Oracle alert ELSA-2021-9084 (kernel)
| From: | Errata Announcements for Oracle Linux <el-errata@oss.oracle.com> | |
| To: | el-errata@oss.oracle.com | |
| Subject: | [El-errata] ELSA-2021-9084 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update (aarch64) | |
| Date: | Tue, 09 Mar 2021 07:45:49 -0800 | |
| Message-ID: | <b3ced1b8-ac11-1119-6646-d279ae4f995f@oracle.com> |
Oracle Linux Security Advisory ELSA-2021-9084 http://linux.oracle.com/errata/ELSA-2021-9084.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: kernel-uek-4.14.35-2047.501.0.el7uek.aarch64.rpm kernel-uek-debug-4.14.35-2047.501.0.el7uek.aarch64.rpm kernel-uek-debug-devel-4.14.35-2047.501.0.el7uek.aarch64.rpm kernel-uek-devel-4.14.35-2047.501.0.el7uek.aarch64.rpm kernel-uek-tools-4.14.35-2047.501.0.el7uek.aarch64.rpm kernel-uek-tools-libs-4.14.35-2047.501.0.el7uek.aarch64.rpm kernel-uek-tools-libs-devel-4.14.35-2047.501.0.el7uek.aarch64.rpm perf-4.14.35-2047.501.0.el7uek.aarch64.rpm python-perf-4.14.35-2047.501.0.el7uek.aarch64.rpm kernel-uek-headers-4.14.35-2047.501.0.el7uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.14.3... Description of changes: [4.14.35-2047.501.0.el7uek] - block/diskstats: accumulate all per-cpu counters in one pass (Konstantin Khlebnikov) [Orabug: 32531559] - uek-rpm: config-aarch-embedded2 update for Jan 2021 Elba patches (Dave Kleikamp) [Orabug: 32532588] - dts/pensando: Fix compatile -> compatible typeo. (David Clear) [Orabug: 32532588] - Interrupt domain controllers for Elba ASIC. (David Clear) [Orabug: 32532588] - elba_defconfig: CONFIG_PTP_1588_CLOCK=y (David Clear) [Orabug: 32532588] - soc/pensando: pcie driver (David Clear) [Orabug: 32532588] - pcie: control access to pcie clock domain registers (David Clear) [Orabug: 32532588] - mmc: sdhci-cadence-elba ADMA and HS200 tuning support (David Clear) [Orabug: 32532588] - enable rcu callback offloading & adaptive tick mode to reduce jitter (David Clear) [Orabug: 32532588] - uek-rpm: Enable perf trace support for OL7 kernel builds. (Mridula Shastry) [Orabug: 32528194] - uek-rpm: update config-aarch-embedded2 for Elba (Dave Kleikamp) [Orabug: 32361844] - elba: u-boot environment partitions in the device-tree (David Clear) [Orabug: 32361844] - i2c: Add Elba Ortano Lattice RD1173 I2C controller driver. (David Clear) [Orabug: 32361844] - elba: one more mnet for elba.dtsi (David Clear) [Orabug: 32361844] - elba: Add IPv6 support to elba_defconfig (David Clear) [Orabug: 32361844] - mmc: sdhci-cadence-elba sdhci driver cleanup (David Clear) [Orabug: 32361844] - spi-dw: custom chip-select handler for elba (David Clear) [Orabug: 32361844] - arch/arm64: Pensando elba dts and config files (David Clear) [Orabug: 32361844] - drivers/soc/pensando: crash dump driver. (David Clear) [Orabug: 32361844] - drivers/pensando/soc: Boot State Machine (BSM) integration. (David Clear) [Orabug: 32361844] - drivers/soc/pensando: /dev/capmem driver. (David Clear) [Orabug: 32361844] - drivers/mmc/host: Pensando Elba support in the Cadence EMMC host controller (David Clear) [Orabug: 32361844] - drivers/gpio: support the Elba SPI chip-selects. (David Clear) [Orabug: 32361844] - arch/arm64: Pensando Elba SoC declaration. (David Clear) [Orabug: 32361844] - mmc: sdhci-cadence: fix PHY write (Vladimir Kondratiev) [Orabug: 32361844] - mmc: sdhci-cadence: set SDHCI_QUIRK2_PRESET_VALUE_BROKEN for UniPhier (Masahiro Yamada) [Orabug: 32361844] - mmc: sdhci-cadence: remove unneeded 'inline' marker (Masahiro Yamada) [Orabug: 32361844] - mmc: sdhci-cadence: use struct_size() helper (Gustavo A. R. Silva) [Orabug: 32361844] - mmc: sdhci-cadence: fix logically and structurally dead code (Gustavo A. R. Silva) [Orabug: 32361844] - mmc: sdhci-cadence: send tune request twice to work around errata (Masahiro Yamada) [Orabug: 32361844] - mmc: sdhci-cadence: use bitfield access macros for cleanup (Masahiro Yamada) [Orabug: 32361844] - Revert "Support the reset pulse width from the device-tree." (Dave Kleikamp) [Orabug: 32361844] - Revert "Initial Pensando Capri SoC declaration" (Dave Kleikamp) [Orabug: 32361844] - Revert "Add Capri EMMC phy and instantiate the driver in the dts" (Dave Kleikamp) [Orabug: 32361844] - Revert "Capri SPI driver" (Dave Kleikamp) [Orabug: 32361844] - Revert "Interrupt domain controllers for Capri ASIC." (Dave Kleikamp) [Orabug: 32361844] - Revert "Add uio support for Capri PCIE and Link interrupts" (Dave Kleikamp) [Orabug: 32361844] - Revert "Pensando/Capri PCIE panic handler." (Dave Kleikamp) [Orabug: 32361844] - Revert "Pensando crash dump driver" (Dave Kleikamp) [Orabug: 32361844] - Revert "Pensando Boot State Machine (BSM) integration." (Dave Kleikamp) [Orabug: 32361844] - Revert "Add mnic nodes to the Pensando devicetree" (Dave Kleikamp) [Orabug: 