ELSA-2019-4629
- ULN >
- Oracle Linux Errata repository >
- ELSA-2019-4629
ELSA-2019-4629 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2019-05-14 |
Description
[4.1.12-124.26.12]
- x86/mds: Add empty commit for CVE-2019-11091 (Konrad Rzeszutek Wilk) [Orabug: 29721935] {CVE-2019-11091}
- x86/microcode: Add loader version file in debugfs (Boris Ostrovsky) [Orabug: 29754165]
- x86/microcode: Fix CPU synchronization routine (Borislav Petkov) [Orabug: 29754165]
- x86/microcode: Synchronize late microcode loading (Borislav Petkov) [Orabug: 29754165]
[4.1.12-124.26.11]
- x86/speculation: Support 'mitigations=' cmdline option (Josh Poimboeuf) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- cpu/speculation: Add 'mitigations=' cmdline option (Josh Poimboeuf) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Konrad Rzeszutek Wilk) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Fix comment (Boris Ostrovsky) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: update mds_mitigation to reflect debugfs configuration (Mihai Carabas) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: fix microcode late loading (Mihai Carabas) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add boot option to enable MDS protection only while in idle (Boris Ostrovsky) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Improve coverage for MDS vulnerability (Boris Ostrovsky) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add SMT warning message (Josh Poimboeuf) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mds=full,nosmt cmdline option (Josh Poimboeuf) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- Documentation: Add MDS vulnerability documentation (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- Documentation: Move L1TF to separate directory (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mitigation mode VMWERV (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add debugfs for controlling MDS (Kanth Ghatraju) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add sysfs reporting for MDS (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mitigation control for MDS (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Clear CPU buffers on exit to user (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mds_clear_cpu_buffers() (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Andi Kleen) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add BUG_MSBDS_ONLY (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add basic bug infrastructure for MDS (Andi Kleen) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127} {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation: Consolidate CPU whitelists (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/msr-index: Cleanup bit defines (Thomas Gleixner) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- Documentation/l1tf: Fix small spelling typo (Salvatore Bonaccorso) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation: Simplify the CPU bug detection logic (Dominik Brodowski) [Orabug: 29526900] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
Related CVEs
| CVE-2018-12126 |
| CVE-2018-12130 |
| CVE-2018-12127 |
| CVE-2019-11091 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 6 (x86_64) | kernel-uek-4.1.12-124.26.12.el6uek.src.rpm | 7941e97474504c5b1cd5678dd5a327a9 | ELSA-2021-9215 |
| kernel-uek-4.1.12-124.26.12.el6uek.x86_64.rpm | 18204cc2758c22abb991d83cdd3fc69e | ELSA-2021-9215 | |
| kernel-uek-debug-4.1.12-124.26.12.el6uek.x86_64.rpm | dd4eb87d078c3ee4b009ce9114c40a76 | ELSA-2021-9215 | |
| kernel-uek-debug-devel-4.1.12-124.26.12.el6uek.x86_64.rpm | 0684ffa04aeecc57ee92998b621d53d9 | ELSA-2021-9215 | |
| kernel-uek-devel-4.1.12-124.26.12.el6uek.x86_64.rpm | c9407918ef8b642ad0126d8cb1a36d9f | ELSA-2021-9215 | |
| kernel-uek-doc-4.1.12-124.26.12.el6uek.noarch.rpm | df510e00320fcc5d1a392f4d80066c45 | ELSA-2021-9215 | |
| kernel-uek-firmware-4.1.12-124.26.12.el6uek.noarch.rpm | 5ec4a963ce0f3f857f7c4f1a2faad5df | ELSA-2021-9215 | |
| Oracle Linux 7 (x86_64) | kernel-uek-4.1.12-124.26.12.el7uek.src.rpm | 678846620f1f469263d8fc2cb651c3e2 | ELSA-2021-9220 |
| kernel-uek-4.1.12-124.26.12.el7uek.x86_64.rpm | fae67d940a1e3be9373dee60a0d03377 | ELSA-2021-9220 | |
| kernel-uek-debug-4.1.12-124.26.12.el7uek.x86_64.rpm | 932c0be5e9c560bc4b74827c89ab3f0b | ELSA-2021-9220 | |
| kernel-uek-debug-devel-4.1.12-124.26.12.el7uek.x86_64.rpm | 0cc40a3496e0cd2663b2e5ac99efcea5 | ELSA-2021-9220 | |
| kernel-uek-devel-4.1.12-124.26.12.el7uek.x86_64.rpm | 688f8fa625d35079eb12593ca9dc1ece | ELSA-2021-9220 | |
| kernel-uek-doc-4.1.12-124.26.12.el7uek.noarch.rpm | 945abd1ca862e377a61adac8a7b50a75 | ELSA-2021-9220 | |
| kernel-uek-firmware-4.1.12-124.26.12.el7uek.noarch.rpm | cdf0117f02dba1bd66f0ae0a3d6caa00 | ELSA-2021-9215 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
