1806488]

[3.10.0-1127.4.1.el7]
- [x86] kvm: x86: do not reset microcode version on INIT or RESET (Paolo 
Bonzini) [1814003 1801852]
- [x86] kvm: x86: list MSR_IA32_UCODE_REV as an emulated MSR (Paolo 
Bonzini) [1814003 1801852]
- [x86] kvm: x86: Allow userspace to define the microcode version (Paolo 
Bonzini) [1814003 1801852]

[3.10.0-1127.3.1.el7]
- [md] md/raid6: Set R5_ReadError when there is read failure on parity 
disk (Xiao Ni) [1810062 1804569]
- [kernel] blktrace: fix dereference after null check (Ming Lei) 
[1806367 1798318] {CVE-2019-19768}
- [kernel] blktrace: Protect q->blk_trace with RCU (Ming Lei) [1806367 
1798318] {CVE-2019-19768}
- [kernel] blktrace: fix trace mutex deadlock (Ming Lei) [1806367 
1798318] {CVE-2019-19768}
- [kernel] blktrace: fix unlocked registration of tracepoints (Ming Lei) 
[1806367 1798318] {CVE-2019-19768}
- [kernel] blktrace: fix unlocked access to init/start-stop/teardown 
(Ming Lei) [1806367 1798318] {CVE-2019-19768}

[3.10.0-1127.2.1.el7]
- [kernel] tick-sched: Update nohz load even if tick already stopped 
(Scott Wood) [1808030 1694877]

[3.10.0-1127.1.1.el7]
- [net] openvswitch: support asymmetric conntrack (Aaron Conole) 
[1806447 1757759]
- [kernel] audit: CONFIG_CHANGE don't log internal bookkeeping as an 
event (Richard Guy Briggs) [1806430 1777239]
- [kernel] tracing: Fix possible double free on failure of allocating 
trace buffer (Jerome Marchand) [1803010 1803011] {CVE-2017-18595}
- [kernel] tracing: Fix crash when it fails to alloc ring buffer (Jerome 
Marchand) [1803010 1803011] {CVE-2017-18595}
- [base] of: to support binding numa node to specified device in 
devicetree (Jeff Moyer) [1801699 1791883]
- [ptp] ptp: free ptp device pin descriptors properly (Vladis Dronov) 
[1798396 1774657]
- [ptp] ptp: fix the race between the release of ptp_clock and cdev 
(Vladis Dronov) [1798396 1774657]
- [ptp] ptp: Fix pass zero to ERR_PTR() in ptp_clock_register (Vladis 
Dronov) [1798396 1774657]
- [ptp] ptp: create "pins" together with the rest of attributes (Vladis 
Dronov) [1798396 1774657]
- [ptp] ptp: use is_visible method to hide unused attributes (Vladis 
Dronov) [1798396 1774657]
- [ptp] ptp: use kcalloc when allocating arrays (Vladis Dronov) [1798396 
1774657]
- [ptp] ptp: do not explicitly set drvdata in ptp_clock_register() 
(Vladis Dronov) [1798396 1774657]
- [ptp] drivers/ptp: Fix kernel memory disclosure (Vladis Dronov) 
[1798396 1774657]
- [ptp] ptp: Fix resource leak in case of error (Vladis Dronov) [1798396 
1774657]
- [netdrv] ptp: drivers: set the number of programmable pins (Vladis 
Dronov) [1798396 1774657]
- [ptp] ptp: expose the programmable pins via sysfs (Vladis Dronov) 
[1798396 1774657]
- [documentation] ptp: add the pin GET/SETFUNC ioctls to the testptp 
program (Vladis Dronov) [1798396 1774657]
- [documentation] ptp: Allow selecting trigger/event index in testptp 
(Vladis Dronov) [1798396 1774657]
- [documentation] ptp: add the PTP_SYS_OFFSET ioctl to the testptp 
program (Vladis Dronov) [1798396 1774657]
- [netdrv] ixgbevf: Use cached link state instead of re-reading the 
value for ethtool (Ken Cox) [1796799 1794812]
- [kernel] sched: Fix schedule_tail() to disable preemption (Phil Auld) 
[1796262 1771094]

More information about the El-errata mailing list