ELSA-2020-0834 Important: Oracle Linux 7 kernel security, bug fix, and enhancement update

Oracle Linux 6166 Published by

A kernel security, bug fix, and enhancement update has been released for Oracle Linux 7.



Oracle Linux Security Advisory ELSA-2020-0834

  http://linux.oracle.com/errata/ELSA-2020-0834.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
bpftool-3.10.0-1062.18.1.el7.x86_64.rpm
kernel-3.10.0-1062.18.1.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-1062.18.1.el7.noarch.rpm
kernel-debug-3.10.0-1062.18.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-1062.18.1.el7.x86_64.rpm
kernel-devel-3.10.0-1062.18.1.el7.x86_64.rpm
kernel-doc-3.10.0-1062.18.1.el7.noarch.rpm
kernel-headers-3.10.0-1062.18.1.el7.x86_64.rpm
kernel-tools-3.10.0-1062.18.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-1062.18.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-1062.18.1.el7.x86_64.rpm
perf-3.10.0-1062.18.1.el7.x86_64.rpm
python-perf-3.10.0-1062.18.1.el7.x86_64.rpm

SRPMS:
  http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-1062.18.1.el7.src.rpm


Description of changes:

[3.10.0-1062.18.1.el7.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel
(olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]

[3.10.0-1062.18.1.el7]
- [x86] x86/boot/64: Round memory hole size up to next PMD page (Frank
Ramsay) [1798163 1773762]
- [x86] x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel
area (Frank Ramsay) [1798163 1773762]
- [fs] gfs2: Use d_materialise_unique instead of d_splice_alias (2)
(Andreas Grunbacher) [1796431 1784550]
- [fs] gfs2: gfs2_create_inode(): don't bother with d_splice_alias()
(Andreas Grunbacher) [1796431 1784550]
- [fs] gfs2: bugger off early if O_CREAT open finds a directory (Andreas
Grunbacher) [1796431 1784550]
- [scsi] scsi: hpsa: remove printing internal cdb on tag collision
(Joseph Szczypek) [1793579 1741355]
- [scsi] scsi: hpsa: correct scsi command status issue after reset
(Joseph Szczypek) [1793579 1741355]
- [infiniband] IB/mlx5: Fix MR registration flow to use UMR properly
(Alaa Hleihel) [1792371 1741343]
- [scsi] qedf: Initialize rport while creation of vport (Nilesh Javali)
[1791825 1760746]
- [scsi] scsi: hpsa: add missing hunks in reset-patch (Joseph Szczypek)
[1791782 1761978]
- [block] block: don't change REQ_NR_BITS (Ming Lei) [1791781 1779712]
- [scsi] scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (Himanshu
Madhani) [1791595 1729270]
- [drm] drm/radeon: fix si_enable_smc_cac() failed issue (Dave Airlie)
[1789744 1780026]
- [scsi] scsi: bnx2fc: timeout calculation invalid for bnx2fc_eh_abort()
(Nilesh Javali) [1784824 1772966]
- [md] md/raid10: prevent access of uninitialized resync_pages offset
(Nigel Croxon) [1781584 1767935]
- [fs] fix inode leaks on d_splice_alias() failure exits (Miklos
Szeredi) [1781159 1749390]
- [fs] cachefiles: Fix page leak in cachefiles_read_backing_file while
vmscan is active (David Howells) [1780149 1765975]
- [mm] mm: swap: clean up swap readahead (Rafael Aquini) [1780035 1725396]
- [mm] mm: do_swap_page: clean up parameter list passing a pointer to
struct vm_fault (Rafael Aquini) [1780035 1725396]
- [mm] mm: __handle_mm_fault: introduce explicit barrier after orig_pte
dereference (Rafael Aquini) [1780035 1725396]
- [x86] kvm: vmx: use MSR_IA32_TSX_CTRL to hard-disable TSX on guest
that lack it (Paolo Bonzini) [1779766 1779768]
- [x86] kvm: vmx: implement MSR_IA32_TSX_CTRL disable RTM functionality
(Paolo Bonzini) [1779766 1779768] {CVE-2019-19338}
- [x86] kvm: x86: Mark expected switch fall-throughs (Paolo Bonzini)
[1779766 1779768] {CVE-2019-19338}
- [x86] kvm: x86: implement MSR_IA32_TSX_CTRL effect on CPUID (Paolo
Bonzini) [1779766 1779768] {CVE-2019-19338}
- [x86] kvm: x86: do not modify masked bits of shared MSRs (Paolo
Bonzini) [1779766 1779768] {CVE-2019-19338}
- [x86] kvm: x86: fix presentation of TSX feature in ARCH_CAPABILITIES
(Paolo Bonzini) [1779766 1779768] {CVE-2019-19338}
- [x86] kvm/x86: Export MDS_NO=0 to guests when TSX is enabled (Paolo
Bonzini) [1779766 1779768] {CVE-2019-19338}
- [s390] scsi: zfcp: fix reaction on bit error threshold notification
(Philipp Rudo) [1778691 1765123]
- [net] ipv6: Rewind hlist offset on interrupted /proc/net/if_inet6 read
(Stefano Brivio) [1778084 1753480]
- [net] revert "[net] ipv6: Display all addresses in output of
/proc/net/if_inet6" (Stefano Brivio) [1778084 1753480]
- [wireless] rtlwifi: Fix potential overflow on P2P code (Josef Oskera)
[1775235 1775236] {CVE-2019-17666}
- [md] md: improve handling of bio with REQ_PREFLUSH in
md_flush_request() (Xiao Ni) [1773482 1752061]
- [fs] fscache: Don't use a constructor function on the slab allocator
(David Howells) [1793086 1739996]
- [mm] mm: fix insert_pfn regression (Jeff Moyer) [1793088 1739889]
- [mm] mm/page_idle.c: fix oops because end_pfn is larger than max_pfn
(Rafael Aquini) [1768386 1730471]
- [mm] mm/mlock.c: mlockall error for flag MCL_ONFAULT (Rafael Aquini)
[1768386 1730471]
- [mm] hugetlb: use same fault hash key for shared and private mappings
(Rafael Aquini) [1768386 1730471]
- [mm] hugetlbfs: on restore reserve error path retain subpool
reservation (Rafael Aquini) [1768386 1730471]
- [mm] mm/memory.c: fix modifying of page protection by insert_pfn()
(Rafael Aquini) [1768386 1730471]
- [mm] mm, swap: bounds check swap_info array accesses to avoid NULL
derefs (Rafael Aquini) [1768386 1730471]
- [mm] mm/slub.c: remove an unused addr argument (Rafael Aquini)
[1768386 1730471]
- [mm] hugetlbfs: fix races and page leaks during migration (Rafael
Aquini) [1768386 1730471]
- [mm] mm, oom: fix use-after-free in oom_kill_process (Rafael Aquini)
[1768386 1730471]
- [mm] percpu: convert spin_lock_irq to spin_lock_irqsave (Rafael
Aquini) [1768386 1730471]
- [mm] mm/swapfile.c: use kvzalloc for swap_info_struct allocation
(Rafael Aquini) [1768386 1730471]
- [mm] hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:444! (Rafael
Aquini) [1768386 1730471]
- [mm] mm: Fix warning in insert_pfn() (Rafael Aquini) [1768386 1730471]
- [mm] hugetlbfs: dirty pages as they are added to pagecache (Rafael
Aquini) [1768386 1730471]
- [mm] mm/swapfile.c: fix swap_count comment about nonexistent
SWAP_HAS_CONT (Rafael Aquini) [1768386 1730471]
- [mm] slab: __GFP_ZERO is incompatible with a constructor (Rafael
Aquini) [1768386 1730471]
- [mm] mm: fix the NULL mapping case in __isolate_lru_page() (Rafael
Aquini) [1768386 1730471]
- [mm] mm/filemap.c: fix NULL pointer in page_cache_tree_insert()
(Rafael Aquini) [1768386 1730471]
- [fs] block_invalidatepage(): only release page if the full page was
invalidated (Rafael Aquini) [1768386 1730471]
- [mm] mm/mempolicy.c: avoid use uninitialized preferred_node (Rafael
Aquini) [1768386 1730471]
- [mm] mm: pin address_space before dereferencing it while isolating an
LRU page (Rafael Aquini) [1768386 1730471]
- [fs] fs/hugetlbfs/inode.c: change put_page/unlock_page order in
hugetlbfs_fallocate() (Rafael Aquini) [1768386 1730471]
- [mm] mm: do not rely on preempt_count in print_vma_addr (Rafael
Aquini) [1768386 1730471]
- [mm] mm, swap: fix race between swap count continuation operations
(Rafael Aquini) [1768386 1730471]
- [mm] mm: meminit: mark init_reserved_page as __meminit (Rafael Aquini)
[1768386 1730471]
- [mm] mm/vmstat.c: fix wrong comment (Rafael Aquini) [1768386 1730471]
- [mm] mm, hugetlb: do not allocate non-migrateable gigantic pages from
movable zones (Rafael Aquini) [1768386 1730471]
- [mm] mm: always flush VMA ranges affected by zap_page_range (Rafael
Aquini) [1768386 1730471]
- [mm] mm/mremap: fail map duplication attempts for private mappings
(Rafael Aquini) [1768386 1730471]
- [mm] mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
(Rafael Aquini) [1768386 1730471]
- [mm] mm: numa: avoid waiting on freed migrated pages (Rafael Aquini)
[1768386 1730471]
- [mm] mm/memory-failure.c: use compound_head() flags for huge pages
(Rafael Aquini) [1768386 1730471]
- [fs] fs/block_dev: always invalidate cleancache in invalidate_bdev()
(Rafael Aquini) [1768386 1730471]
- [mm] percpu: remove unused chunk_alloc parameter from pcpu_get_pages()
(Rafael Aquini) [1768386 1730471]
- [mm] percpu: acquire pcpu_lock when updating pcpu_nr_empty_pop_pages
(Rafael Aquini) [1768386 1730471]
- [mm] mm: do not access page->mapping directly on page_endio (Rafael
Aquini) [1768386 1730471]
- [mm] mm/page_alloc: fix nodes for reclaim in fast path (Rafael Aquini)
[1768386 1730471]
- [mm] mm: alloc_contig_range: allow to specify GFP mask (Rafael Aquini)
[1768386 1730471]
- [mm] mm: vmscan: scan dirty pages even in laptop mode (Rafael Aquini)
[1768386 1730471]
- [mm] mm/mempolicy.c: do not put mempolicy before using its nodemask
(Rafael Aquini) [1768386 1730471]
- [mm] mm: fix set pageblock migratetype in deferred struct page init
(Rafael Aquini) [1768386 1730471]
- [mm] mm: delete unnecessary and unsafe init_tlb_ubc() (Rafael Aquini)
[1768386 1730471]
- [kernel] mm, mempolicy: task->mempolicy must be NULL before dropping
final reference (Rafael Aquini) [1768386 1730471]
- [mm] mm: use phys_addr_t for reserve_bootmem_region() arguments
(Rafael Aquini) [1768386 1730471]
- [mm] mm/huge_memory: replace VM_NO_THP VM_BUG_ON with actual VMA check
(Rafael Aquini) [1768386 1730471]
- [mm] mm: soft-offline: check return value in second __get_any_page()
call (Rafael Aquini) [1768386 1730471]
- [include] include/linux/memblock.h: fix ordering of 'flags' argument
in comments (Rafael Aquini) [1768386 1730471]
- [mm] rmap: fix theoretical race between do_wp_page and
shrink_active_list (Rafael Aquini) [1768386 1730471]
- [mm] mm/mremap.c: clean up goto just return ERR_PTR (Rafael Aquini)
[1768386 1730471]
- [mm] mremap should return -ENOMEM when __vm_enough_memory fail (Rafael
Aquini) [1768386 1730471]
- [mm] writeback: fix possible underflow in write bandwidth calculation
(Rafael Aquini) [1768386 1730471]
- [mm] writeback: add missing INITIAL_JIFFIES init in
global_update_bandwidth() (Rafael Aquini) [1768386 1730471]
- [mm] mm/memory.c: actually remap enough memory (Rafael Aquini)
[1768386 1730471]
- [mm] mm/compaction: fix wrong order check in compact_finished()
(Rafael Aquini) [1768386 1730471]
- [mm] mm, vmscan: prevent kswapd livelock due to pfmemalloc-throttled
process being killed (Rafael Aquini) [1768386 1730471]
- [mm] mm: fix anon_vma_clone() error treatment (Rafael Aquini) [1768386
1730471]
- [mm] mm, thp: fix collapsing of hugepages on madvise (Rafael Aquini)
[1768386 1730471]
- [mm] cgroup/kmemleak: add kmemleak_free() for cgroup deallocations
(Rafael Aquini) [1768386 1730471]
- [mm] OOM, PM: OOM killed task shouldn't escape PM suspend (Rafael
Aquini) [1768386 1730471]
- [mm] mm, compaction: pass gfp mask to compact_control (Rafael Aquini)
[1768386 1730471]
- [mm] mm: page_alloc: abort fair zone allocation policy when remotes
nodes are encountered (Rafael Aquini) [1768386 1730471]
- [mm] mm: vmscan: only update per-cpu thresholds for online CPU (Rafael
Aquini) [1768386 1730471]
- [mm] mm, thp: replace smp_mb after atomic_add by smp_mb__after_atomic
(Rafael Aquini) [1768386 1730471]
- [mm] mm, thp: move invariant bug check out of loop in
__split_huge_page_map (Rafael Aquini) [1768386 1730471]
- [mm] thp: consolidate assert checks in __split_huge_page() (Rafael
Aquini) [1768386 1730471]
- [mm] mm: fix sleeping function warning from __put_anon_vma (Rafael
Aquini) [1768386 1730471]
- [mm] mm: cleanup add_to_page_cache_locked() (Rafael Aquini) [1768386
1730471]
- [mm] mm: mempolicy: turn vma_set_policy() into vma_dup_policy()
(Rafael Aquini) [1768386 1730471]
- [powerpc] powerpc/pseries: correctly track irq state in default idle
(Steve Best) [1767620 1751970]
- [mm] mm: prevent get_user_pages() from overflowing page refcount
(Aristeu Rozanski) [1705004 1705005] {CVE-2019-11487}
- [mm] mm/hugetlb.c: __get_user_pages ignores certain
follow_hugetlb_page errors (Aristeu Rozanski) [1705004 1705005]
{CVE-2019-11487}

[3.10.0-1062.17.1.el7]
- [kvm] kvm: x86: always expose VIRT_SSBD to guests (Eduardo Habkost)
[1797511 1744281]
- [kvm] kvm: x86: fix reporting of AMD speculation bug CPUID leaf
(Eduardo Habkost) [1797511 1744281]

[3.10.0-1062.16.1.el7]
- [netdrv] ixgbevf: Use cached link state instead of re-reading the
value for ethtool (Ken Cox) [1796798 1794812]
- [kernel] sched: Fix schedule_tail() to disable preemption (Phil Auld)
[1796261 1771094]

[3.10.0-1062.15.1.el7]
- [tools] perf top: Fix global-buffer-overflow issue (Michael Petlan)
[1793581 1757325]
- [tools] perf top: Always sample time to satisfy needs of use of
ordered queuing (Michael Petlan) [1793581 1757325]

[3.10.0-1062.14.1.el7]
- [s390] jump_label: replace stop_machine with smp_call_function
(Hendrik Brueckner) [1787559 1720387]
- [s390] kernel: avoid cpu yield in SMT environment (Philipp Rudo)
[1787558 1777876]
- [x86] mm: serialize against gup_fast in pmdp_splitting_flush() (Vitaly
Kuznetsov) [1783177 1674266]

[3.10.0-1062.13.1.el7]
- [scsi] libiscsi: fall back to sendmsg for slab pages (Oleksandr
Natalenko) [1784826 1720506]

Fedora 30 Update: nethack-3.6.6-1.fc30

USN-4307-1: Apache HTTP Server update

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...