A kernel security and bug fix update has been released for Oracle Linux 8.

El-errata: ELSA-2020-2102 Important: Oracle Linux 8 kernel security and bug fix update

Oracle Linux Security Advisory ELSA-2020-2102

  http://linux.oracle.com/errata/ELSA-2020-2102.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
bpftool-4.18.0-193.1.2.el8_2.x86_64.rpm
kernel-4.18.0-193.1.2.el8_2.x86_64.rpm
kernel-abi-whitelists-4.18.0-193.1.2.el8_2.noarch.rpm
kernel-core-4.18.0-193.1.2.el8_2.x86_64.rpm
kernel-cross-headers-4.18.0-193.1.2.el8_2.x86_64.rpm
kernel-debug-4.18.0-193.1.2.el8_2.x86_64.rpm
kernel-debug-core-4.18.0-193.1.2.el8_2.x86_64.rpm
kernel-debug-devel-4.18.0-193.1.2.el8_2.x86_64.rpm
kernel-debug-modules-4.18.0-193.1.2.el8_2.x86_64.rpm
kernel-debug-modules-extra-4.18.0-193.1.2.el8_2.x86_64.rpm
kernel-devel-4.18.0-193.1.2.el8_2.x86_64.rpm
kernel-doc-4.18.0-193.1.2.el8_2.noarch.rpm
kernel-headers-4.18.0-193.1.2.el8_2.x86_64.rpm
kernel-modules-4.18.0-193.1.2.el8_2.x86_64.rpm
kernel-modules-extra-4.18.0-193.1.2.el8_2.x86_64.rpm
kernel-tools-4.18.0-193.1.2.el8_2.x86_64.rpm
kernel-tools-libs-4.18.0-193.1.2.el8_2.x86_64.rpm
perf-4.18.0-193.1.2.el8_2.x86_64.rpm
python3-perf-4.18.0-193.1.2.el8_2.x86_64.rpm
kernel-tools-libs-devel-4.18.0-193.1.2.el8_2.x86_64.rpm

aarch64:
bpftool-4.18.0-193.1.2.el8_2.aarch64.rpm
kernel-cross-headers-4.18.0-193.1.2.el8_2.aarch64.rpm
kernel-headers-4.18.0-193.1.2.el8_2.aarch64.rpm
kernel-tools-4.18.0-193.1.2.el8_2.aarch64.rpm
kernel-tools-libs-4.18.0-193.1.2.el8_2.aarch64.rpm
perf-4.18.0-193.1.2.el8_2.aarch64.rpm
python3-perf-4.18.0-193.1.2.el8_2.aarch64.rpm

SRPMS:
  http://oss.oracle.com/ol8/SRPMS-updates/kernel-4.18.0-193.1.2.el8_2.src.rpm


Description of changes:

[4.18.0-193.1.2.el8_2.OL8]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted
keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]

[4.18.0-193.1.2.el8_2]
- [net] netlabel: cope with NULL catmap (Paolo Abeni) [1827249 1827251]
{CVE-2020-10711}
- [mm] s390/mm: fix page table upgrade vs 2ndary address mode accesses
(Vladis Dronov) [1828153 1828154] {CVE-2020-11884}

[4.18.0-193.1.1.el8_2]
- [x86] kvm: x86: clear stale x86_emulate_ctxt->intercept value (Jon
Maloy) [1824398 1806817] {CVE-2020-2732}
- [x86] kvm: vmx: check descriptor table exits on instruction emulation
(Jon Maloy) [1824398 1806817] {CVE-2020-2732}
- [x86] kvm: nvmx: Check IO instruction VM-exit conditions (Jon Maloy)
[1824398 1806817] {CVE-2020-2732}
- [x86] kvm: nvmx: Refactor IO bitmap checks into helper function (Jon
Maloy) [1824398 1806817] {CVE-2020-2732}
- [x86] kvm: nvmx: Don't emulate instructions in guest mode (Jon Maloy)
[1824398 1806817] {CVE-2020-2732}
- [sound] ALSA: usb-audio: set the interface format after resume on Dell
WD19 (Perry Yuan) [1821376 1807965]
- [kernel] sched: Avoid scale real weight down to zero (Phil Auld)
[1819909 1808562]
- [netdrv] hv_netvsc: Fix unwanted rx_table reset (Mohammed Gamal)
[1817945 1805950]
- [netdrv] hv_netvsc: Fix tx_table init in rndis_set_subchannel()
(Mohammed Gamal) [1817945 1805950]
- [netdrv] hv_netvsc: Fix send_table offset in case of a host bug
(Mohammed Gamal) [1817945 1805950]
- [netdrv] hv_netvsc: Fix offset usage in netvsc_send_table() (Mohammed
Gamal) [1817945 1805950]