ELSA-2018-4265

ELSA-2018-4265 - Unbreakable Enterprise kernel security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2018-11-06

Description


[4.1.12-124.21.1]
- hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:447! (Mike Kravetz) [Orabug: 28839992]
- scsi: libsas: fix memory leak in sas_smp_get_phy_events() (Jason Yan) [Orabug: 27927687] {CVE-2018-7757}
- KVM: vmx: shadow more fields that are read/written on every vmexits (Paolo Bonzini) [Orabug: 28581045]
- vhost/scsi: Use common handling code in request queue handler (Bijan Mottahedeh) [Orabug: 28775573]
- vhost/scsi: Extract common handling code from control queue handler (Bijan Mottahedeh) [Orabug: 28775573]
- vhost/scsi: Respond to control queue operations (Bijan Mottahedeh) [Orabug: 28775573]

[4.1.12-124.20.8]
- scsi: lpfc: devloss timeout race condition caused null pointer reference (James Smart) [Orabug: 27994179]
- scsi: qla2xxx: Fix race condition between iocb timeout and initialisation (Ben Hutchings) [Orabug: 28013813]
- i40e: Add programming descriptors to cleaned_count (Alexander Duyck) [Orabug: 28228724]
- i40e: Fix memory leak related filter programming status (Alexander Duyck) [Orabug: 28228724]
- xen-swiotlb: use actually allocated size on check physical continuous (Joe Jin) [Orabug: 28258102]
- Revert 'Revert 'xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent'' (Dongli Zhang) [Orabug: 28258102]
- net/mlx4_en: fix potential use-after-free with dma_unmap_page (Sarah Newman) [Orabug: 28376051]
- ocfs2: fix ocfs2 read block panic (Junxiao Bi) [Orabug: 28580543]
- block: fix bdi vs gendisk lifetime mismatch (Dan Williams) [Orabug: 28645416]
- e1000e: Fix link check race condition (Benjamin Poirier) [Orabug: 28716958]
- Revert 'e1000e: Separate signaling for link check/link up' (Benjamin Poirier) [Orabug: 28716958]
- e1000e: Avoid missed interrupts following ICR read (Benjamin Poirier) [Orabug: 28716958]
- e1000e: Fix queue interrupt re-raising in Other interrupt (Benjamin Poirier) [Orabug: 28716958]
- Partial revert 'e1000e: Avoid receiver overrun interrupt bursts' (Benjamin Poirier) [Orabug: 28716958]
- e1000e: Remove Other from EIAC (Benjamin Poirier) [Orabug: 28716958]
- Fix error code in nfs_lookup_verify_inode() (Lance Shelton) [Orabug: 28789030]
- workqueue: Allow modifying low level unbound workqueue cpumask (Lai Jiangshan) [Orabug: 28813166]
- workqueue: Create low-level unbound workqueues cpumask (Frederic Weisbecker) [Orabug: 28813166]
- scsi: sg: mitigate read/write abuse (Jann Horn) [Orabug: 28824718] {CVE-2017-13168}


Related CVEs


CVE-2018-7757
CVE-2017-13168

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (x86_64) kernel-uek-4.1.12-124.21.1.el6uek.src.rpmadf8a97147b7a4adcb42370f9ca4db41ELSA-2021-9215
kernel-uek-4.1.12-124.21.1.el6uek.x86_64.rpm933ffd7cf2d3795721d558e695d4d220ELSA-2021-9215
kernel-uek-debug-4.1.12-124.21.1.el6uek.x86_64.rpmd77559e4882d697d55603f73e2054a4aELSA-2021-9215
kernel-uek-debug-devel-4.1.12-124.21.1.el6uek.x86_64.rpm3278e44fb0f159f9bbaa9682ff78c4e4ELSA-2021-9215
kernel-uek-devel-4.1.12-124.21.1.el6uek.x86_64.rpmc21761f8fb4ab1db0d1e40803f39f117ELSA-2021-9215
kernel-uek-doc-4.1.12-124.21.1.el6uek.noarch.rpmf957b2adf293ab1345de1aedc01d57f4ELSA-2021-9215
kernel-uek-firmware-4.1.12-124.21.1.el6uek.noarch.rpmce9a91a8df02285029a3d853764e54c3ELSA-2021-9215
Oracle Linux 7 (x86_64) kernel-uek-4.1.12-124.21.1.el7uek.src.rpma3f93bc1f79611141aae2eb69015452bELSA-2021-9220
kernel-uek-4.1.12-124.21.1.el7uek.x86_64.rpm9f9753245efb776bc4e0457f7cc1bef1ELSA-2021-9220
kernel-uek-debug-4.1.12-124.21.1.el7uek.x86_64.rpm640f0960ccbd7c57c39ac5d179c34e32ELSA-2021-9220
kernel-uek-debug-devel-4.1.12-124.21.1.el7uek.x86_64.rpmd6684852f5de4e5233dae30a0840895cELSA-2021-9220
kernel-uek-devel-4.1.12-124.21.1.el7uek.x86_64.rpmc8923df529d51bf84f21e09f466449cfELSA-2021-9220
kernel-uek-doc-4.1.12-124.21.1.el7uek.noarch.rpmc6ee8a939f5ff8c1afd4f2fa22bd20f7ELSA-2021-9220
kernel-uek-firmware-4.1.12-124.21.1.el7uek.noarch.rpm3300613a5ce64fa61a5fd66712819171ELSA-2021-9215



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete