Lucene search

K
oraclelinuxOracleLinuxELSA-2020-2102
HistoryMay 13, 2020 - 12:00 a.m.

kernel security and bug fix update

2020-05-1300:00:00
linux.oracle.com
36

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

[4.18.0-193.1.2_2.OL8]

  • Oracle Linux certificates (Alexey Petrenko)
  • Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
  • Update x509.genkey [Orabug: 24817676]
    [4.18.0-193.1.2_2]
  • [net] netlabel: cope with NULL catmap (Paolo Abeni) [1827249 1827251] {CVE-2020-10711}
  • [mm] s390/mm: fix page table upgrade vs 2ndary address mode accesses (Vladis Dronov) [1828153 1828154] {CVE-2020-11884}
    [4.18.0-193.1.1_2]
  • [x86] kvm: x86: clear stale x86_emulate_ctxt->intercept value (Jon Maloy) [1824398 1806817] {CVE-2020-2732}
  • [x86] kvm: vmx: check descriptor table exits on instruction emulation (Jon Maloy) [1824398 1806817] {CVE-2020-2732}
  • [x86] kvm: nvmx: Check IO instruction VM-exit conditions (Jon Maloy) [1824398 1806817] {CVE-2020-2732}
  • [x86] kvm: nvmx: Refactor IO bitmap checks into helper function (Jon Maloy) [1824398 1806817] {CVE-2020-2732}
  • [x86] kvm: nvmx: Don’t emulate instructions in guest mode (Jon Maloy) [1824398 1806817] {CVE-2020-2732}
  • [sound] ALSA: usb-audio: set the interface format after resume on Dell WD19 (Perry Yuan) [1821376 1807965]
  • [kernel] sched: Avoid scale real weight down to zero (Phil Auld) [1819909 1808562]
  • [netdrv] hv_netvsc: Fix unwanted rx_table reset (Mohammed Gamal) [1817945 1805950]
  • [netdrv] hv_netvsc: Fix tx_table init in rndis_set_subchannel() (Mohammed Gamal) [1817945 1805950]
  • [netdrv] hv_netvsc: Fix send_table offset in case of a host bug (Mohammed Gamal) [1817945 1805950]
  • [netdrv] hv_netvsc: Fix offset usage in netvsc_send_table() (Mohammed Gamal) [1817945 1805950]

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C