[El-errata] ELSA-2021-9220 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon May 10 10:22:04 PDT 2021 

Oracle Linux Security Advisory ELSA-2021-9220

http://linux.oracle.com/errata/ELSA-2021-9220.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2102.201.3.el7uek.x86_64.rpm
kernel-uek-debug-5.4.17-2102.201.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2102.201.3.el7uek.x86_64.rpm
kernel-uek-devel-5.4.17-2102.201.3.el7uek.x86_64.rpm
kernel-uek-doc-5.4.17-2102.201.3.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2102.201.3.el7uek.x86_64.rpm

aarch64:
kernel-uek-5.4.17-2102.201.3.el7uek.aarch64.rpm
kernel-uek-debug-5.4.17-2102.201.3.el7uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2102.201.3.el7uek.aarch64.rpm
kernel-uek-devel-5.4.17-2102.201.3.el7uek.aarch64.rpm
kernel-uek-doc-5.4.17-2102.201.3.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2102.201.3.el7uek.aarch64.rpm
kernel-uek-tools-libs-5.4.17-2102.201.3.el7uek.aarch64.rpm
perf-5.4.17-2102.201.3.el7uek.aarch64.rpm
python-perf-5.4.17-2102.201.3.el7uek.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-5.4.17-2102.201.3.el7uek.src.rpm

Related CVEs:

CVE-2021-28038
CVE-2021-28688
CVE-2021-28950
CVE-2021-28964
CVE-2021-28971
CVE-2021-29266
CVE-2021-29650
CVE-2021-3411




Description of changes:

[5.4.17-2102.201.3.el7uek]
- locking/qrwlock: Fix ordering in queued_write_lock_slowpath() (Ali Saidi)  [Orabug: 32805544]

