[El-errata] ELSA-2018-1651 Important: Oracle Linux 6 kernel security and bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue May 22 01:09:37 PDT 2018 

Oracle Linux Security Advisory ELSA-2018-1651

http://linux.oracle.com/errata/ELSA-2018-1651.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
kernel-2.6.32-696.30.1.el6.i686.rpm
kernel-abi-whitelists-2.6.32-696.30.1.el6.noarch.rpm
kernel-debug-2.6.32-696.30.1.el6.i686.rpm
kernel-debug-devel-2.6.32-696.30.1.el6.i686.rpm
kernel-devel-2.6.32-696.30.1.el6.i686.rpm
kernel-doc-2.6.32-696.30.1.el6.noarch.rpm
kernel-firmware-2.6.32-696.30.1.el6.noarch.rpm
kernel-headers-2.6.32-696.30.1.el6.i686.rpm
perf-2.6.32-696.30.1.el6.i686.rpm
python-perf-2.6.32-696.30.1.el6.i686.rpm

x86_64:
kernel-2.6.32-696.30.1.el6.x86_64.rpm
kernel-abi-whitelists-2.6.32-696.30.1.el6.noarch.rpm
kernel-debug-2.6.32-696.30.1.el6.x86_64.rpm
kernel-debug-devel-2.6.32-696.30.1.el6.i686.rpm
kernel-debug-devel-2.6.32-696.30.1.el6.x86_64.rpm
kernel-devel-2.6.32-696.30.1.el6.x86_64.rpm
kernel-doc-2.6.32-696.30.1.el6.noarch.rpm
kernel-firmware-2.6.32-696.30.1.el6.noarch.rpm
kernel-headers-2.6.32-696.30.1.el6.x86_64.rpm
perf-2.6.32-696.30.1.el6.x86_64.rpm
python-perf-2.6.32-696.30.1.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-2.6.32-696.30.1.el6.src.rpm



Description of changes:

[2.6.32-696.30.1.el6.OL6]
- Update genkey [bug 25599697]

[2.6.32-696.30.1.el6]
- [x86] x86/kvm: fix CPUID_7_EDX (word 18) mask (Jan Stancek) [1566893 
1566899] {CVE-2018-3639}

[2.6.32-696.29.1.el6]
- [x86] x86/spec_ctrl: Fix late microcode problem with AMD (Waiman Long) 
[1566893 1566899] {CVE-2018-3639}
- [x86] x86/spec_ctrl: Clean up entry code & remove unused APIs (Waiman 
Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/spec_ctrl: Mask off SPEC_CTRL MSR bits that are managed by 
kernel (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/spec_ctrl: add support for SSBD to RHEL IBRS entry/exit 
macros (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/bugs: Rename _RDS to _SSBD (Waiman Long) [1566893 1566899] 
{CVE-2018-3639}
- [x86] x86/speculation: Add prctl for Speculative Store Bypass 
mitigation (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/process: Allow runtime control of Speculative Store Bypass 
(Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [kernel] prctl: Add speculation control prctls (Waiman Long) [1566893 
1566899] {CVE-2018-3639}
- [x86] x86/kvm: Expose the RDS bit to the guest (Waiman Long) [1566893 
1566899] {CVE-2018-3639}
- [x86] x86/bugs/AMD: Add support to disable RDS on Fam[15, 16, 17]h if 
requested (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/spec_ctrl: Sync up RDS setting with IBRS code (Waiman Long) 
[1566893 1566899] {CVE-2018-3639}
- [x86] x86/bugs: Provide boot parameters for the 
spec_store_bypass_disable mitigation (Waiman Long) [1566893 1566899] 
{CVE-2018-3639}
- [x86] x86/bugs: Expose the /sys/../spec_store_bypass and 
X86_BUG_SPEC_STORE_BYPASS (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved 
bits (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/spec_ctrl: Use separate PCP variables for IBRS entry and 
exit (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] cpu/intel: Knight Mill and Moorefield update to intel-family.h 
(Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/speculation: Update Speculation Control microcode blacklist 
(Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on 
Intel (Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/cpufeatures: Clean up Spectre v2 related CPUID flags (Waiman 
Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/cpufeatures: Add AMD feature bits for Speculation Control 
(Waiman Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/cpufeatures: Add Intel feature bits for Speculation (Waiman 
Long) [1566893 1566899] {CVE-2018-3639}
- [x86] x86/cpufeatures: Add CPUID_7_EDX CPUID leaf (Waiman Long) 
[1566893 1566899] {CVE-2018-3639}
- [x86] x86/cpu: Fill in feature word 13, CPUID_8000_0008_EBX (Waiman 
Long) [1566893 1566899] {CVE-2018-3639}
- [x86] Extend RH cpuinfo to 10 extra words (Waiman Long) [1566893 
1566899] {CVE-2018-3639}
- [x86] kpti/kexec: fix wrong page address in clear_page (Dave Young) 
[1573176 1572487]

More information about the El-errata mailing list