An Unbreakable Enterprise kernel security update has been released for Oracle Linux 8.

El-errata: ELSA-2020-5756 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2020-5756

  http://linux.oracle.com/errata/ELSA-2020-5756.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:

aarch64:
kernel-uek-5.4.17-2011.4.4.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2011.4.4.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2011.4.4.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2011.4.4.el8uek.aarch64.rpm
kernel-uek-headers-5.4.17-2011.4.4.el8uek.aarch64.rpm

SRPMS:
  http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2011.4.4.el8uek.src.rpm


Description of changes:

[5.4.17-2011.4.4.el8uek]
- KVM: VMX: Explicitly clear RFLAGS.CF and RFLAGS.ZF in VM-Exit RSB path
(Sean Christopherson) [Orabug: 31536904]

[5.4.17-2011.4.3.el8uek]
- NFS: replace cross device check in copy_file_range (Olga Kornievskaia)
[Orabug: 31507615] - rds: Fix potential use after free in
rds_ib_inc_free (Hans Westgaard Ry) [Orabug: 31504052] - perf/smmuv3:
Allow sharing MMIO registers with the SMMU driver (Jean-Philippe
Brucker) [Orabug: 31422283] - perf/smmuv3: use
devm_platform_ioremap_resource() to simplify code (YueHaibing) [Orabug:
31422283] - ACPI/IORT: Fix PMCG node single ID mapping handling (Tuan
Phan) [Orabug: 31422283] - uek-rpm: Increase CONFIG_NODES_SHIFT from 2
to 3 (Dave Kleikamp) [Orabug: 31422283] - perf: avoid breaking KABI by
reusing enum (Dave Kleikamp) [Orabug: 31422283] - uek-rpm: update
aarch64 configs for Ampere eMAG2 (Dave Kleikamp) [Orabug: 31422283] -
perf: arm_dmc620: Update ACPI ID. (Tuan Phan) [Orabug: 31422283] - perf:
arm_dsu: Support ACPI mode. (Tuan Phan) [Orabug: 31422283] - perf:
arm_dsu: Allow IRQ to be shared among devices. (Tuan Phan) [Orabug:
31422283] - perf: arm_cmn: improve and make it work on 2P. (Tuan Phan)
[Orabug: 31422283] - Perf: arm-cmn: Allow irq to be shared. (Tuan Phan)
[Orabug: 31422283] - BACKPORT: arm64: acpi: Make apei_claim_sea()
synchronise with APEI's irq work (James Morse) [Orabug: 31422283] -
BACKPORT: ACPI / APEI: Kick the memory_failure() queue for synchronous
errors (James Morse) [Orabug: 31422283] - BACKPORT: mm/memory-failure:
Add memory_failure_queue_kick() (James Morse) [Orabug: 31422283] - perf:
Add ARM DMC-620 PMU driver. (Tuan Phan) [Orabug: 31422283] - BACKPORT:
WIP: perf/arm-cmn: Add ACPI support (Robin Murphy) [Orabug: 31422283] -
BACKPORT: WIP: perf: Add Arm CMN-600 PMU driver (Robin Murphy) [Orabug:
31422283] - BACKPORT: perf: Add Arm CMN-600 DT binding (Robin Murphy)
[Orabug: 31422283] - net/rds: NULL pointer de-reference in
rds_ib_add_one() (Ka-Cheong Poon) [Orabug: 30984983] - mm: Fix mremap
not considering huge pmd devmap (Fan Yang) [Orabug: 31452396]
{CVE-2020-10757} {CVE-2020-10757}

[5.4.17-2011.4.2.el8uek]
- UEK6 compiler warning for /net/rds/ib.c (Sharath Srinivasan) [Orabug:
31489529] - UEK6 compiler warning for /net/rds/send.c (Sharath
Srinivasan) [Orabug: 31489529] - Fix up two build warnings in the UEK6
GA tree (Jack Vogel) [Orabug: 31489333] - drivers/scsi/scsi_scan.c Fix
the compiler warning. (Sudhakar Panneerselvam) [Orabug: 31489322] -
x86/retpoline: Fix retpoline unwind (Peter Zijlstra) [Orabug: 31077463]
[Orabug: 31489320] - x86: Change {JMP,CALL}_NOSPEC argument (Peter
Zijlstra) [Orabug: 31077463] [Orabug: 31489320] - x86: Simplify
retpoline declaration (Peter Zijlstra) [Orabug: 31077463] [Orabug:
31489320] - x86/speculation: Change STUFF_RSB to work with objtool
(Alexandre Chartre) [Orabug: 31077463] [Orabug: 31489320] -
x86/speculation: Change FILL_RETURN_BUFFER to work with objtool (Peter
Zijlstra) [Orabug: 31077463] [Orabug: 31489320] - x86/unwind: Introduce
UNWIND_HINT_EMPTY_ASM (Alexandre Chartre) [Orabug: 31077463] [Orabug:
31489320] - objtool: Add support for intra-function calls (Alexandre
Chartre) [Orabug: 31077463] [Orabug: 31489320] - objtool: Remove
INSN_STACK (Peter Zijlstra) [Orabug: 31077463] [Orabug: 31489320] -
objtool: Make handle_insn_ops() unconditional (Peter Zijlstra) [Orabug:
31077463] [Orabug: 31489320] - objtool: Rework allocating stack_ops on
decode (Peter Zijlstra) [Orabug: 31077463] [Orabug: 31489320] - objtool:
UNWIND_HINT_RET_OFFSET should not check registers (Alexandre Chartre)
[Orabug: 31077463] [Orabug: 31489320] - objtool: is_fentry_call()
crashes if call has no destination (Alexandre Chartre) [Orabug:
31077463] [Orabug: 31489320] - objtool: Uniquely identify alternative
instruction groups (Alexandre Chartre) [Orabug: 31077463] [Orabug:
31489320] - objtool: Remove check preventing branches within alternative
(Julien Thierry) [Orabug: 31077463] [Orabug: 31489320] - objtool:
Introduce HINT_RET_OFFSET (Peter Zijlstra) [Orabug: 31077463] [Orabug:
31489320] - objtool: Support multiple stack_op per instruction (Julien
Thierry) [Orabug: 31077463] [Orabug: 31489320]

[5.4.17-2011.4.1.el8uek]
- uek-rpm: disable CONFIG_IP_PNP (Anjali Kulkarni) [Orabug: 31454844] -
netfilter: ipset: Fix forceadd evaluation path (Jozsef Kadlecsik)
[Orabug: 31104176] - scsi: megaraid_sas: Update driver version to
07.714.04.00-rc1 (Chandrakanth Patil) [Orabug: 31481642] - scsi:
megaraid_sas: TM command refire leads to controller firmware crash
(Sumit Saxena) [Orabug: 31481642] - scsi: megaraid_sas: Replace
undefined MFI_BIG_ENDIAN macro with __BIG_ENDIAN_BITFIELD macro
(Shivasharan S) [Orabug: 31481642] - scsi: megaraid_sas: Remove IO
buffer hole detection logic (Sumit Saxena) [Orabug: 31481642] - scsi:
megaraid_sas: Limit device queue depth to controller queue depth
(Kashyap Desai) [Orabug: 31481642] - scsi: megaraid: make two symbols
static in megaraid_sas_base.c (Jason Yan) [Orabug: 31481642] - scsi:
megaraid: make some symbols static in megaraid_sas_fusion.c (Jason Yan)
[Orabug: 31481642] - scsi: megaraid_sas: Use scnprintf() for avoiding
potential buffer overflow (Takashi Iwai) [Orabug: 31481642] - scsi:
megaraid_sas: fix indentation issue (Colin Ian King) [Orabug: 31481642]
- scsi: megaraid_sas: fixup MSIx interrupt setup during resume (Hannes
Reinecke) [Orabug: 31481642] - scsi: megaraid_sas: Update driver version
to 07.713.01.00-rc1 (Anand Lodnoor) [Orabug: 31481642] - scsi:
megaraid_sas: Limit the number of retries for the IOCTLs causing
firmware fault (Anand Lodnoor) [Orabug: 31481642] - scsi: megaraid_sas:
Re-Define enum DCMD_RETURN_STATUS (Anand Lodnoor) [Orabug: 31481642] -
scsi: megaraid_sas: Do not set HBA Operational if FW is not in
operational state (Anand Lodnoor) [Orabug: 31481642] - scsi:
megaraid_sas: Do not kill HBA if JBOD Seqence map or RAID map is
disabled (Anand Lodnoor) [Orabug: 31481642] - scsi: megaraid_sas: Do not
kill host bus adapter, if adapter is already dead (Anand Lodnoor)
[Orabug: 31481642] - scsi: megaraid_sas: Update optimal queue depth for
SAS and NVMe devices (Anand Lodnoor) [Orabug: 31481642] - scsi:
megaraid_sas: Set no_write_same only for Virtual Disk (Anand Lodnoor)
[Orabug: 31481642] - scsi: megaraid_sas: Reset adapter if FW is not in
READY state after device resume (Anand Lodnoor) [Orabug: 31481642] -
scsi: megaraid_sas: Make poll_aen_lock static (YueHaibing) [Orabug:
31481642] - scsi: megaraid_sas: remove unused variables
'debugBlk','fusion' (zhengbin) [Orabug: 31481642] - scsi: megaraid_sas:
Unique names for MSI-X vectors (Chandrakanth Patil) [Orabug: 31481642] -
x86/speculation: Add Ivy Bridge to affected list (Josh Poimboeuf)
[Orabug: 31352779] {CVE-2020-0543}
- x86/speculation: Add SRBDS vulnerability and mitigation documentation
(Mark Gross) [Orabug: 31352779] {CVE-2020-0543}
- x86/speculation: Add Special Register Buffer Data Sampling (SRBDS)
mitigation (Mark Gross) [Orabug: 31352779] {CVE-2020-0543}
- x86/cpu: Add 'table' argument to cpu_matches() (Mark Gross) [Orabug:
31352779] {CVE-2020-0543}
- x86/cpu: Add a steppings field to struct x86_cpu_id (Mark Gross)
[Orabug: 31352779] {CVE-2020-0543}
- x86/speculation/spectre_v2: Exclude Zhaoxin CPUs from SPECTRE_V2 (Tony
W Wang-oc) [Orabug: 31352779] {CVE-2020-0543}
- netlabel: cope with NULL catmap (Paolo Abeni) [Orabug: 31350489]
{CVE-2020-10711}
- xfs: fix freeze hung (Junxiao Bi) [Orabug: 31430850]

[5.4.17-2011.4.0.el8uek]
- bnxt_en: Fix accumulation of bp->net_stats_prev. (Vijayendra Suman)
[Orabug: 31390687] - xfs: add agf freeblocks verify in xfs_agf_verify
(Zheng Bin) [Orabug: 31350920] {CVE-2020-12655}
- scsi: sg: add sg_remove_request in sg_write (Wu Bo) [Orabug: 31350695]
{CVE-2020-12770}
- PCI/AER: Enable reporting for ports enumerated after AER driver
registration (Thomas Tai) [Orabug: 31401801] - A/A Bonding: No need to
call flush rdmaip_wq in rdmaip_cleanup() (Ka-Cheong Poon) [Orabug:
31378706] - net/rds: suppress memory allocation failure reports
(Manjunath Patil) [Orabug: 31398437] - locks: reinstate
locks_delete_block optimization (Linus Torvalds) [Orabug: 31356246]
{CVE-2019-19769}
- locks: fix a potential use-after-free problem when wakeup a waiter
(yangerkun) [Orabug: 31356246] {CVE-2019-19769} {CVE-2019-19769}

[5.4.17-2011.3.2.el8uek]
- USB: core: Fix free-while-in-use bug in the USB S-Glibrary (Alan
Stern) [Orabug: 31350962] {CVE-2020-12464}
- mt76: fix array overflow on receiving too many fragments for a packet
(Felix Fietkau) [Orabug: 31350952] {CVE-2020-12465}
- mwifiex: Fix possible buffer overflows in
mwifiex_cmd_append_vsie_tlv() (Qing Xu) [Orabug: 31350929] {CVE-2020-12653}
- block, bfq: fix use-after-free in bfq_idle_slice_timer_body (Zhiqiang
Liu) [Orabug: 31350910] {CVE-2020-12657}
- xsk: Add missing check on user supplied headroom size (Magnus
Karlsson) [Orabug: 31350732] {CVE-2020-12659}
- mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status()
(Qing Xu) [Orabug: 31350513] {CVE-2020-12654}
- xen/manage: enable C_A_D to force reboot (Dongli Zhang) [Orabug:
31387411] - KVM: x86: Fixes posted interrupt check for IRQs delivery
modes (Suravee Suthikulpanit) [Orabug: 31316437] - Revert "Revert
"nvme_fc: add module to ops template to allow module references"" (James
Smart) [Orabug: 31377552] - uek-rpm: Move grub boot menu update to
posttrans stage. (Somasundaram Krishnasamy) [Orabug: 31358097] - KVM:
SVM: Fix potential memory leak in svm_cpu_init() (Miaohe Lin) [Orabug:
31350455] {CVE-2020-12768}

[5.4.17-2011.3.1.el8uek]
- intel_idle: Use ACPI _CST for processor models without C-state tables
(Rafael J. Wysocki) [Orabug: 31332120] - ACPI: processor: Export
acpi_processor_evaluate_cst() (Rafael J. Wysocki) [Orabug: 31332120] -
ACPI: processor: Clean up acpi_processor_evaluate_cst() (Rafael J.
Wysocki) [Orabug: 31332120] - ACPI: processor: Introduce
acpi_processor_evaluate_cst() (Rafael J. Wysocki) [Orabug: 31332120] -
ACPI: processor: Export function to claim _CST control (Rafael J.
Wysocki) [Orabug: 31332120] - rds: ib: Fix dysfunctional long address
resolve timeout (Håkon Bugge) [Orabug: 31302704] - KVM: x86: Revert
"KVM: X86: Fix fpu state crash in kvm guest" (Sean Christopherson)
[Orabug: 31333676] - KVM: x86: Ensure guest's FPU state is loaded when
accessing for emulation (Sean Christopherson) [Orabug: 31333676] - KVM:
x86: Handle TIF_NEED_FPU_LOAD in kvm_{load,put}_guest_fpu() (Sean
Christopherson) [Orabug: 31333676] - net: dsa: Do not leave DSA master
with NULL netdev_ops (Florian Fainelli) [Orabug: 30456791] - Revert
"dsa: disable module unloading for ARM64" (Allen Pais) [Orabug: 30456791]

[5.4.17-2011.3.0.el8uek]
- NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals
(Robert Milkowski) [Orabug: 31304406] - NFSv4: try lease recovery on
NFS4ERR_EXPIRED (Robert Milkowski) [Orabug: 31304406] - btrfs: Don't
submit any btree write bio if the fs has errors (Qu Wenruo) [Orabug:
31265336] {CVE-2019-19377} {CVE-2019-19377}