ELSA-2020-2082

Опубликовано: 14 мая 2020

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2020-2082: kernel security and bug fix update (IMPORTANT)

[3.10.0-1127.8.2.OL7]

Oracle Linux certificates (Alexey Petrenko)
Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
Update x509.genkey [Orabug: 24817676]

[3.10.0-1127.8.2]

[net] netlabel: cope with NULL catmap (Paolo Abeni) [1827239 1827240] {CVE-2020-10711}

[3.10.0-1127.8.1]

[scsi] scsi: qla2xxx: initialize fc4_type_priority (Nilesh Javali) [1827274 1808129]

[3.10.0-1127.7.1]

[net] sched: flower: insert new filter to idr after setting its mask (Davide Caratti) [1824548 1785141]
[netdrv] r8169: fix network stalls due to missing bit TXCFG_AUTO_FIFO (Corinna Vinschen) [1822548 1787263]
[net] net_sched: remove a bogus warning in hfsc (Davide Caratti) [1821262 1781323]
[net] tcp: make tcp_space() aware of socket backlog (Guillaume Nault) [1817499 1790840]
[scsi] iscsi: Avoid potential deadlock in iscsi_if_rx func (Oleksandr Natalenko) [1817497 1715986]
[scsi] scsi: avoid repetitive logging of device offline messages (Nilesh Javali) [1815596 1798042]
[scsi] qla2xxx: Fix I/Os being passed down when FC device is being deleted (Nilesh Javali) [1815596 1798042]
[scsi] scsi: qla2xxx: Fix unbound sleep in fcport delete path (Nilesh Javali) [1815596 1798042]
[scsi] scsi: qla2xxx: Fix hang in fcport delete path (Nilesh Javali) [1815596 1798042]
[scsi] scsi: qla2xxx: Fix stuck session in GNL (Nilesh Javali) [1815596 1798042]
[scsi] scsi: qla2xxx: Correct fcport flags handling (Nilesh Javali) [1815596 1798042]
[scsi] scsi: qla2xxx: Remove defer flag to indicate immeadiate port loss (Nilesh Javali) [1815596 1798042]
[scsi] scsi: megaraid_sas: fixup MSIx interrupt setup during resume (Tomas Henzl) [1813249 1807077]
[md] dm mpath: call clear_request_fn_mpio() in multipath_release_clone() (Mike Snitzer) [1812937 1806400]
[scsi] scsi: implement .cleanup_rq callback (Mike Snitzer) [1812937 1806400]
[md] blk-mq: add callback of .cleanup_rq (Mike Snitzer) [1812937 1806400]
[md] dm rq: fix checking of dm_dispatch_clone_request's return value (Ming Lei) [1814537 1805401]

[3.10.0-1127.6.1]

[x86] x86/debug: Extend the lower bound of crash kernel low reservations (Pingfan Liu) [1817502 1811511]

[3.10.0-1127.5.1]

[netdrv] hv/netvsc: Fix NULL dereference at single queue mode fallback (Mohammed Gamal) [1817935 1806488]
[netdrv] hv/netvsc: fix handling of fallback to single queue mode (Mohammed Gamal) [1817935 1806488]
[netdrv] hv_netvsc: Fix unwanted rx_table reset (Mohammed Gamal) [1817935 1806488]
[netdrv] hv_netvsc: Fix tx_table init in rndis_set_subchannel() (Mohammed Gamal) [1817935 1806488]
[netdrv] hv_netvsc: fix typos in code comments (Mohammed Gamal) [1817935 1806488]
[netdrv] hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (Mohammed Gamal) [1817935 1806488]
[netdrv] hv_netvsc: Fix hash key value reset after other ops (Mohammed Gamal) [1817935 1806488]
[netdrv] hv_netvsc: Refactor assignments of struct netvsc_device_info (Mohammed Gamal) [1817935 1806488]
[netdrv] hv_netvsc: split sub-channel setup into async and sync (Mohammed Gamal) [1817935 1806488]
[netdrv] hv_netvsc: Fix send_table offset in case of a host bug (Mohammed Gamal) [1817935 1806488]
[netdrv] hv_netvsc: Add NetVSP v6 and v6.1 into version negotiation (Mohammed Gamal) [1817935 1806488]
[netdrv] hv_netvsc: Fix offset usage in netvsc_send_table() (Mohammed Gamal) [1817935 1806488]
[netdrv] hv_netvsc: simplify receive side calling arguments (Mohammed Gamal) [1817935 1806488]

[3.10.0-1127.4.1]

[x86] kvm: x86: do not reset microcode version on INIT or RESET (Paolo Bonzini) [1814003 1801852]
[x86] kvm: x86: list MSR_IA32_UCODE_REV as an emulated MSR (Paolo Bonzini) [1814003 1801852]
[x86] kvm: x86: Allow userspace to define the microcode version (Paolo Bonzini) [1814003 1801852]

[3.10.0-1127.3.1]

[md] md/raid6: Set R5_ReadError when there is read failure on parity disk (Xiao Ni) [1810062 1804569]
[kernel] blktrace: fix dereference after null check (Ming Lei) [1806367 1798318] {CVE-2019-19768}
[kernel] blktrace: Protect q->blk_trace with RCU (Ming Lei) [1806367 1798318] {CVE-2019-19768}
[kernel] blktrace: fix trace mutex deadlock (Ming Lei) [1806367 1798318] {CVE-2019-19768}
[kernel] blktrace: fix unlocked registration of tracepoints (Ming Lei) [1806367 1798318] {CVE-2019-19768}
[kernel] blktrace: fix unlocked access to init/start-stop/teardown (Ming Lei) [1806367 1798318] {CVE-2019-19768}

[3.10.0-1127.2.1]

[kernel] tick-sched: Update nohz load even if tick already stopped (Scott Wood) [1808030 1694877]

[3.10.0-1127.1.1]

[net] openvswitch: support asymmetric conntrack (Aaron Conole) [1806447 1757759]
[kernel] audit: CONFIG_CHANGE don't log internal bookkeeping as an event (Richard Guy Briggs) [1806430 1777239]
[kernel] tracing: Fix possible double free on failure of allocating trace buffer (Jerome Marchand) [1803010 1803011] {CVE-2017-18595}
[kernel] tracing: Fix crash when it fails to alloc ring buffer (Jerome Marchand) [1803010 1803011] {CVE-2017-18595}
[base] of: to support binding numa node to specified device in devicetree (Jeff Moyer) [1801699 1791883]
[ptp] ptp: free ptp device pin descriptors properly (Vladis Dronov) [1798396 1774657]
[ptp] ptp: fix the race between the release of ptp_clock and cdev (Vladis Dronov) [1798396 1774657]
[ptp] ptp: Fix pass zero to ERR_PTR() in ptp_clock_register (Vladis Dronov) [1798396 1774657]
[ptp] ptp: create 'pins' together with the rest of attributes (Vladis Dronov) [1798396 1774657]
[ptp] ptp: use is_visible method to hide unused attributes (Vladis Dronov) [1798396 1774657]
[ptp] ptp: use kcalloc when allocating arrays (Vladis Dronov) [1798396 1774657]
[ptp] ptp: do not explicitly set drvdata in ptp_clock_register() (Vladis Dronov) [1798396 1774657]
[ptp] drivers/ptp: Fix kernel memory disclosure (Vladis Dronov) [1798396 1774657]
[ptp] ptp: Fix resource leak in case of error (Vladis Dronov) [1798396 1774657]
[netdrv] ptp: drivers: set the number of programmable pins (Vladis Dronov) [1798396 1774657]
[ptp] ptp: expose the programmable pins via sysfs (Vladis Dronov) [1798396 1774657]
[documentation] ptp: add the pin GET/SETFUNC ioctls to the testptp program (Vladis Dronov) [1798396 1774657]
[documentation] ptp: Allow selecting trigger/event index in testptp (Vladis Dronov) [1798396 1774657]
[documentation] ptp: add the PTP_SYS_OFFSET ioctl to the testptp program (Vladis Dronov) [1798396 1774657]
[netdrv] ixgbevf: Use cached link state instead of re-reading the value for ethtool (Ken Cox) [1796799 1794812]
[kernel] sched: Fix schedule_tail() to disable preemption (Phil Auld) [1796262 1771094]

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

bpftool

3.10.0-1127.8.2.el7

kernel

3.10.0-1127.8.2.el7

kernel-abi-whitelists

3.10.0-1127.8.2.el7

kernel-debug

3.10.0-1127.8.2.el7

kernel-debug-devel

3.10.0-1127.8.2.el7

kernel-devel

3.10.0-1127.8.2.el7

kernel-doc

3.10.0-1127.8.2.el7

kernel-headers

3.10.0-1127.8.2.el7

kernel-tools

3.10.0-1127.8.2.el7

kernel-tools-libs

3.10.0-1127.8.2.el7

kernel-tools-libs-devel

3.10.0-1127.8.2.el7

perf

3.10.0-1127.8.2.el7

python-perf

3.10.0-1127.8.2.el7

Связанные CVE

CVE-2020-10711

CVE-2017-18595

CVE-2019-19768

Ссылки на источники

Связанные уязвимости

CVE-2020-10711

CVSS3: 5.9

ubuntu

около 5 лет назад

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.