[Oraclevm-errata] OVMSA-2018-0007 Important: Oracle VM 3.4 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Thu Jan 11 12:40:05 PST 2018


Oracle VM Security Advisory OVMSA-2018-0007

The following updated rpms for Oracle VM 3.4 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
kernel-uek-4.1.12-112.14.5.el6uek.x86_64.rpm
kernel-uek-firmware-4.1.12-112.14.5.el6uek.noarch.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/kernel-uek-4.1.12-112.14.5.el6uek.src.rpm



Description of changes:

[4.1.12-112.14.5.el6uek]
- x86/ibrs: Remove 'ibrs_dump' and remove the pr_debug (Konrad Rzeszutek 
Wilk)  [Orabug: 27350825]

[4.1.12-112.14.4.el6uek]
- kABI: Revert kABI: Make the boot_cpu_data look normal (Konrad 
Rzeszutek Wilk)   {CVE-2017-5715}

[4.1.12-112.14.3.el6uek]
- userns: prevent speculative execution (Elena Reshetova)  [Orabug: 
27340459]  {CVE-2017-5753}
- udf: prevent speculative execution (Elena Reshetova)  [Orabug: 
27340459]  {CVE-2017-5753}
- net: mpls: prevent speculative execution (Elena Reshetova)  [Orabug: 
27340459]  {CVE-2017-5753}
- fs: prevent speculative execution (Elena Reshetova)  [Orabug: 
27340459]  {CVE-2017-5753}
- ipv6: prevent speculative execution (Elena Reshetova)  [Orabug: 
27340459]  {CVE-2017-5753}
- ipv4: prevent speculative execution (Elena Reshetova)  [Orabug: 
27340459]  {CVE-2017-5753}
- Thermal/int340x: prevent speculative execution (Elena Reshetova) 
[Orabug: 27340459]  {CVE-2017-5753}
- cw1200: prevent speculative execution (Elena Reshetova)  [Orabug: 
27340459]  {CVE-2017-5753}
- qla2xxx: prevent speculative execution (Elena Reshetova)  [Orabug: 
27340459]  {CVE-2017-5753}
- p54: prevent speculative execution (Elena Reshetova)  [Orabug: 
27340459]  {CVE-2017-5753}
- carl9170: prevent speculative execution (Elena Reshetova)  [Orabug: 
27340459]  {CVE-2017-5753}
- uvcvideo: prevent speculative execution (Elena Reshetova)  [Orabug: 
27340459]  {CVE-2017-5753}
- bpf: prevent speculative execution in eBPF interpreter (Elena 
Reshetova)  [Orabug: 27340459]  {CVE-2017-5753}
- locking/barriers: introduce new observable speculation barrier (Elena 
Reshetova)  [Orabug: 27340459]  {CVE-2017-5753}
- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature 
(Elena Reshetova)  [Orabug: 27340459]  {CVE-2017-5753}
- x86/cpu/AMD: Make the LFENCE instruction serialized (Elena Reshetova) 
[Orabug: 27340459]  {CVE-2017-5753}
- kABI: Make the boot_cpu_data look normal. (Konrad Rzeszutek Wilk) 
[Orabug: 27339995]  {CVE-2017-5715}
- kernel.spec: Require the new microcode_ctl. (Konrad Rzeszutek Wilk) 
[Orabug: 27339995]  {CVE-2017-5715} {CVE-2017-5715}
- x86/microcode/AMD: Add support for fam17h microcode loading (Tom 
Lendacky)  [Orabug: 27339995]  {CVE-2017-5715}
- x86/spec_ctrl: Disable if running as Xen PV guest. (Konrad Rzeszutek 
Wilk)  [Orabug: 27339995]  {CVE-2017-5715}
- Set IBPB when running a different VCPU (Dave Hansen)  [Orabug: 
27339995]  {CVE-2017-5715}
- Clear the host registers after setbe (Jun Nakajima)  [Orabug: 
27339995]  {CVE-2017-5715}
- Use the ibpb_inuse variable. (Jun Nakajima)  [Orabug: 27339995] 
{CVE-2017-5715}
- KVM: x86: add SPEC_CTRL to MSR and CPUID lists (Andrea Arcangeli) 
[Orabug: 27339995]  {CVE-2017-5715}
- kvm: vmx: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Paolo Bonzini) 
  [Orabug: 27339995]  {CVE-2017-5715}
- Use the "ibrs_inuse" variable. (Jun Nakajima)  [Orabug: 27339995] 
{CVE-2017-5715}
- kvm: svm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Andrea 
Arcangeli)  [Orabug: 27339995]  {CVE-2017-5715}
- x86/svm: Set IBPB when running a different VCPU (Paolo Bonzini) 
[Orabug: 27339995]  {CVE-2017-5715}
- x86/kvm: Pad RSB on VM transition (Tim Chen)  [Orabug: 27339995] 
{CVE-2017-5715}
- x86/cpu/AMD: Add speculative control support for AMD (Tom Lendacky) 
[Orabug: 27339995]  {CVE-2017-5715}
- x86/microcode: Recheck IBRS and IBPB feature on microcode reload (Tim 
Chen)  [Orabug: 27339995]  {CVE-2017-5715}
- x86: Move IBRS/IBPB feature detection to scattered.c (Tim Chen) 
[Orabug: 27339995]  {CVE-2017-5715}
- x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control 
(Tim Chen)  [Orabug: 27339995]  {CVE-2017-5715}
- x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature 
(Konrad Rzeszutek Wilk)  [Orabug: 27339995]  {CVE-2017-5715}
- x86/kvm: clear registers on VM exit (Tom Lendacky)  [Orabug: 27339995] 
  {CVE-2017-5715}
- x86/kvm: Set IBPB when switching VM (Tim Chen)  [Orabug: 27339995] 
{CVE-2017-5715}
- *INCOMPLETE* x86/syscall: Clear unused extra registers on syscall 
entrance (Konrad Rzeszutek Wilk)  [Orabug: 27339995]  {CVE-2017-5715}
- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Konrad 
Rzeszutek Wilk)  [Orabug: 27339995]  {CVE-2017-5715}
- x86/mm: Only set IBPB when the new thread cannot ptrace current thread 
(Konrad Rzeszutek Wilk)  [Orabug: 27339995]  {CVE-2017-5715}
- x86/mm: Set IBPB upon context switch (Tim Chen)  [Orabug: 27339995] 
{CVE-2017-5715}
- x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup (Tim 
Chen)  [Orabug: 27339995]  {CVE-2017-5715}
- x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim 
Chen)  [Orabug: 27339995]  {CVE-2017-5715}
- x86/spec_ctrl: save IBRS MSR value in paranoid_entry (Andrea 
Arcangeli)  [Orabug: 27339995]  {CVE-2017-5715}
- *Scaffolding* x86/spec_ctrl: Add sysctl knobs to enable/disable 
SPEC_CTRL feature (Tim Chen)  [Orabug: 27339995]  {CVE-2017-5715}
- x86/enter: Use IBRS on syscall and interrupts (Tim Chen)  [Orabug: 
27339995]  {CVE-2017-5715}
- x86: Add macro that does not save rax, rcx, rdx on stack to disable 
IBRS (Tim Chen)  [Orabug: 27339995]  {CVE-2017-5715}
- x86/enter: MACROS to set/clear IBRS and set IBP (Tim Chen)  [Orabug: 
27339995]  {CVE-2017-5715}
- x86/feature: Report presence of IBPB and IBRS control (Tim Chen) 
[Orabug: 27339995]  {CVE-2017-5715}
- x86: Add STIBP feature enumeration (Konrad Rzeszutek Wilk)  [Orabug: 
27339995]  {CVE-2017-5715}
- x86/cpufeature: Add X86_FEATURE_IA32_ARCH_CAPS and 
X86_FEATURE_IBRS_ATT (Konrad Rzeszutek Wilk)  [Orabug: 27339995] 
{CVE-2017-5715}
- x86/feature: Enable the x86 feature to control (Tim Chen)  [Orabug: 
27339995]  {CVE-2017-5715}




More information about the Oraclevm-errata mailing list