ELSA-2018-4011

ELSA-2018-4011 - Unbreakable Enterprise kernel security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2018-01-12

Description


[4.1.12-112.14.11]
- x86/pti/efi: broken conversion from efi to kernel page table (Pavel Tatashin) [Orabug: 27363926] [Orabug: 27352353] {CVE-2017-5754}
- x86/spec: Always set IBRS to guest value on VMENTER and host on VMEXIT (redux) (Konrad Rzeszutek Wilk) [Orabug: 27369994]
- x86/IBRS: Make sure we restore MSR_IA32_SPEC_CTRL to a valid value (Boris Ostrovsky) [Orabug: 27362581]
- x86/IBRS/IBPB: Set sysctl_ibrs/ibpb_enabled properly (Boris Ostrovsky) [Orabug: 27363792]
- x86/spec_ctrl: Add missing 'lfence' when IBRS is not supported. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/entry_64: TRACE_IRQS_OFF before re-enabling. (Jamie Iles) [Orabug: 27339995] {CVE-2017-5715}
- ptrace: remove unlocked RCU dereference. (Jamie Iles) [Orabug: 27339995] {CVE-2017-5715}
- x86/ia32: Adds code hygiene for 32bit SYSCALL instruction entry. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/ia32: don't save registers on audit call (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/spec/ia32: Sprinkle IBRS and RSB at the 32-bit SYSCALL (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/ia32: Move STUFF_RSB And ENABLE_IBRS (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/spec: Always set IBRS to guest value on VMENTER and host on VMEXIT. (Konrad Rzeszutek Wilk) [Orabug: 27365544] {CVE-2017-5715}


Related CVEs



Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (x86_64) kernel-uek-4.1.12-112.14.11.el6uek.src.rpm9c71d2689bcb29fdb24c91ee3e01e803ELSA-2021-9215
kernel-uek-4.1.12-112.14.11.el6uek.x86_64.rpm3777bdedca3626d794d972456c80702eELSA-2021-9215
kernel-uek-debug-4.1.12-112.14.11.el6uek.x86_64.rpm03d4165564580f82b195af5c86d971d1ELSA-2021-9215
kernel-uek-debug-devel-4.1.12-112.14.11.el6uek.x86_64.rpm43a6445ab58a0bf4d896dc3502643031ELSA-2021-9215
kernel-uek-devel-4.1.12-112.14.11.el6uek.x86_64.rpmc5aa054171160dad7f09b301c7ae3914ELSA-2021-9215
kernel-uek-doc-4.1.12-112.14.11.el6uek.noarch.rpmaa439958e2bbde8c7da8498346574d1eELSA-2021-9215
kernel-uek-firmware-4.1.12-112.14.11.el6uek.noarch.rpm5e3ed3c170b89403f18a16408f8f43b4ELSA-2021-9215
Oracle Linux 7 (x86_64) kernel-uek-4.1.12-112.14.11.el7uek.src.rpm325b1536f8990198f3774100981ea674ELSA-2021-9220
kernel-uek-4.1.12-112.14.11.el7uek.x86_64.rpm8112a20674358dcbbec9027625f1bb1dELSA-2021-9220
kernel-uek-debug-4.1.12-112.14.11.el7uek.x86_64.rpm95bbf14d5ed3cabf6147cb009b3eed14ELSA-2021-9220
kernel-uek-debug-devel-4.1.12-112.14.11.el7uek.x86_64.rpm70a42675824db4634c068d3e495401a1ELSA-2021-9220
kernel-uek-devel-4.1.12-112.14.11.el7uek.x86_64.rpm4528fcaf8764051d06ebd1c9004ffbdeELSA-2021-9220
kernel-uek-doc-4.1.12-112.14.11.el7uek.noarch.rpm16d10a839cf79767000a82c68c721392ELSA-2021-9220
kernel-uek-firmware-4.1.12-112.14.11.el7uek.noarch.rpmdd8d5a1fa8b9ac0a3635e766b234ed78ELSA-2021-9215



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete