Описание
ELSA-2020-5750: Unbreakable Enterprise kernel security update (IMPORTANT)
[4.1.12-124.40.6]
- ipv4: ipv4_default_advmss() should use route mtu (Eric Dumazet) [Orabug: 31563095]
- net: ipv4: Refine the ipv4_default_advmss (Gao Feng) [Orabug: 31563095]
[4.1.12-124.40.5]
- Revert 'bnxt_en: Remove busy poll logic in the driver.' (Brian Maly) [Orabug: 28151475]
- md: batch flush requests. (NeilBrown) [Orabug: 31332821]
- ALSA: core: Fix card races between register and disconnect (Takashi Iwai) [Orabug: 31351891] {CVE-2019-15214}
- media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner (Malcolm Priestley) [Orabug: 31352061] {CVE-2017-16538}
- media: dvb-usb-v2: lmedm04: Improve logic checking of warm start (Malcolm Priestley) [Orabug: 31352061] {CVE-2017-16538}
- atomic_open(): fix the handling of create_error (Al Viro) [Orabug: 31493395]
[4.1.12-124.40.4]
- media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (Tomas Bortoli) [Orabug: 31351119] {CVE-2019-19533}
- NFS: Fix a performance regression in readdir (Trond Myklebust) [Orabug: 31409061]
[4.1.12-124.40.3]
- x86/speculation: Add Ivy Bridge to affected list (Josh Poimboeuf) [Orabug: 31475612] {CVE-2020-0543}
- x86/speculation: Add SRBDS vulnerability and mitigation documentation (Mark Gross) [Orabug: 31475612] {CVE-2020-0543}
- x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Mark Gross) [Orabug: 31475612] {CVE-2020-0543}
- x86/cpu: Add 'table' argument to cpu_matches() (Mark Gross) [Orabug: 31475612] {CVE-2020-0543}
- x86/cpu: Add a steppings field to struct x86_cpu_id (Mark Gross) [Orabug: 31475612] {CVE-2020-0543}
- x86/cpu: Rename cpu_data.x86_mask to cpu_data.x86_stepping (Jia Zhang) [Orabug: 31475612] {CVE-2020-0543}
[4.1.12-124.40.2]
- MCE: Restrict MCE banks to 6 on AMD platform (Zhenzhong Duan) [Orabug: 30000521]
- can: peak_usb: fix slab info leak (Johan Hovold) [Orabug: 31351141] {CVE-2019-19534}
- can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices (Tomas Bortoli) [Orabug: 31351250] {CVE-2019-19536}
- xfs: fix freeze hung (Junxiao Bi) [Orabug: 31430876]
[4.1.12-124.40.1]
- iscsi_target: fix mismatch spinlock unlock (Junxiao Bi) [Orabug: 31202372]
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
4.1.12-124.40.6.el6uek
kernel-uek-debug
4.1.12-124.40.6.el6uek
kernel-uek-debug-devel
4.1.12-124.40.6.el6uek
kernel-uek-devel
4.1.12-124.40.6.el6uek
kernel-uek-doc
4.1.12-124.40.6.el6uek
kernel-uek-firmware
4.1.12-124.40.6.el6uek
Oracle Linux 7
Oracle Linux x86_64
kernel-uek
4.1.12-124.40.6.el7uek
kernel-uek-debug
4.1.12-124.40.6.el7uek
kernel-uek-debug-devel
4.1.12-124.40.6.el7uek
kernel-uek-devel
4.1.12-124.40.6.el7uek
kernel-uek-doc
4.1.12-124.40.6.el7uek
kernel-uek-firmware
4.1.12-124.40.6.el7uek
Ссылки на источники
Связанные уязвимости
ELSA-2020-5755: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2020-5753: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2020-5754: Unbreakable Enterprise kernel security update (IMPORTANT)
In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464.
In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464.