[El-errata] ELSA-2018-4261 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Oct 25 05:57:27 PDT 2018


Oracle Linux Security Advisory ELSA-2018-4261

http://linux.oracle.com/errata/ELSA-2018-4261.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.20.7.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.20.7.el7uek.noarch.rpm
kernel-uek-4.1.12-124.20.7.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.20.7.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.20.7.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.20.7.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.20.7.el7uek.src.rpm



Description of changes:

[4.1.12-124.20.7.el7uek]
- Revert "rds: RDS (tcp) hangs on sendto() to unresponding address" 
(Brian Maly)  [Orabug: 28837953]

[4.1.12-124.20.6.el7uek]
- x86/speculation: Retpoline should always be available on Skylake 
(Alexandre Chartre)  [Orabug: 28801831]

[4.1.12-124.20.5.el7uek]
- x86/speculation: Add sysfs entry to enable/disable retpoline 
(Alexandre Chartre)  [Orabug: 28607548]
- x86/speculation: Switch to IBRS when loading a non-retpoline module 
(Alexandre Chartre)  [Orabug: 28607548]
- x86/speculation: Remove unnecessary retpoline alternatives (Alexandre 
Chartre)  [Orabug: 28607548]
- x86/speculation: Use static key to enable/disable retpoline (Alexandre 
Chartre)  [Orabug: 28607548]
- locking/static_keys: Provide DECLARE and well as DEFINE macros (Tony 
Luck)  [Orabug: 28607548]
- jump_label: remove bug.h, atomic.h dependencies for HAVE_JUMP_LABEL 
(Jason Baron)  [Orabug: 28607548]
- locking/static_key: Fix concurrent static_key_slow_inc() (Paolo 
Bonzini)  [Orabug: 28607548]
- jump_label: make static_key_enabled() work on static_key_true/false 
types too (Tejun Heo)  [Orabug: 28607548]
- locking/static_keys: Fix up the static keys documentation (Jonathan 
Corbet)  [Orabug: 28607548]
- locking/static_keys: Fix a silly typo (Jonathan Corbet)  [Orabug: 
28607548]
- jump label, locking/static_keys: Update docs (Jason Baron)  [Orabug: 
28607548]
- x86/asm: Add asm macros for static keys/jump labels (Andy Lutomirski) 
[Orabug: 28607548]
- x86/asm: Error out if asm/jump_label.h is included inappropriately 
(Andy Lutomirski)  [Orabug: 28607548]
- jump_label/x86: Work around asm build bug on older/backported GCCs 
(Peter Zijlstra)  [Orabug: 28607548]
- locking/static_keys: Add a new static_key interface (Peter Zijlstra) 
[Orabug: 28607548]
- locking/static_keys: Rework update logic (Peter Zijlstra)  [Orabug: 
28607548]
- jump_label: Add jump_entry_key() helper (Peter Zijlstra)  [Orabug: 
28607548]
- jump_label, locking/static_keys: Rename JUMP_LABEL_TYPE_* and related 
helpers to the static_key* pattern (Peter Zijlstra)  [Orabug: 28607548]
- jump_label: Rename JUMP_LABEL_{EN,DIS}ABLE to JUMP_LABEL_{JMP,NOP} 
(Peter Zijlstra)  [Orabug: 28607548]
- module, jump_label: Fix module locking (Peter Zijlstra)  [Orabug: 
28607548]
- x86/speculation: Protect against userspace-userspace spectreRSB (Jiri 
Kosina)  [Orabug: 28631590]  {CVE-2018-15572}
- x86/spectre_v2: Remove remaining references to lfence mitigation 
(Alejandro Jimenez)  [Orabug: 28631590]  {CVE-2018-15572}
- Revert "md: allow a partially recovered device to be hot-added to an 
array." (NeilBrown)  [Orabug: 28702623]
- x86/bugs: ssbd_ibrs_selected called prematurely (Daniel Jordan) 
[Orabug: 28788839]
- net/mlx4_core: print firmware version during driver loading (Qing 
Huang)  [Orabug: 28809377]
- mm: numa: Do not trap faults on shared data section pages. (Henry 
Willard)  [Orabug: 28814880]
- hugetlbfs: dirty pages as they are added to pagecache (Mike Kravetz) 
[Orabug: 28813968]

[4.1.12-124.20.4.el7uek]
- rds: RDS (tcp) hangs on sendto() to unresponding address (Ka-Cheong 
Poon)  [Orabug: 28762608]
- nfs: fix a deadlock in nfs client initialization (Scott Mayhew) 
[Orabug: 28486463]
- infiniband: fix a possible use-after-free bug (Cong Wang)  [Orabug: 
28774517]  {CVE-2018-14734}




More information about the El-errata mailing list