[5.4.17-2102.201.2.el7uek]
- md/bitmap: wait for external bitmap writes to complete during tear down (Sudhakar Panneerselvam)  [Orabug: 32764237]
- ocfs2: fix deadlock between setattr and dio_end_io_write (Wengang Wang)  [Orabug: 32763849]
- tcp: do not mess with cloned skbs in tcp_add_backlog() (Eric Dumazet)  [Orabug: 32760314]
- Revert "x86/vmlinux: Use INT3 instead of NOP for linker fill bytes" (John Donnelly)  [Orabug: 32576398]  {CVE-2021-3411}
- iommu/vt-d: Fix agaw for a supported 48 bit guest address width (Saeed Mirzamohammadi)  [Orabug: 32734148]
- LTS tag: v5.4.85 (Jack Vogel) 
- x86/resctrl: Fix incorrect local bandwidth when mba_sc is enabled (Xiaochen Shen) 
- x86/resctrl: Remove unused struct mbm_state::chunks_bw (James Morse) 
- membarrier: Explicitly sync remote cores when SYNC_CORE is requested (Andy Lutomirski) 
- Revert "selftests/ftrace: check for do_sys_openat2 in user-memory test" (Kamal Mostafa) 
- KVM: mmu: Fix SPTE encoding of MMIO generation upper half (Maciej S. Szmigiero) 
- serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access (Alexander Sverdlin) 
- ALSA: pcm: oss: Fix potential out-of-bounds shift (Takashi Iwai) 
- USB: sisusbvga: Make console support depend on BROKEN (Thomas Gleixner) 
- USB: UAS: introduce a quirk to set no_write_same (Oliver Neukum) 
- xhci-pci: Allow host runtime PM as default for Intel Alpine Ridge LP (Hans de Goede) 
- xhci: Give USB2 ports time to enter U3 in bus suspend (Li Jun) 
- ALSA: usb-audio: Fix control 'access overflow' errors from chmap (Takashi Iwai) 
- ALSA: usb-audio: Fix potential out-of-bounds shift (Takashi Iwai) 
- USB: add RESET_RESUME quirk for Snapscan 1212 (Oliver Neukum) 
- USB: dummy-hcd: Fix uninitialized array use in init() (Bui Quang Minh) 
- ktest.pl: If size of log is too big to email, email error message (Steven Rostedt (VMware)) 
- net: stmmac: delete the eee_ctrl_timer after napi disabled (Fugang Duan) 
- net: stmmac: dwmac-meson8b: fix mask definition of the m250_sel mux (Martin Blumenstingl) 
- net: ll_temac: Fix potential NULL dereference in temac_probe() (Zhang Changzhong) 
- lan743x: fix for potential NULL pointer dereference with bare card (Sergej Bauer) 
- tcp: fix cwnd-limited bug for TSO deferral where we send nothing (Neal Cardwell) 
- tcp: select sane initial rcvq_space.space for big MSS (Eric Dumazet) 
- net: stmmac: free tx skb buffer in stmmac_resume() (Fugang Duan) 
- bridge: Fix a deadlock when enabling multicast snooping (Joseph Huang) 
- enetc: Fix reporting of h/w packet counters (Claudiu Manoil) 
- udp: fix the proto value passed to ip_protocol_deliver_rcu for the segments (Xin Long) 
- net: hns3: remove a misused pragma packed (Huazhong Tan) 
- vrf: packets with lladdr src needs dst at input with orig_iif when needs strict (Stephen Suryaputra) 
- net: bridge: vlan: fix error return code in __vlan_add() (Zhang Changzhong) 
- mac80211: mesh: fix mesh_pathtbl_init() error path (Eric Dumazet) 
- ipv4: fix error return code in rtm_to_fib_config() (Zhang Changzhong) 
- ptrace: Prevent kernel-infoleak in ptrace_get_syscall_info() (Peilin Ye) 
- LTS tag: v5.4.84 (Jack Vogel) 
- compiler.h: fix barrier_data() on clang (Arvind Sankar) 
- mm/zsmalloc.c: drop ZSMALLOC_PGTABLE_MAPPING (Minchan Kim) 
- x86/apic/vector: Fix ordering in vector assignment (Thomas Gleixner) 
- x86/membarrier: Get rid of a dubious optimization (Andy Lutomirski) 
- x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP (Arvind Sankar) 
- scsi: be2iscsi: Revert "Fix a theoretical leak in beiscsi_create_eqs()" (Dan Carpenter) 
- proc: use untagged_addr() for pagemap_read addresses (Miles Chen) 
- kbuild: avoid static_assert for genksyms (Arnd Bergmann) 
- drm/i915/display/dp: Compute the correct slice count for VDSC on DP (Manasi Navare) 
- mmc: block: Fixup condition for CMD13 polling for RPMB requests (Bean Huo) 
- pinctrl: amd: remove debounce filter setting in IRQ type setting (Coiby Xu) 
- Input: i8042 - add Acer laptops to the i8042 reset list (Chris Chiu) 
- Input: cm109 - do not stomp on control URB (Dmitry Torokhov) 
- ktest.pl: Fix incorrect reboot for grub2bls (Libo Chen) 
- can: m_can: m_can_dev_setup(): add support for bosch mcan version 3.3.0 (Pankaj Sharma) 
- platform/x86: touchscreen_dmi: Add info for the Irbis TW118 tablet (Hans de Goede) 
- platform/x86: intel-vbtn: Support for tablet mode on HP Pavilion 13 x360 PC (Max Verevkin) 
- platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE (Timo Witte) 
- platform/x86: thinkpad_acpi: Add BAT1 is primary battery quirk for Thinkpad Yoga 11e 4th gen (Hans de Goede) 
- platform/x86: thinkpad_acpi: Do not report SW_TABLET_MODE on Yoga 11e (Hans de Goede) 
- arm64: tegra: Disable the ACONNECT for Jetson TX2 (Jon Hunter) 
- soc: fsl: dpio: Get the cpumask through cpumask_of(cpu) (Hao Si) 
- spi: spi-nxp-fspi: fix fspi panic by unexpected interrupts (Ran Wang) 
- irqchip/gic-v3-its: Unconditionally save/restore the ITS state on suspend (Xu Qiang) 
- ibmvnic: skip tx timeout reset while in resetting (Lijun Pan) 
- interconnect: qcom: qcs404: Remove GPU and display RPM IDs (Georgi Djakov) 
- scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE (Can Guo) 
- ARC: stack unwinding: don't assume non-current task is sleeping (Vineet Gupta) 
- arm64: dts: broadcom: clear the warnings caused by empty dma-ranges (Zhen Lei) 
- powerpc: Drop -me200 addition to build flags (Michael Ellerman) 
- iwlwifi: mvm: fix kernel panic in case of assert during CSA (Sara Sharon) 
- iwlwifi: pcie: set LTR to avoid completion timeout (Johannes Berg) 
- arm64: dts: rockchip: Assign a fixed index to mmc devices on rk3399 boards. (Markus Reichl) 
- iwlwifi: pcie: limit memory read spin time (Johannes Berg) 
- x86/lib: Change .weak to SYM_FUNC_START_WEAK for arch/x86/lib/mem*_64.S (Fangrui Song) 
- Kbuild: do not emit debug info for assembly with LLVM_IAS=1 (Nick Desaulniers)

[5.4.17-2102.201.1.el7uek]
- IB/mlx5: Reduce max order of memory allocated for xlt update (Praveen Kumar Kannoju)  [Orabug: 32751624]
- netfilter: x_tables: Use correct memory barriers. (Mark Tomlinson)  [Orabug: 32709120]  {CVE-2021-29650}
- perf/x86/intel: Fix a crash caused by zero PEBS status (Kan Liang)  [Orabug: 32669468]  {CVE-2021-28971}
- btrfs: fix race when cloning extent buffer during rewind of an old root (Filipe Manana)  [Orabug: 32669450]  {CVE-2021-28964}

[5.4.17-2102.201.0.el7uek]
- uek-rpm: Update SecureBoot Digicert 2021 certificates (Jack Vogel)  [Orabug: 32532663]
- RDMA/rxe:  ipc_bench fails on SoftRoCE with shpd (Rao Shoaib)  [Orabug: 32716155]
- vhost-vdpa: set v->config_ctx to NULL if eventfd_ctx_fdget() fails (Stefano Garzarella)  [Orabug: 32696005]  {CVE-2021-29266}
- vhost-vdpa: fix use-after-free of v->config_ctx (Stefano Garzarella)  [Orabug: 32696005]  {CVE-2021-29266}
- fuse: fix live lock in fuse_iget() (Amir Goldstein)  [Orabug: 32669269]  {CVE-2021-28950}
- fuse: fix bad inode (Miklos Szeredi)  [Orabug: 32669269]  {CVE-2021-28950}
- RDMA/core: Fix corrupted SL on passive side (Håkon Bugge)  [Orabug: 32662965]
- Xen/gnttab: handle p2m update errors on a per-slot basis (Jan Beulich)  [Orabug: 32651473]  {CVE-2021-28038}
- RDMA/rxe: Compute the maximum sges and inline size based on the WQE size (Rao Shoaib)  [Orabug: 32648060]
- KVM: kvmclock: Fix vCPUs > 64 can't be online/hotpluged (Wanpeng Li)  [Orabug: 32641672]
- xen/netback: avoid race in xenvif_rx_ring_slots_available() (Juergen Gross)  [Orabug: 32640116]
- uek-rpm: ol7: aarch64: add CONFIG_ACPI_HOTPLUG_MEMORY (Mihai Carabas)  [Orabug: 32638660]
- KVM: SVM: Disable AVIC before setting V_IRQ (Suravee Suthikulpanit)  [Orabug: 32603569]
- KVM: Introduce kvm_make_all_cpus_request_except() (Suravee Suthikulpanit)  [Orabug: 32603569]
- KVM: X86: correct meaningless kvm_apicv_activated() check (Paolo Bonzini)  [Orabug: 32603569]
- KVM: Disable preemption in kvm_get_running_vcpu() (Marc Zyngier)  [Orabug: 32603569]
- KVM: Move running VCPU from ARM to common code (Paolo Bonzini)  [Orabug: 32603569]
- xen-blkback: don't leak persistent grants from xen_blkbk_map() (Jan Beulich)  [Orabug: 32697850]  {CVE-2021-28688}
- video: hyperv_fb: Fix the mmap() regression for v5.4.y and older (Dexuan Cui)  [Orabug: 32651461]

More information about the El-errata mailing list