[El-errata] ELSA-2019-4509 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Tue Jan 15 08:56:43 PST 2019

Oracle Linux Security Advisory ELSA-2019-4509

http://linux.oracle.com/errata/ELSA-2019-4509.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
kernel-uek-4.14.35-1844.1.3.el7uek.x86_64.rpm
kernel-uek-debug-4.14.35-1844.1.3.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.14.35-1844.1.3.el7uek.x86_64.rpm
kernel-uek-devel-4.14.35-1844.1.3.el7uek.x86_64.rpm
kernel-uek-tools-4.14.35-1844.1.3.el7uek.x86_64.rpm
kernel-uek-doc-4.14.35-1844.1.3.el7uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.14.35-1844.1.3.el7uek.src.rpm

Description of changes:

[4.14.35-1844.1.3.el7uek]
- net: rds: fix rds_ib_sysctl_max_recv_allocation error (Zhu Yanjun) 
[Orabug: 29003422] - nfs: don't dirty kernel pages read by direct-io 
(Dave Kleikamp) [Orabug: 29122062] - KVM: X86: Fix scan ioapic 
use-before-initialization (Wanpeng Li) [Orabug: 29026132] {CVE-2018-19407}
- hugetlb: take PMD sharing into account when flushing tlb/caches (Mike 
Kravetz) [Orabug: 28951436] - mm: migration: fix migration of huge PMD 
shared pages (Mike Kravetz) [Orabug: 28951436] - mm/mmu_notifier: avoid 
double notification when it is useless (Jérôme Glisse) [Orabug: 28951436]

[4.14.35-1844.1.2.el7uek]
- ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in 
card.c (Hui Peng) [Orabug: 29042979] {CVE-2018-19824}
- arm64/kernel: kaslr: reduce module randomization range to 4 GB (Ard 
Biesheuvel) [Orabug: 28954789] - xfs: enhance dinode verifier (Eric 
Sandeen) [Orabug: 28997653] {CVE-2018-10322}
- xfs: move inode fork verifiers to xfs_dinode_verify (Darrick J. Wong) 
[Orabug: 28997653] {CVE-2018-10322}
- Revert "xfs: move inode fork verifiers to xfs_dinode_verify" (Shan 
Hai) [Orabug: 28997653] - Revert "xfs: enhance dinode verifier" (Shan 
Hai) [Orabug: 28997653]

[4.14.35-1844.1.1.el7uek]
- arm64: disable /dev/port on 64 bit ARM (Eric Saint-Etienne) [Orabug: 
28961247] - crypto: ccp - add timeout support in the SEV command 
(Brijesh Singh) [Orabug: 29029018] - crypto: ccp - Add GET_ID SEV 
command (Janakarajan Natarajan) [Orabug: 29029018] - crypto: ccp - Add 
DOWNLOAD_FIRMWARE SEV command (Janakarajan Natarajan) [Orabug: 29029018] 
- net: phy: mdio-bcm-unimac: fix potential NULL dereference in 
unimac_mdio_probe() (Wei Yongjun) [Orabug: 27677743] {CVE-2018-8043}
- vti6: remove !skb->ignore_df check from vti6_xmit() (Alexey Kodanev) 
[Orabug: 28940590] - A/A failback does not work in concert with ibacm 
(Håkon Bugge) [Orabug: 28972800] - ACPICA: Reference Counts: increase 
max to 0x4000 for large servers (Erik Schmauss) [Orabug: 29019053]

[4.14.35-1844.1.0.el7uek]
- wil6210: missing length check in wmi_set_ie (Lior David) [Orabug: 
28951264] {CVE-2018-5848}
- [PATCH UEK5 u1 v3] dtrace: add DTRACEACT_PCAP for packet capture for 
later pcap_dump() (Alan Maguire) [Orabug: 28951771] - floppy: Do not 
copy a kernel pointer to user memory in FDGETPRM ioctl (Andy Whitcroft) 
{CVE-2018-7755} {CVE-2018-7755}
- [PATCH UEK5 u1 v2] dtrace: fix ip provider inconsistencies between 
IPv4/IPv6 (Alan Maguire) [Orabug: 28956807] - x86/speculation: Make 
enhanced IBRS the default spectre v2 mitigation (Alejandro Jimenez) 
[Orabug: 28992002] - x86/speculation: Enable enhanced IBRS usage 
(Alejandro Jimenez) [Orabug: 28992002] - x86/speculation: functions for 
supporting enhanced IBRS (Alejandro Jimenez) [Orabug: 28992002] - Add 
forward declaration of tlb_flush, required for asm-generic. (Jack Vogel) 
[Orabug: 28866513] - x86/mm: Page size aware flush_tlb_mm_range() (Peter 
Zijlstra) [Orabug: 28866513] - mm/memory: Move mmu_gather and TLB 
invalidation code into its own file (Peter Zijlstra) [Orabug: 28866513] 
- asm-generic/tlb: Track which levels of the page tables have been 
cleared (Will Deacon) [Orabug: 28866513] - asm-generic/tlb: Track 
freeing of page-table directories in struct mmu_gather (Peter Zijlstra) 
[Orabug: 28866513] - mm: mmu_notifier fix for tlb_end_vma (Nicholas 
Piggin) [Orabug: 28866513] - mm: update comment describing 
tlb_gather_mmu (Mike Rapoport) [Orabug: 28866513]