[El-errata] ELSA-2019-4596 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon Apr 1 07:08:16 PDT 2019


Oracle Linux Security Advisory ELSA-2019-4596

http://linux.oracle.com/errata/ELSA-2019-4596.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.26.7.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.26.7.el7uek.noarch.rpm
kernel-uek-4.1.12-124.26.7.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.26.7.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.26.7.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.26.7.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.26.7.el7uek.src.rpm



Description of changes:

[4.1.12-124.26.7.el7uek]
- ib_core: initialize shpd field when allocating 'struct ib_pd' (Mukesh 
Kacker) [Orabug: 29384815] - Revert "x86/apic: Make arch_setup_hwirq 
NUMA node aware" (Brian Maly) [Orabug: 29542185] - qlcnic: fix Tx 
descriptor corruption on 82xx devices (Shahed Shaikh) [Orabug: 27708787] 
- block: Fix a race between blk_cleanup_queue() and timeout handling 
(Bart Van Assche) [Orabug: 29158186] - can: gw: ensure DLC boundaries 
after CAN frame modification (Oliver Hartkopp) [Orabug: 29215299] 
{CVE-2019-3701} {CVE-2019-3701}
- CIFS: Enable encryption during session setup phase (Pavel Shilovsky) 
[Orabug: 29338239] {CVE-2018-1066}
- ext4: clear i_data in ext4_inode_info when removing inline data 
(Theodore Ts'o) [Orabug: 29540709] {CVE-2018-10881} {CVE-2018-10881}
- ext4: add more inode number paranoia checks (Theodore Ts'o) [Orabug: 
29545566] {CVE-2018-10882} {CVE-2018-10882}
- Revert "KVM: nVMX: Eliminate vmcs02 pool" (Boris Ostrovsky) [Orabug: 
29542029] - Revert "KVM: VMX: introduce alloc_loaded_vmcs" (Boris 
Ostrovsky) [Orabug: 29542029] - Revert "KVM: VMX: make MSR bitmaps 
per-VCPU" (Boris Ostrovsky) [Orabug: 29542029] - Revert "KVM: x86: pass 
host_initiated to functions that read MSRs" (Boris Ostrovsky) [Orabug: 
29542029] - Revert "KVM/x86: Add IBPB support" (Boris Ostrovsky) 
[Orabug: 29542029] - Revert "KVM/VMX: Allow direct access to 
MSR_IA32_SPEC_CTRL - reloaded" (Boris Ostrovsky) [Orabug: 29542029] - 
Revert "KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL" (Boris 
Ostrovsky) [Orabug: 29542029] - Revert "KVM: SVM: Add MSR-based feature 
support for serializing LFENCE" (Boris Ostrovsky) [Orabug: 29542029] - 
Revert "x86/cpufeatures: rename X86_FEATURE_AMD_SSBD to 
X86_FEATURE_LS_CFG_SSBD" (Boris Ostrovsky) [Orabug: 29542029] - Revert 
"x86/bugs: Add AMD's SPEC_CTRL MSR usage" (Boris Ostrovsky) [Orabug: 
29542029] - Revert "x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL 
MSR" (Boris Ostrovsky) [Orabug: 29542029] - arch: x86: remove unsued 
SET_IBPB from spec_ctrl.h (Mihai Carabas) [Orabug: 29336760] - x86: cpu: 
microcode: fix late loading SpectreV2 bugs eval (Mihai Carabas) [Orabug: 
29336760] - x86: cpu: microcode: fix late loading SSBD and L1TF bugs 
eval (Mihai Carabas) [Orabug: 29336760] - x86: cpu: microcode: 
Re-evaluate bugs in a CPU after microcode loading (Mihai Carabas) 
[Orabug: 29336760] - x86: cpu: microcode: update flags for all cpus 
(Mihai Carabas) [Orabug: 29336760]

[4.1.12-124.26.6.el7uek]
- x86/apic: Make arch_setup_hwirq NUMA node aware (Henry Willard) 
[Orabug: 29292411]






More information about the El-errata mailing list