[ol7_UEKR4_archive] kernel-uek-debug-4.1.12-124.45.2.el7uek.x86_64

The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system:  memory allocation, process allocation, device
input and output, etc.

This variant of the kernel has numerous debugging options enabled.
It should only be installed when trying to gather additional information
on kernel bugs, as some of these options impact performance noticably.

Changelog (Show File list) (Show related packages)

• Tue Nov 10 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.45.2.el7uek]

  - powercap: restrict energy meter to root access (Kanth Ghatraju)  [Orabug: 32137965]  {CVE-2020-8694} {CVE-2020-8695}

• Tue Nov 03 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.45.1.el7uek]

  - Revert "x86/efi: Initialize and display UEFI secure boot state a bit later during init" (Eric Snowberg)  [Orabug: 31887248]  
  - xfs: fix xfs_inode use after free (Wengang Wang)  [Orabug: 31932452]  
  - SUNRPC: ECONNREFUSED should cause a rebind. (NeilBrown)  [Orabug: 32070175]  
  - netfilter: nfnetlink: correctly validate length of batch messages (Phil Turnbull)  [Orabug: 30658635]  {CVE-2016-7917} 
  - xc2028: Fix use-after-free bug properly (Takashi Iwai)  [Orabug: 30658659]  {CVE-2016-7913} 
  - [media] xc2028: avoid use after free (Mauro Carvalho Chehab)  [Orabug: 30658659]  {CVE-2016-7913} 
  - uek-rpm: Create initramfs at postinstall stage also. (Somasundaram Krishnasamy)  [Orabug: 30821411]  
  - hdlc_ppp: add range checks in ppp_cp_parse_cr() (Dan Carpenter)  [Orabug: 31989190]  {CVE-2020-25643} 
  - tracing: Reverse the order of trace_types_lock and event_mutex (Alan Maguire)  [Orabug: 32002706]  
  - ocfs2/dlm: move lock to the tail of grant queue while doing in-place convert (xuejiufei)  [Orabug: 32071234]

• Wed Oct 21 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.44.4.el7uek]

  - scsi: qla2xxx: Fix NULL pointer crash due to active timer for ABTS (himanshu.madhani@cavium.com)  [Orabug: 32020790]

• Tue Oct 20 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.44.3.el7uek]

  - qed: Reduce verbosity of unimplemented MFW messages (Mintz, Yuval)  [Orabug: 31959299]  
  - kexec: validate pe files against the system_blacklist_keyring (Eric Snowberg)  [Orabug: 31961119]  {CVE-2020-26541}

• Mon Oct 12 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.44.2.el7uek]

  - usb: cdc-acm: make sure a refcount is taken early enough (Oliver Neukum)  [Orabug: 31351088]  {CVE-2019-19530} 
  - net/rds: migration of a delayed initialized port present in down state (Praveen Kumar Kannoju)  [Orabug: 31729995]  
  - net: add high_order_alloc_disable sysctl (Eric Dumazet)  [Orabug: 31835223]  
  - mm, page_alloc: double zone's batchsize (Aaron Lu)  [Orabug: 31835223]  
  - mm/free_pcppages_bulk: prefetch buddy while not holding lock (Aruna Ramakrishna)  [Orabug: 31835223]  
  - mm/free_pcppages_bulk: do not hold lock when picking pages to free (Aruna Ramakrishna)  [Orabug: 31835223]  
  - mm, page_alloc: remove unnecessary variable from free_pcppages_bulk (Mel Gorman)  [Orabug: 31835223]  
  - netfilter: ctnetlink: add a range check for l3/l4 protonum (Will McVicker)  [Orabug: 31872865]  {CVE-2020-25211} 
  - net/rds: Extract dest qp num for displaying in rds-info (Praveen Kumar Kannoju)  [Orabug: 31880144]  
  - uek-rpm: Update secure boot UEK signing certificates (Brian Maly)  [Orabug: 31974559]

• Tue Oct 06 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.44.1.el7uek]

  - oracleasm: Retrieve d_bdev before dropping inode (Stephen Brennan)  [Orabug: 31832592]  
  - KVM: VMX: fixes for vmentry_l1d_flush module parameter (Paolo Bonzini)  [Orabug: 31962487]

• Tue Sep 22 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.43.4.el7uek]

  - kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974) (Jann Horn)  [Orabug: 29434845]  {CVE-2019-6974} 
  - KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221) (Peter Shier)  [Orabug: 29434898]  {CVE-2019-7221} 
  - KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222) (Paolo Bonzini)  [Orabug: 29434924]  {CVE-2019-7222} 
  - net: arc_emac: fix koops caused by sk_buff free (Alexander Kochetkov)  [Orabug: 30254239]  {CVE-2016-10906} 
  - GFS2: don't set rgrp gl_object until it's inserted into rgrp tree (Bob Peterson)  [Orabug: 30254251]  {CVE-2016-10905} 
  - GFS2: Fix rgrp end rounding problem for bsize < page size (Bob Peterson)  [Orabug: 30254251]  {CVE-2016-10905} 
  - x86/apic/msi: update address_hi on set msi affinity (Joe Jin)  [Orabug: 31477035]  
  - x86/apic/msi: check and sync apic IRR on msi_set_affinity (Joe Jin)  [Orabug: 31477035]  
  - net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup (Sabrina Dubroca)  [Orabug: 31872821]  {CVE-2020-1749} 
  - nfs: Fix getxattr kernel panic and memory overflow (Jeffrey Mitchell)  [Orabug: 31872910]  {CVE-2020-25212} 
  - rbd: require global CAP_SYS_ADMIN for mapping and unmapping (Ilya Dryomov)  [Orabug: 31884169]  {CVE-2020-25284} 
  - mm/hugetlb: fix a race between hugetlb sysctl handlers (Muchun Song)  [Orabug: 31884239]  {CVE-2020-25285} 
  - ext4: fix potential negative array index in do_split() (Eric Sandeen)  [Orabug: 31895331]  {CVE-2020-14314}

• Tue Sep 15 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.43.3.el7uek]

  - ARM: amba: Fix race condition with driver_override (Geert Uytterhoeven)  [Orabug: 29671212]  {CVE-2018-9415} 
  - block: blk_init_allocated_queue() set q->fq as NULL in the fail case (xiao jin)  [Orabug: 30120513]  {CVE-2018-20856} 
  - USB: serial: omninet: fix reference leaks at open (Johan Hovold)  [Orabug: 30484761]  {CVE-2017-8925} 
  - nl80211: validate beacon head (Johannes Berg)  [Orabug: 30556264]  {CVE-2019-16746} 
  - cfg80211: Use const more consistently in for_each_element macros (Jouni Malinen)  [Orabug: 30556264]  {CVE-2019-16746} 
  - cfg80211: add and use strongly typed element iteration macros (Johannes Berg)  [Orabug: 30556264]  {CVE-2019-16746} 
  - cfg80211: add helper to find an IE that matches a byte-array (Luca Coelho)  [Orabug: 30556264]  {CVE-2019-16746} 
  - cfg80211: allow finding vendor with OUI without specifying the OUI type (Emmanuel Grumbach)  [Orabug: 30556264]  {CVE-2019-16746} 
  - dccp: Fix memleak in __feat_register_sp (YueHaibing)  [Orabug: 30732821]  {CVE-2019-20096} 
  - fs/proc/proc_sysctl.c: Fix a NULL pointer dereference (YueHaibing)  [Orabug: 30732938]  {CVE-2019-20054} 
  - fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links (YueHaibing)  [Orabug: 30732938]  {CVE-2019-20054} 
  - scsi: libsas: stop discovering if oob mode is disconnected (Jason Yan)  [Orabug: 30770913]  {CVE-2019-19965} 
  - kernel/sysctl.c: fix out-of-bounds access when setting file-max (Will Deacon)  [Orabug: 31350720]  {CVE-2019-14898} 
  - sysctl: handle overflow for file-max (Christian Brauner)  [Orabug: 31350720]  {CVE-2019-14898} 
  - ath9k_htc: release allocated buffer if timed out (Navid Emamdoost)  [Orabug: 31351572]  {CVE-2019-19073} 
  - can: gs_usb: gs_can_open(): prevent memory leak (Navid Emamdoost)  [Orabug: 31351682]  {CVE-2019-19052} 
  - ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit() (Takashi Iwai)  [Orabug: 31351837]  {CVE-2019-15927} 
  - media: usb: siano: Fix general protection fault in smsusb (Alan Stern)  [Orabug: 31351875]  {CVE-2019-15218} 
  - crypto: vmac - separate tfm and request context (Eric Biggers)  [Orabug: 31584410]  
  - SUNRPC: Fix a race with XPRT_CONNECTING (Trond Myklebust)  [Orabug: 31796770]  
  - SUNRPC: Fix disconnection races (Trond Myklebust)  [Orabug: 31796770]  
  - SUNRPC: Add a helper to wake up a sleeping rpc_task and set its status (Trond Myklebust)  [Orabug: 31796770]  
  - SUNRPC: Reduce latency when send queue is congested (Trond Myklebust)  [Orabug: 31796770]  
  - SUNRPC: RPC transport queue must be low latency (Trond Myklebust)  [Orabug: 31796770]  
  - SUNRPC: Fix a potential race in xprt_connect() (Trond Myklebust)  [Orabug: 31796770]  
  - SUNRPC: ensure correct error is reported by xs_tcp_setup_socket() (NeilBrown)  [Orabug: 31796770]  
  - SUNRPC: Fix races between socket connection and destroy code (Trond Myklebust)  [Orabug: 31796770]  
  - SUNRPC: Prevent SYN+SYNACK+RST storms (Trond Myklebust)  [Orabug: 31796770]  
  - SUNRPC: Report TCP errors to the caller (Trond Myklebust)  [Orabug: 31796770]  
  - SUNRPC: Ensure we release the TCP socket once it has been closed (Trond Myklebust)  [Orabug: 31796770]  
  - net-gro: fix use-after-free read in napi_gro_frags() (Eric Dumazet)  [Orabug: 31856195]  {CVE-2020-10720} 
  - PCI: Probe bridge window attributes once at enumeration-time (Bjorn Helgaas)  [Orabug: 31867577]

• Mon Sep 07 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.43.2.el7uek]

  - ALSA: seq: Cancel pending autoload work at unbinding device (Takashi Iwai)  [Orabug: 31352045]  {CVE-2017-16528} 
  - USB: serial: io_ti: fix information leak in completion handler (Johan Hovold)  [Orabug: 31352084]  {CVE-2017-8924} 
  - sample-trace-array: Fix sleeping function called from invalid context (Kefeng Wang)  [Orabug: 31543032]  
  - sample-trace-array: Remove trace_array 'sample-instance' (Kefeng Wang)  [Orabug: 31543032]  
  - tracing: Sample module to demonstrate kernel access to Ftrace instances. (Divya Indi)  [Orabug: 31543032]  
  - tracing: Adding new functions for kernel access to Ftrace instances (Aruna Ramakrishna)  [Orabug: 31543032]  
  - tracing: Adding NULL checks for trace_array descriptor pointer (Divya Indi)  [Orabug: 31543032]  
  - tracing: Verify if trace array exists before destroying it. (Divya Indi)  [Orabug: 31543032]  
  - tracing: Declare newly exported APIs in include/linux/trace.h (Divya Indi)  [Orabug: 31543032]  
  - tracing: Kernel access to Ftrace instances (Divya Indi)  [Orabug: 31543032]

• Thu Sep 03 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.43.1.el7uek]

  - blktrace: Protect q->blk_trace with RCU (Jan Kara)  [Orabug: 31123576]  {CVE-2019-19768} 
  - media: technisat-usb2: break out of loop at end of buffer (Sean Young)  [Orabug: 31224554]  {CVE-2019-15505} 
  - btrfs: merge btrfs_find_device and find_device (Anand Jain)  [Orabug: 31351746]  {CVE-2019-18885} 
  - RDMA/cxgb4: Do not dma memory off of the stack (Greg KH)  [Orabug: 31351783]  {CVE-2019-17075} 
  - mwifiex: Abort at too short BSS descriptor element (Takashi Iwai)  [Orabug: 31351916]  {CVE-2019-3846} 
  - mwifiex: Fix possible buffer overflows at parsing bss descriptor (Takashi Iwai)  [Orabug: 31351916]  {CVE-2019-3846} {CVE-2019-3846} 
  - repair kABI breakage from "fs: prevent page refcount overflow in pipe_buf_get" (Dan Duval)  [Orabug: 31351941]  {CVE-2019-11487} 
  - mm: prevent get_user_pages() from overflowing page refcount (Linus Torvalds)  [Orabug: 31351941]  {CVE-2019-11487} 
  - mm: add 'try_get_page()' helper function (Linus Torvalds)  [Orabug: 31351941]  {CVE-2019-11487} 
  - fs: prevent page refcount overflow in pipe_buf_get (Matthew Wilcox)  [Orabug: 31351941]  {CVE-2019-11487} 
  - mm: make page ref count overflow check tighter and more explicit (Linus Torvalds)  [Orabug: 31351941]  {CVE-2019-11487} 
  - sctp: implement memory accounting on tx path (Xin Long)  [Orabug: 31351960]  {CVE-2019-3874} 
  - sunrpc: use SVC_NET() in svcauth_gss_* functions (Vasily Averin)  [Orabug: 31351995]  {CVE-2018-16884} 
  - sunrpc: use-after-free in svc_process_common() (Vasily Averin)  [Orabug: 31351995]  {CVE-2018-16884} 
  - af_packet: set defaule value for tmo (Mao Wenan)  [Orabug: 31439107]  {CVE-2019-20812} 
  - selinux: properly handle multiple messages in selinux_netlink_send() (Paul Moore)  [Orabug: 31439369]  {CVE-2020-10751} 
  - selinux: Print 'sclass' as string when unrecognized netlink message occurs (Marek Milkovic)  [Orabug: 31439369]  {CVE-2020-10751} 
  - mac80211: Do not send Layer 2 Update frame before authorization (Jouni Malinen)  [Orabug: 31473652]  {CVE-2019-5108} 
  - cfg80211/mac80211: make ieee80211_send_layer2_update a public function (Dedy Lansky)  [Orabug: 31473652]  {CVE-2019-5108} 
  - crypto: authenc - fix parsing key with misaligned rta_len (Eric Biggers)  [Orabug: 31535529]  {CVE-2020-10769} 
  - vgacon: Fix for missing check in scrollback handling (Yunhai Zhang)  [Orabug: 31705121]  {CVE-2020-14331} {CVE-2020-14331} 
  - rename kABI whitelists to lockedlists (Dan Duval)  [Orabug: 31783151]