Lucene search

K
oraclelinuxOracleLinuxELSA-2020-5649
HistoryApr 13, 2020 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2020-04-1300:00:00
linux.oracle.com
95

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:P/A:C

[4.14.35-1902.301.1]

  • vhost: Check docket sk_family instead of call getname (Eugenio Perez) [Orabug: 31085991] {CVE-2020-10942}
  • uek-rpm: config-mips64-embedded misc pruning (Eric Saint-Etienne) [Orabug: 31079017]
  • ubifs: Check for name being NULL while mounting (Richard Weinberger) [Orabug: 29410897]
  • team: avoid complex list operations in team_nl_cmd_options_set() (Cong Wang) [Orabug: 30886420]
  • Revert ‘oled: give panic handler chance to run before kexec’ (Wengang Wang) [Orabug: 31098796]
  • Revert ‘oled: Limit panic routine change x86 only’ (Wengang Wang) [Orabug: 31098796]
  • net/mlx5: Add pci AtomicOps request (Michael Guralnik) [Orabug: 30750027]
  • PCI: Add pci_enable_atomic_ops_to_root() (Jay Cornwall) [Orabug: 30750027]
  • locking/rwsem: Prevent decrement of reader count before increment (Waiman Long) [Orabug: 31087349]
  • net: core: another layer of lists, around PF_MEMALLOC skb handling (Sasha Levin) [Orabug: 31087349]
  • locking/rwsem: Fix (possible) missed wakeup (Xie Yongji) [Orabug: 31087349]
  • swiotlb: clean up reporting (Kees Cook) [Orabug: 31085014] {CVE-2018-5953}
  • nfs: optimise readdir cache page invalidation (Dai Ngo) [Orabug: 31015775]
  • NFS: Directory page cache pages need to be locked when read (Trond Myklebust) [Orabug: 31015775]
  • ppp: remove the PPPIOCDETACH ioctl (Eric Biggers) [Orabug: 31061772]
  • batman-adv: Avoid WARN on net_device without parent in netns (Sven Eckelmann) [Orabug: 30857690]
  • net: qlogic: Fix memory leak in ql_alloc_large_buffers (Navid Emamdoost) [Orabug: 31055325] {CVE-2019-18806}
  • net_sched: fix datalen for ematch (Cong Wang) [Orabug: 30877993]
  • net/xfrm: fix out-of-bounds packet access (Alexei Starovoitov) [Orabug: 30885434]
  • RDMA/nldev: Provide MR statistics (Erez Alfasi) [Orabug: 30729404]
  • RDMA/mlx5: Return ODP type per MR (Erez Alfasi) [Orabug: 30729404]
  • RDMA/nldev: Allow different fill function per resource (Erez Alfasi) [Orabug: 30729404]
  • IB/mlx5: Introduce ODP diagnostic counters (Erez Alfasi) [Orabug: 30729404]
  • RDMA/mlx5: Use odp instead of mr->umem in pagefault_mr (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA/mlx5: Use ib_umem_start instead of umem.address (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA/odp: Use kvcalloc for the dma_list and page_list (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA/odp: Check for overflow when computing the umem_odp end (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA/odp: Provide ib_umem_odp_release() to undo the allocs (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA/odp: Split creating a umem_odp from ib_umem_get (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA/odp: Make the three ways to create a umem_odp clear (Jason Gunthorpe) [Orabug: 30729404]
  • RMDA/odp: Consolidate umem_odp initialization (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA/odp: Make it clearer when a umem is an implicit ODP umem (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA/odp: Iterate over the whole rbtree directly (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA/odp: Use the common interval tree library instead of generic (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA/mlx5: Fix MR npages calculation for IB_ACCESS_HUGETLB (Jason Gunthorpe) [Orabug: 30729404]
  • IB/mlx5: Fix implicit MR release flow (Yishai Hadas) [Orabug: 30729404]
  • RDMA/netlink: Implement counter dumpit calback (Mark Zhang) [Orabug: 30729404]
  • RDMA/nldev: Allow counter auto mode configration through RDMA netlink (Mark Zhang) [Orabug: 30729404]
  • RDMA/odp: Fix missed unlock in non-blocking invalidate_start (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA: Report available cdevs through RDMA_NLDEV_CMD_GET_CHARDEV (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA: Add NLDEV_GET_CHARDEV to allow char dev discovery and autoload (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA: Convert put_page() to put_user_page*() (John Hubbard) [Orabug: 30729404]
  • RDMA/umem: Move page_shift from ib_umem to ib_odp_umem (Jason Gunthorpe) [Orabug: 30729404]
  • mm: introduce put_user_page*(), placeholder versions (John Hubbard) [Orabug: 30729404]
  • RDMA/umem: Remove hugetlb flag (Shiraz Saleem) [Orabug: 30729404]
  • RDMA/bnxt_re: Use core helpers to get aligned DMA address (Shiraz Saleem) [Orabug: 30729404]
  • RDMA/i40iw: Use core helpers to get aligned DMA address within a supported page size (Shiraz Saleem) [Orabug: 30729404]
  • RDMA/verbs: Add a DMA iterator to return aligned contiguous memory blocks (Shiraz Saleem) [Orabug: 30729404]
  • RDMA/umem: Add API to find best driver supported page size in an MR (Shiraz Saleem) [Orabug: 30729404]
  • RDMA/umem: Handle page combining avoidance correctly in ib_umem_add_sg_table() (Shiraz Saleem) [Orabug: 30729404]
  • RDMA/core: Add a netlink command to change net namespace of rdma device (Parav Pandit) [Orabug: 30729404]
  • RDMA/umem: Use correct value for SG entries in sg_copy_to_buffer() (Shiraz Saleem) [Orabug: 30729404]
  • RDMA/nldev: Return device protocol (Leon Romanovsky) [Orabug: 30729404]
  • RDMA/umem: Combine contiguous PAGE_SIZE regions in SGEs (Shiraz Saleem) [Orabug: 30729404]
  • RDMA/core: Add interface to read device namespace sharing mode (Parav Pandit) [Orabug: 30729404]
  • IB/mlx5: Reset access mask when looping inside page fault handler (Moni Shoua) [Orabug: 30729404]
  • IB/core: Ensure an invalidate_range callback on ODP MR (Ira Weiny) [Orabug: 30729404]
  • RDMA/umem: Revert broken ‘off by one’ fix (John Hubbard) [Orabug: 30729404]
  • RDMA/umem: minor bug fix in error handling path (John Hubbard) [Orabug: 30729404]
  • RDMA/nldev: Provide parent IDs for PD, MR and QP objects (Leon Romanovsky) [Orabug: 30729404]
  • RDMA/nldev: Share with user-space object IDs (Leon Romanovsky) [Orabug: 30729404]
  • IB/uverbs: Add ib_ucontext to uverbs_attr_bundle sent from ioctl and cmd flows (Shamir Rabinovitch) [Orabug: 30729404]
  • RDMA/rdmavt: Adapt to handle non-uniform sizes on umem SGEs (Shiraz, Saleem) [Orabug: 30729404]
  • RDMA/rxe: Use for_each_sg_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404]
  • RDMA/ocrdma: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404]
  • RDMA/qedr: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404]
  • RDMA/cxgb3: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404]
  • RDMA/cxgb4: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404]
  • RDMA/i40iw: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404]
  • RDMA/mthca: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404]
  • RDMA/bnxt_re: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem) [Orabug: 30729404]
  • lib/scatterlist: Provide a DMA page iterator (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA/nldev: Dynamically generate restrack dumpit callbacks (Leon Romanovsky) [Orabug: 30729404]
  • IB/{core,hw}: Have ib_umem_get extract the ib_ucontext from ib_udata (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA/uverbs: Use uverbs_attr_bundle to pass udata for ioctl() (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA/uverbs: Use uverbs_attr_bundle to pass udata for write_ex (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA/uverbs: Replace ib_uverbs_file with uverbs_attr_bundle for write (Jason Gunthorpe) [Orabug: 30729404]
  • RDMA/core: Refactor ib_register_device() function (Parav Pandit) [Orabug: 30729404]
  • RDMA/core: Fix unwinding flow in case of error to register device (Parav Pandit) [Orabug: 30729404]
  • RDMA/nldev: Allow IB device rename through RDMA netlink (Leon Romanovsky) [Orabug: 30729404]
  • RDMA: Fully setup the device name in ib_register_device (Jason Gunthorpe) [Orabug: 30729404]
  • mm: Introduce kvcalloc() (Kees Cook) [Orabug: 30729404]
  • RDMA/uapi: Fix uapi breakage (Doug Ledford) [Orabug: 30729404]
  • RDMA/nldev: helper functions to add driver attributes (Steve Wise) [Orabug: 30729404]
  • RDMA/nldev: add driver-specific resource tracking (Steve Wise) [Orabug: 30729404]
  • RDMA/nldev: Add explicit pad attribute (Steve Wise) [Orabug: 30729404]
  • RDMA/bnxt_re: Add support for MRs with Huge pages (Somnath Kotur) [Orabug: 30729404]
  • IB/{rdmavt, hfi1, qib}: Self determine driver name (Michael J. Ruhl) [Orabug: 30729404]
  • RDMA/vmw_pvrdma: Do not re-calculate npages (Yuval Shaia) [Orabug: 30729404]
  • iw_cxgb4: allocate wait object for each memory object (Steve Wise) [Orabug: 30729404]
  • IB/uverbs: clean up INIT_UDATA() macro usage (Arnd Bergmann) [Orabug: 30729404]
  • x86/init: Fix kasan gcc8+ type miss match error. (John Donnelly) [Orabug: 31076337]
    [4.14.35-1902.301.0]
  • kernel: cpu.c: fix return in void function cpu_smt_disable (Mihai Carabas) [Orabug: 31049316]
  • media: usb: fix memory leak in af9005_identify_state (Navid Emamdoost) [Orabug: 31029908] {CVE-2019-18809}
  • nvme: fix possible deadlock when nvme_update_formats fails (Sagi Grimberg) [Orabug: 31002557]
  • alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP (Thadeu Lima de Souza Cascardo) [Orabug: 30995760]
  • uek-rpm: Make sure perf builds against libnuma and add run-time dependency (Dave Kleikamp) [Orabug: 30896468]
  • perf/x86/intel: Add Icelake support (Thomas Tai) [Orabug: 30872256]
  • x86/CPU: Add Icelake model number (Rajneesh Bhardwaj) [Orabug: 30872256]
  • perf/x86/intel/ds: Handle PEBS overflow for fixed counters (Kan Liang) [Orabug: 30872256]
  • perf/x86/intel: Introduce PMU flag for Extended PEBS (Kan Liang) [Orabug: 30872256]
  • tty: Don’t hold ldisc lock in tty_reopen() if ldisc present (Dmitry Safonov) [Orabug: 30591419]
  • tty: Simplify tty->count math in tty_reopen() (Dmitry Safonov) [Orabug: 30591419]
  • tty: Hold tty_ldisc_lock() during tty_reopen() (Dmitry Safonov) [Orabug: 30591419]
  • tty/ldsem: Wake up readers after timed out down_write() (Dmitry Safonov) [Orabug: 30591419]
  • tty: Drop tty->count on tty_reopen() failure (Dmitry Safonov) [Orabug: 30591419]
  • rds: transport module should be auto loaded when transport is set (Rao Shoaib) [Orabug: 30328633]
  • net: erspan: fix use-after-free (William Tu) [Orabug: 29784424]
  • batman-adv: Force mac header to start of data on xmit (Sven Eckelmann) [Orabug: 29784399]
  • sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero (Cong Wang) [Orabug: 30886600]
  • ptr_ring: wrap back ->producer in __ptr_ring_swap_queue() (Cong Wang) [Orabug: 30884437]
  • add extra symbols from UEK5R3 to the kABI whitelist (Dan Duval) [Orabug: 30295161]
  • iommu: Force iommu shutdown on panic (John Donnelly) [Orabug: 31043947]
  • iommu/amd: Only free resources once on init error (Kevin Mitchell) [Orabug: 31043947]
  • iommu/amd: Move gart fallback to amd_iommu_init (Kevin Mitchell) [Orabug: 31043947]
  • iommu/amd: Make iommu_disable safer (Kevin Mitchell) [Orabug: 31043947]
  • iommu/vt-d: Turn off translations at shutdown (Deepa Dinamani) [Orabug: 31043947]

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.4 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:P/A:C