ELSA-2018-0151

ELSA-2018-0151 - kernel security and bug fix update

Type:SECURITY
Severity:IMPORTANT
Release Date:2018-01-25

Description


- [3.10.0-693.17.1.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [bug 24817676]

[3.10.0-693.17.1]
- [s390] locking/barriers: remove old gmb() macro definition (Denys Vlasenko) [1519788 1519786]

[3.10.0-693.16.1]
- [x86] smpboot: Do not use smp_num_siblings in __max_logical_packages calculation (Prarit Bhargava) [1533022 1519503]
- [x86] topology: Add topology_max_smt_threads() (Prarit Bhargava) [1533022 1519503]
- [powerpc] spinlock: add gmb memory barrier (Jon Masters) [1519788 1519786] {CVE-2017-5753}
- [powerpc] Prevent Meltdown attack with L1-D$ flush (Jon Masters) [1519800 1519801] {CVE-2017-5754}
- [s390] add ppa to system call and program check path (Jon Masters) [1519795 1519798] {CVE-2017-5715}
- [s390] spinlock: add gmb memory barrier (Jon Masters) [1519788 1519786] {CVE-2017-5753}
- [s390] introduce CPU alternatives (Jon Masters) [1519795 1519798] {CVE-2017-5715}
- [x86] spec_ctrl: move vmexit rmb in the last branch before IBRS (Andrea Arcangeli) [1533373 1533250]
- [x86] spec_ctrl: satisfy the barrier like semantics of IBRS (Andrea Arcangeli) [1533373 1533250]
- [fs] userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails (Andrea Arcangeli) [1533372 1531287]
- [x86] kaiser/efi: unbreak tboot (Andrea Arcangeli) [1519795 1532989 1519798 1531559] {CVE-2017-5715}
- [x86] spec_ctrl: don't call ptrace_has_cap in the IBPB ctx switch optimization (Andrea Arcangeli) [1519795 1519798] {CVE-2017-5715}
- [x86] kaiser/efi: unbreak EFI old_memmap (Andrea Arcangeli) [1519795 1519798] {CVE-2017-5715}
- [x86] cpuidle_idle_call: fix double local_irq_enable() (Andrea Arcangeli) [1519795 1519798] {CVE-2017-5715}
- [x86] entry: Invoke TRACE_IRQS_IRETQ in paranoid_userspace_restore_all (Andrea Arcangeli) [1519795 1519798] {CVE-2017-5715}
- [x86] cpu: fix get_scattered_cpu_leaf sorting part #2 (Andrea Arcangeli) [1519795 1519798] {CVE-2017-5715}
- [x86] spec_ctrl: show added cpuid flags in /proc/cpuinfo after late microcode update (Andrea Arcangeli) [1519795 1519798] {CVE-2017-5715}
- [x86] cpu: fix get_scattered_cpu_leaf for IBPB feature (Paolo Bonzini) [1519795 1519798]


Related CVEs


CVE-2017-12192
CVE-2017-15649
CVE-2017-12193
CVE-2015-8539
CVE-2017-7472

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) kernel-3.10.0-693.17.1.el7.src.rpm0466913d50c98676d5a8bbb42c86547fELBA-2021-1397-1
kernel-3.10.0-693.17.1.el7.x86_64.rpmdc79e0d409d6e2fe50fc6aeeb9cb02f0ELBA-2021-1397-1
kernel-abi-whitelists-3.10.0-693.17.1.el7.noarch.rpm128288615e3cbfc63f10c9cd51418d94ELBA-2021-1397-1
kernel-debug-3.10.0-693.17.1.el7.x86_64.rpmfb4e3f8babf418e7ab0cfd35ef91fd5aELBA-2021-1397-1
kernel-debug-devel-3.10.0-693.17.1.el7.x86_64.rpm95da34405c919bc9fb1cc766f9797831ELBA-2021-1397-1
kernel-devel-3.10.0-693.17.1.el7.x86_64.rpm2d6b43efd3b8db873f0e35dacad7eb72ELBA-2021-1397-1
kernel-doc-3.10.0-693.17.1.el7.noarch.rpmfe9c6271563ab00a909e43d45e94a57dELBA-2021-1397-1
kernel-headers-3.10.0-693.17.1.el7.x86_64.rpmb13972f7abf810be7f8d194fc5f25f65ELBA-2021-1397-1
kernel-tools-3.10.0-693.17.1.el7.x86_64.rpmbba02aedeea172714ba1ee8e52ffe6b8ELBA-2021-1397-1
kernel-tools-libs-3.10.0-693.17.1.el7.x86_64.rpmcfb360fa28a086d5392e482f8899daaaELBA-2021-1397-1
kernel-tools-libs-devel-3.10.0-693.17.1.el7.x86_64.rpm0f3f6bbd8e2704b683495130103699f0ELBA-2021-1397-1
perf-3.10.0-693.17.1.el7.x86_64.rpmf2ecdd0f76d9de7885674278f8dbc333ELSA-2021-9220
python-perf-3.10.0-693.17.1.el7.x86_64.rpmb5f655c8603f542b74469e334ca3675fELSA-2021-9220



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete