[Oraclevm-errata] OVMSA-2020-0028 Important: Oracle VM 3.4 Unbreakable Enterprise kernel security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Mon Jul 13 06:34:52 PDT 2020 

Oracle VM Security Advisory OVMSA-2020-0028

The following updated rpms for Oracle VM 3.4 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
kernel-uek-4.1.12-124.40.6.el6uek.x86_64.rpm
kernel-uek-firmware-4.1.12-124.40.6.el6uek.noarch.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/kernel-uek-4.1.12-124.40.6.el6uek.src.rpm



Description of changes:

[4.1.12-124.40.6.el6uek]
- ipv4: ipv4_default_advmss() should use route mtu (Eric Dumazet)  [Orabug: 31563095]
- net: ipv4: Refine the ipv4_default_advmss (Gao Feng)  [Orabug: 31563095]

[4.1.12-124.40.5.el6uek]
- Revert "bnxt_en: Remove busy poll logic in the driver." (Brian Maly)  [Orabug: 28151475]
- md: batch flush requests. (NeilBrown)  [Orabug: 31332821]
- ALSA: core: Fix card races between register and disconnect (Takashi Iwai)  [Orabug: 31351891]  {CVE-2019-15214}
- media: dvb-usb-v2: lmedm04: move ts2020 attach to dm04_lme2510_tuner (Malcolm Priestley)  [Orabug: 31352061]  {CVE-2017-16538}
- media: dvb-usb-v2: lmedm04: Improve logic checking of warm start (Malcolm Priestley)  [Orabug: 31352061]  {CVE-2017-16538}
- atomic_open(): fix the handling of create_error (Al Viro)  [Orabug: 31493395]

[4.1.12-124.40.4.el6uek]
- media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (Tomas Bortoli)  [Orabug: 31351119]  {CVE-2019-19533}
- NFS: Fix a performance regression in readdir (Trond Myklebust)  [Orabug: 31409061]

[4.1.12-124.40.3.el6uek]
- x86/speculation: Add Ivy Bridge to affected list (Josh Poimboeuf)  [Orabug: 31475612]  {CVE-2020-0543}
- x86/speculation: Add SRBDS vulnerability and mitigation documentation (Mark Gross)  [Orabug: 31475612]  {CVE-2020-0543}
- x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Mark Gross)  [Orabug: 31475612]  {CVE-2020-0543}
- x86/cpu: Add 'table' argument to cpu_matches() (Mark Gross)  [Orabug: 31475612]  {CVE-2020-0543}
- x86/cpu: Add a steppings field to struct x86_cpu_id (Mark Gross)  [Orabug: 31475612]  {CVE-2020-0543}
- x86/cpu: Rename cpu_data.x86_mask to cpu_data.x86_stepping (Jia Zhang)  [Orabug: 31475612]  {CVE-2020-0543}

[4.1.12-124.40.2.el6uek]
- MCE: Restrict MCE banks to 6 on AMD platform (Zhenzhong Duan)  [Orabug: 30000521]
- can: peak_usb: fix slab info leak (Johan Hovold)  [Orabug: 31351141]  {CVE-2019-19534}
- can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices (Tomas Bortoli)  [Orabug: 31351250]  {CVE-2019-19536}
- xfs: fix freeze hung (Junxiao Bi)  [Orabug: 31430876]

[4.1.12-124.40.1.el6uek]
- iscsi_target: fix mismatch spinlock unlock (Junxiao Bi)  [Orabug: 31202372]

More information about the Oraclevm-errata mailing list