ELSA-2019-4510

ELSA-2019-4510 - Unbreakable Enterprise kernel security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2019-01-15

Description


[4.1.12-124.24.3]
- ext4: update i_disksize when new eof exceeds it (Shan Hai) [Orabug: 28940828]
- ext4: update i_disksize if direct write past ondisk size (Eryu Guan) [Orabug: 28940828]
- ext4: protect i_disksize update by i_data_sem in direct write path (Eryu Guan) [Orabug: 28940828]
- ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c (Hui Peng) [Orabug: 29042981] {CVE-2018-19824}
- ALSA: usb-audio: Replace probing flag with active refcount (Takashi Iwai) [Orabug: 29042981] {CVE-2018-19824}
- ALSA: usb-audio: Avoid nested autoresume calls (Takashi Iwai) [Orabug: 29042981] {CVE-2018-19824}
- ext4: validate that metadata blocks do not overlap superblock (Theodore Ts'o) [Orabug: 29114440] {CVE-2018-1094}
- ext4: update inline int ext4_has_metadata_csum(struct super_block *sb) (John Donnelly) [Orabug: 29114440] {CVE-2018-1094}
- ext4: always initialize the crc32c checksum driver (Theodore Ts'o) [Orabug: 29114440] {CVE-2018-1094} {CVE-2018-1094}
- Revert 'bnxt_en: Reduce default rings on multi-port cards.' (Brian Maly) [Orabug: 28687746]
- mlx4_core: Disable P_Key Violation Traps (Hakon Bugge) [Orabug: 27693633]
- rds: RDS connection does not reconnect after CQ access violation error (Venkat Venkatsubra) [Orabug: 28733324]

[4.1.12-124.24.2]
- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL (KarimAllah Ahmed) [Orabug: 28069548]
- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL - reloaded (Mihai Carabas) [Orabug: 28069548]
- KVM/x86: Add IBPB support (Ashok Raj) [Orabug: 28069548]
- KVM: x86: pass host_initiated to functions that read MSRs (Paolo Bonzini) [Orabug: 28069548]
- KVM: VMX: make MSR bitmaps per-VCPU (Paolo Bonzini) [Orabug: 28069548]
- KVM: VMX: introduce alloc_loaded_vmcs (Paolo Bonzini) [Orabug: 28069548]
- KVM: nVMX: Eliminate vmcs02 pool (Jim Mattson) [Orabug: 28069548]
- KVM: nVMX: fix msr bitmaps to prevent L2 from accessing L0 x2APIC (Radim Krcmar) [Orabug: 28069548]
- ocfs2: dont clear bh uptodate for block read (Junxiao Bi) [Orabug: 28762940]
- ocfs2: clear journal dirty flag after shutdown journal (Junxiao Bi) [Orabug: 28924775]
- ocfs2: fix panic due to unrecovered local alloc (Junxiao Bi) [Orabug: 28924775]
- net: rds: fix rds_ib_sysctl_max_recv_allocation error (Zhu Yanjun) [Orabug: 28947481]
- x86/speculation: Always disable IBRS in disable_ibrs_and_friends() (Alejandro Jimenez) [Orabug: 29139710]


Related CVEs


CVE-2018-1094
CVE-2018-19824

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (x86_64) kernel-uek-4.1.12-124.24.3.el6uek.src.rpmdeca8c13af2c9a6133c57c2268380aefELSA-2021-9215
kernel-uek-4.1.12-124.24.3.el6uek.x86_64.rpmc9b718846f102388260e391c62deea44ELSA-2021-9215
kernel-uek-debug-4.1.12-124.24.3.el6uek.x86_64.rpm9fdab53044b193e981f3ba75993f7b59ELSA-2021-9215
kernel-uek-debug-devel-4.1.12-124.24.3.el6uek.x86_64.rpm8455a96b118f95323cc036ed0bb002c6ELSA-2021-9215
kernel-uek-devel-4.1.12-124.24.3.el6uek.x86_64.rpm0790ba1f24c5ac43e5dbc0aa2335e31dELSA-2021-9215
kernel-uek-doc-4.1.12-124.24.3.el6uek.noarch.rpm1cf5732c8d67f24afa22cf5694a2dc2aELSA-2021-9215
kernel-uek-firmware-4.1.12-124.24.3.el6uek.noarch.rpm3bd2e19068311ac9d9df0efd2f18cae0ELSA-2021-9215
Oracle Linux 7 (x86_64) kernel-uek-4.1.12-124.24.3.el7uek.src.rpm383aa3eace1bda58096022c08d0867b9ELSA-2021-9220
kernel-uek-4.1.12-124.24.3.el7uek.x86_64.rpm32498413e8a3490a87e15d6a8cdafe4fELSA-2021-9220
kernel-uek-debug-4.1.12-124.24.3.el7uek.x86_64.rpm35de34b7f6c9475b3d3700f901a63bfeELSA-2021-9220
kernel-uek-debug-devel-4.1.12-124.24.3.el7uek.x86_64.rpm969102f52c85a0f47ee3d95d5bc32284ELSA-2021-9220
kernel-uek-devel-4.1.12-124.24.3.el7uek.x86_64.rpmd81057ef3c242b506b6eddf50b2d78efELSA-2021-9220
kernel-uek-doc-4.1.12-124.24.3.el7uek.noarch.rpmcd9c7464881b8a3b026cea4e043e32a3ELSA-2021-9220
kernel-uek-firmware-4.1.12-124.24.3.el7uek.noarch.rpm6432db49cb5b5afbf71e73f142fd7a6bELSA-2021-9215



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete