Lucene search

K
oraclelinuxOracleLinuxELSA-2020-5766
HistoryJul 22, 2020 - 12:00 a.m.

Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes olcne security update

2020-07-2200:00:00
linux.oracle.com
24

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

kernel-uek-container
[4.14.35-1902.303.5.3.el7]

  • rds: Deregister all FRWR mr with free_mr (Hans Westgaard Ry) [Orabug: 31476202]
  • Revert ‘rds: Do not cancel RDMAs that have been posted to the HCA’ (Gerd Rausch) [Orabug: 31475329]
  • Revert ‘rds: Introduce rds_conn_to_path helper’ (Gerd Rausch) [Orabug: 31475329]
  • Revert ‘rds: Three cancel fixes’ (Gerd Rausch) [Orabug: 31475318]
    [4.14.35-1902.303.5.2.el7]
  • rds: Three cancel fixes (Hakon Bugge) [Orabug: 31463014]
    [4.14.35-1902.303.5.1.el7]
  • x86/speculation: Add SRBDS vulnerability and mitigation documentation (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}
  • x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}
  • x86/cpu: Add ‘table’ argument to cpu_matches() (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}
  • x86/cpu: Add a steppings field to struct x86_cpu_id (Mark Gross) [Orabug: 31446720] {CVE-2020-0543}
    [4.14.35-1902.303.5.el7]
  • net/mlx5: Decrease default mr cache size (Artemy Kovalyov) [Orabug: 31446379]
    [4.14.35-1902.303.4.el7]
  • net/rds: suppress memory allocation failure reports (Manjunath Patil) [Orabug: 31422157]
  • rds: Do not cancel RDMAs that have been posted to the HCA (Hakon Bugge) [Orabug: 31422151]
  • rds: Introduce rds_conn_to_path helper (Hakon Bugge) [Orabug: 31422151]
  • xen/manage: enable C_A_D to force reboot (Dongli Zhang) [Orabug: 31422147]
    kata-image
    [1.7.3-1.0.5.1]
  • Address Kata CVE 2023
    kata-runtime
    [1.7.3-1.0.5]
  • Address Kata CVE-2020-2023
  • Address Kata CVE-2020-2024
  • Address Kata CVE-2020-2025
  • Address Kata CVE-2020-2026
    kata
    [1.7.3-1.0.7]
  • Address CVE-2020-2023
  • Address CVE-2020-2024
  • Address CVE-2020-2025
  • Address CVE-2020-2026
    kubernetes
    [1.14.9-1.0.6]
  • CVE-2020-8559: Privilege escalation from compromised node to cluster
  • CVE-2020-8557: Node disk DOS by writing to container /etc/hosts
    [1.14.9-1.0.5]
  • Update dependency on Kata containers to a build that includes fixes for CVE-2020-2023 thru CVE-2020-2026
    olcne
    [1.0.5-3]
  • update registry image mirroring script
    [1.0.5-2]
  • CVE-2020-8559: Privilege escalation from compromised node to cluster
  • CVE-2020-8557: Node disk DOS by writing to container /etc/hosts
  • Update bootstrap scripts
    [1.0.5-1]
  • Update Kata Containers to address CVEs 2020-2023 thru 2020-2026

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P