[El-errata] ELSA-2019-4878 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Dec 13 08:44:19 PST 2019

Oracle Linux Security Advisory ELSA-2019-4878


The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:



Description of changes:

- Revert "oled: give panic handler chance to run before kexec" (John Donnelly)  [Orabug: 30594702]
- Revert "oled: export symbols" (John Donnelly)  [Orabug: 30594702]
- net/rds: Recycle RDS headers to speed up connection fail over (Ka-Cheong Poon)  [Orabug: 30628735]
- net/rds: Reduce RDS headers de-allocation time (Ka-Cheong Poon)  [Orabug: 30628735]
- net/rds: Should use rds_rtd_ptr() to trace pointer value (Ka-Cheong Poon)  [Orabug: 30628735]

- rds: Disable heartbeat by default (Håkon Bugge)  [Orabug: 30580080]

- rds:ib: Set RoCE ACK timeout before resolving route (Dag Moxnes)  [Orabug: 30581176]
- RDMA/cma: Use ACK timeout for RoCE packetLifeTime (Dag Moxnes)  [Orabug: 30581176]
- x86/hyperv: Make vapic support x2apic mode (Roman Kagan)  [Orabug: 30571044]
- PCI: hv: Refactor hv_irq_unmask() to use cpumask_to_vpset() (Maya Nakamura)  [Orabug: 30571044]
- PCI: hv: Replace hv_vp_set with hv_vpset (Maya Nakamura)  [Orabug: 30571044]
- PCI: hv: Add __aligned(8) to struct retarget_msi_interrupt (Maya Nakamura)  [Orabug: 30571044]
- MAINTAINERS: Add Hyper-V IOMMU driver into Hyper-V CORE AND DRIVERS scope (Lan Tianyu)  [Orabug: 30571044]
- iommu/hyper-v: Add Hyper-V stub IOMMU driver (Lan Tianyu)  [Orabug: 30571044]
- x86/Hyper-V: Set x2apic destination mode to physical when x2apic is available (Lan Tianyu)  [Orabug: 30571044]
- x86/apic: Provide apic_ack_irq() (Thomas Gleixner)  [Orabug: 30571044]
- rds: ib: update WR sizes when bringing up connection (Dag Moxnes)  [Orabug: 30572790]
- USB: sisusbvga: fix oops in error path of sisusb_probe (Oliver Neukum)  [Orabug: 30548564]  {CVE-2019-15219}
- block-mq: fix hung due to too much warning log (Junxiao Bi)  [Orabug: 30544816]
- oled: export symbols (Wengang Wang)  [Orabug: 30550387]
- oled: give panic handler chance to run before kexec (Wengang Wang)  [Orabug: 30550387]

- ocfs2: protect extent tree in ocfs2_prepare_inode_for_write() (Shuning Zhang)  [Orabug: 30545335]
- kvm: mmu: ITLB_MULTIHIT mitigation selection (Kanth Ghatraju)  [Orabug: 30539764]
- x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs (Josh Poimboeuf)  [Orabug: 30539764]
- cpu/speculation: Uninline and export CPU mitigations helpers (Tyler Hicks)  [Orabug: 30539764]
- x86/speculation/taa: Fix for mitigation for TSX Async Abort (Kanth Ghatraju)  [Orabug: 30533711]
- media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap (Vandana BN)  [Orabug: 30532773]  {CVE-2019-15217}
- x86: cpu: bugs.c: Fix compile error when CONFIG_XEN=n (Aaron Young)  [Orabug: 30516915]
- SUNRPC: Remove xprt_connect_status() (Trond Myklebust)  [Orabug: 30513391]
- SUNRPC: Handle ENETDOWN errors (Trond Myklebust)  [Orabug: 30513391]
- x86/platform/uv: Account for UV Hubless in is_uvX_hub Ops (Mike Travis)  [Orabug: 30518602]
- x86/platform/uv: Check EFI Boot to set reboot type (Mike Travis)  [Orabug: 30518602]
- x86/platform/uv: Decode UVsystab Info (Mike Travis)  [Orabug: 30518602]
- x86/platform/uv: Add UV Hubbed/Hubless Proc FS Files (Mike Travis)  [Orabug: 30518602]
- x86/platform/uv: Setup UV functions for Hubless UV Systems (Mike Travis)  [Orabug: 30518602]
- x86/platform/uv: Add return code to UV BIOS Init function (Mike Travis)  [Orabug: 30518602]
- x86/platform/uv: Return UV Hubless System Type (Mike Travis)  [Orabug: 30518602]
- x86/platform/uv: Save OEM_ID from ACPI MADT probe (Mike Travis)  [Orabug: 30518602]

- rds: ib: Improve neighbor cache flush throttling (Dag Moxnes)  [Orabug: 30472626]
- KVM: VMX: Do not change PID.NDST when loading a blocked vCPU (Joao Martins)  [Orabug: 30512558]
- KVM: x86: Recompute PID.ON when clearing PID.SN (Joao Martins)  [Orabug: 30512558]
- Revert "KVM: VMX: sync pending posted interrupts based on PIR" (Joao Martins)  [Orabug: 30512558]
- cpuidle: haltpoll: Take 'idle=' override into account (Zhenzhong Duan)  [Orabug: 30519673]
- media: cpia2_usb: first wake up, then free in disconnect (Oliver Neukum)  [Orabug: 30511740]  {CVE-2019-15215}
- rds: ib: __flush_neigh_conn error messages in syslog during failover/failback (Dag Moxnes)  [Orabug: 30499609]
- kdump: decouple trace_extern_vmcoreinfo_setup from CONFIG_TRACING (Dave Kleikamp)  [Orabug: 30493478]
- media: dvb: usb: fix use after free in dvb_usb_device_exit (Oliver Neukum)  [Orabug: 30490490]  {CVE-2019-15213}
- net: sit: fix memory leak in sit_init_net() (Mao Wenan)  [Orabug: 30445304]  {CVE-2019-16994}
- mISDN: enforce CAP_NET_RAW for raw sockets (Ori Nimron)  [Orabug: 30445156]  {CVE-2019-17055}
- ieee802154: enforce CAP_NET_RAW for raw sockets (Ori Nimron)  [Orabug: 30444945]  {CVE-2019-17053}
- net: hsr: fix memory leak in hsr_dev_finalize() (Mao Wenan)  [Orabug: 30444852]  {CVE-2019-16995}
- vhost/vsock: fix uninitialized vhost_vsock->guest_cid (Stefan Hajnoczi)  [Orabug: 30339795]
- fm10k: Fix a potential NULL pointer dereference (Yue Haibing)  [Orabug: 30322694]  {CVE-2019-15924}
- x86/apic: Get rid of multi CPU affinity (Thomas Gleixner)  [Orabug: 29645216]
- rds: ib: need to flush neighbor cache for local peer connections on failover (Dag Moxnes)  [Orabug: 30472629]

More information about the El-errata mailing list