ELSA-2020-5023

Описание

[3.10.0-1160.6.1.OL7]

• Oracle Linux certificates (Ilya Okomin)
• Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
• Update x509.genkey [Orabug: 24817676]
• Conflict with shim-ia32 and shim-x64 <= 15-2.0.3

[3.10.0-1160.6.1]

• [net] netfilter: nf_queue: place bridge physports into queue_entry struct (Florian Westphal) [1885682]
• [net] netfilter: nf_queue: do not release refcouts until nf_reinject is done (Florian Westphal) [1885682]
• [net] netfilter: nf_queue: make nf_queue_entry_release_refs static (Florian Westphal) [1885682]
• [net] bluetooth: l2cap: Fix calling sk_filter on non-socket based channel (Gopal Tiwari) [1888253] {CVE-2020-12351}
• [net] bluetooth: a2mp: Fix not initializing all members (Gopal Tiwari) [1888797] {CVE-2020-12352}

[3.10.0-1160.5.1]

• [x86] x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs (Myron Stowe) [1849223]
• [kernel] uprobes: Change handle_swbp() to send SIGTRAP with si_code=SI_KERNEL, to fix GDB regression (Oleg Nesterov) [1861396]
• [video] vgacon: Fix for missing check in scrollback handling (Lyude Paul) [1859468] {CVE-2020-14331}
• [pci] hv: Retry PCI bus D0 entry on invalid device state (Mohammed Gamal) [1846667]
• [pci] hv: Fix the PCI HyperV probe failure path to release resource properly (Mohammed Gamal) [1846667]
• [x86] xen: Add call of speculative_store_bypass_ht_init() to PV paths (Vladis Dronov) [1882468]
• [powerpc] powerpc/smp: Use nid as fallback for package_id (Desnes Augusto Nunes do Rosario) [1826306]
• [powerpc] powerpc/smp: Add Power9 scheduler topology (Desnes Augusto Nunes do Rosario) [1826306]
• [kernel] sched: Add a new SD_SHARE_POWERDOMAIN for sched_domain (Desnes Augusto Nunes do Rosario) [1826306]
• [powerpc] sched, powerpc: Create a dedicated topology table (Desnes Augusto Nunes do Rosario) [1826306]
• [s390] sched, s390: Create a dedicated topology table (Desnes Augusto Nunes do Rosario) [1826306]
• [s390] s390/topology: Remove call to update_cpu_masks() (Desnes Augusto Nunes do Rosario) [1826306]
• [powerpc] powerpc/smp: Add cpu_l2_cache_map (Desnes Augusto Nunes do Rosario) [1826306]
• [powerpc] powerpc/smp: Rework CPU topology construction (Desnes Augusto Nunes do Rosario) [1826306]
• [powerpc] powerpc/smp: Use cpu_to_chip_id() to find core siblings (Desnes Augusto Nunes do Rosario) [1826306]
• [powerpc] powerpc, hotplug: Avoid to touch non-existent cpumasks (Desnes Augusto Nunes do Rosario) [1826306]

[3.10.0-1160.4.1]

• [block] virtio-blk: handle block_device_operations callbacks after hot unplug (Stefan Hajnoczi) [1811893]
• [scsi] Revert 'scsi: qla2xxx: Fix crash on qla2x00_mailbox_command' (Nilesh Javali) [1826127]
• [scsi] scsi: qla2xxx: Fix stale mem access on driver unload (Nilesh Javali) [1826127]
• [scsi] scsi: qedf: Fix crash when MFW calls for protocol stats while function is still probing (Nilesh Javali) [1836443]
• [scsi] scsi: qedf: Keep track of num of pending flogi (Nilesh Javali) [1836443]
• [scsi] scsi: qedf: Fix race betwen fipvlan request and response path (Nilesh Javali) [1836443]
• [scsi] scsi: qedf: Decrease the LL2 MTU size to 2500 (Nilesh Javali) [1836443]
• [scsi] scsi: qedf: Check for module unloading bit before processing link update AEN (Nilesh Javali) [1836443]
• [scsi] scsi: qedf: Initiator fails to re-login to switch after link down (Nilesh Javali) [1836443]
• [scsi] scsi: qedf: Fix crash during sg_reset (Nilesh Javali) [1836443]
• [scsi] scsi: qedf: Stop sending fipvlan request on unload (Nilesh Javali) [1836443]
• [message] scsi: mptscsih: Fix read sense data size (Tomas Henzl) [1829803]
• [scsi] scsi: megaraid_sas: Clear affinity hint (Tomas Henzl) [1828312]

[3.10.0-1160.3.1]

• [net] net-sysfs: Call dev_hold always in rx_queue_add_kobject (Hangbin Liu) [1846454] {CVE-2019-20811}
• [net] net-sysfs: Call dev_hold always in netdev_queue_add_kobject (Hangbin Liu) [1846454] {CVE-2019-20811}
• [net] net-sysfs: call dev_hold if kobject_init_and_add success (Hangbin Liu) [1846454] {CVE-2019-20811}
• [netdrv] macvlan: Change status when lower device goes down (Hangbin Liu) [1848950]
• [netdrv] macvlan: make operstate and carrier more accurate (Hangbin Liu) [1848950]
• [infiniband] RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() (Kamal Heib) [1858707]
• [infiniband] RDMA/ipoib: Return void from ipoib_ib_dev_stop() (Kamal Heib) [1858707]
• [net] tcp: limit sk_write_qlen based on sndbuf size (Florian Westphal) [1847765]
• [netdrv] net/mlx5e: Modify uplink state on interface up/down (Alaa Hleihel) [1733181]
• [netdrv] net/mlx5: E-Switch, Disable esw manager vport correctly (Alaa Hleihel) [1733181]
• [netdrv] net/mlx5: E-Switch, Properly refer to host PF vport as other vport (Alaa Hleihel) [1733181]