32361844] - Revert "mtd/spi-nor/cadence-quadspi.c: Speed up reads." (Dave Kleikamp) [Orabug: 32361844] - Revert "Add /proc/xmaps" (Dave Kleikamp) [Orabug: 32361844] - Revert "Add Pensando Capri board .dts files and default configs" (Dave Kleikamp) [Orabug: 32361844] - Revert "Provide for precise control of pgprot for Pensando" (Dave Kleikamp) [Orabug: 32361844] - Revert "Kconfig option to disable outer-cache-allocate for Pensando" (Dave Kleikamp) [Orabug: 32361844] - Revert "Add /dev/capmem driver for Pensando" (Dave Kleikamp) [Orabug: 32361844] - Revert "Make low-speed APB bus accesses single threaded" (Dave Kleikamp) [Orabug: 32361844] - sched/topology: Assert non-NUMA topology masks don't (partially) overlap (Valentin Schneider) [Orabug: 32485794] - x86/msr: Add a pointer to an URL which contains further details (Borislav Petkov) [Orabug: 32409137] - x86/msr: Downgrade unrecognized MSR message (Borislav Petkov) [Orabug: 32409137] - x86/msr: Do not allow writes to MSR_IA32_ENERGY_PERF_BIAS (Borislav Petkov) [Orabug: 32409137] - x86/msr: Prevent userspace MSR access from dominating the console (Chris Down) [Orabug: 32409137] - x86/msr: Filter MSR writes (Borislav Petkov) [Orabug: 32409137] - tools/power/x86_energy_perf_policy: Read energy_perf_bias from sysfs (Borislav Petkov) [Orabug: 32409137] - tools/power/turbostat: Read energy_perf_bias from sysfs (Borislav Petkov) [Orabug: 32409137] - tools/power/cpupower: Read energy_perf_bias from sysfs (Borislav Petkov) [Orabug: 32409137] - uek-rpm: Enable Oracle Pilot BMC module (Eric Snowberg) [Orabug: 32422664] - hwmon: Add a new Oracle Pilot BMC driver (Eric Snowberg) [Orabug: 32422664] - ovl: verify permissions in ovl_path_open() (Miklos Szeredi) [Orabug: 32435220] {CVE-2020-16120} - ovl: switch to mounter creds in readdir (Miklos Szeredi) [Orabug: 32435220] {CVE-2020-16120} - ovl: pass correct flags for opening real directory (Miklos Szeredi) [Orabug: 32435220] - l2tp: fix race in pppol2tp_release with session object destroy (James Chapman) [Orabug: 32435324] - l2tp: fix races with tunnel socket close (James Chapman) [Orabug: 32435324] - l2tp: don't use inet_shutdown on ppp session destroy (James Chapman) [Orabug: 32435324] - l2tp: don't use inet_shutdown on tunnel destroy (James Chapman) [Orabug: 32435324] - l2tp: exit_net cleanup check added (Vasily Averin) [Orabug: 32435324] - l2tp: remove the .tunnel_sock field from struct pppol2tp_session (Guillaume Nault) [Orabug: 32435324] - l2tp: avoid using ->tunnel_sock for getting session's parent tunnel (Guillaume Nault) [Orabug: 32435324] - l2tp: remove .tunnel_sock from struct l2tp_eth (Guillaume Nault) [Orabug: 32435324] - l2tp: don't close sessions in l2tp_tunnel_destruct() (Guillaume Nault) [Orabug: 32435324] - l2tp: remove field 'dev' from struct l2tp_eth (Guillaume Nault) [Orabug: 32435324] - l2tp: remove l2tp_tunnel_count and l2tp_session_count (Guillaume Nault) [Orabug: 32435324] - l2tp: remove ->ref() and ->deref() (Guillaume Nault) [Orabug: 32435324] - net: l2tp: mark expected switch fall-through (Gustavo A. R. Silva) [Orabug: 32435324] - l2tp: initialise PPP sessions before registering them (Guillaume Nault) [Orabug: 32435324] - rds: CONFIG_RDS_DEBUG + tracepoints breaks rds build (Alan Maguire) [Orabug: 32442506] - futex: Handle faults correctly for PI futexes (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Simplify fixup_pi_state_owner() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Use pi_state_update_owner() in put_pi_state() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - rtmutex: Remove unused argument from rt_mutex_proxy_unlock() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Provide and use pi_state_update_owner() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Replace pointless printk in fixup_owner() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Ensure the correct return value from futex_lock_pi() (Thomas Gleixner) [Orabug: 32447189] {CVE-2021-3347} - futex: Don't enable IRQs unconditionally in put_pi_state() (Dan Carpenter) [Orabug: 32447189] {CVE-2021-3347} - nbd: freeze the queue while we're adding connections (Josef Bacik) [Orabug: 32447287] {CVE-2021-3348} - rds: avoid crash on IB conn path shutdown prepare (Alan Maguire) [Orabug: 32457375] - net/rds: WARNING in rds_conn_drop (Ka-Cheong Poon) [Orabug: 32481707] - rds: tracepoints incorrectly reporting valid rds ping as drop (Alan Maguire) [Orabug: 32490010] - rds: tracepoint-related KASAN: use-after-free Read in rds_send_xmit (Alan Maguire) [Orabug: 32490032] - selinux: allow reading labels before policy is loaded (Jonathan Lebon) [Orabug: 32492279] - selinux: allow labeling before policy is loaded (Jonathan Lebon) [Orabug: 32492279] _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata