ELSA-2019-4669

ELSA-2019-4669 - Unbreakable Enterprise kernel security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2019-05-31

Description


[4.1.12-124.27.2]
- x86/speculation/mds: Check for the right microcode before setting mitigation (Kanth Ghatraju) [Orabug: 29797118]
- vxlan: test dev->flags & IFF_UP before accessing vxlan->dev->dev_addr (Venkat Venkatsubra) [Orabug: 29710939]
- vxlan: test dev->flags & IFF_UP before calling gro_cells_receive() (Eric Dumazet) [Orabug: 29710939]
- nvme: allow timed-out ios to retry (James Smart) [Orabug: 29301607]
- rds: Introduce a pool of worker threads for connection management (Hakon Bugge) [Orabug: 29391909]
- rds: Use rds_conn_path cp_wq when applicable (Hakon Bugge) [Orabug: 29391909]
- rds: ib: Implement proper cm_id compare (Hakon Bugge) [Orabug: 29391909]
- Revert 'net/rds: prevent RDS connections using stale ARP entries' (Hakon Bugge) [Orabug: 29391909]
- rds: ib: Flush ARP cache when needed (Hakon Bugge) [Orabug: 29391909]
- rds: Add simple heuristics to determine connect delay (Hakon Bugge) [Orabug: 29391909]
- rds: Fix one-sided connect (Hakon Bugge) [Orabug: 29391909]
- rds: Consolidate and align ftrace related to connection management (Hakon Bugge) [Orabug: 29391909]
- rds: ib: Fix gratuitous ARP storm (Hakon Bugge) [Orabug: 29391909]
- IB/mlx4: Increase the timeout for CM cache (Hakon Bugge) [Orabug: 29391909]
- kvm/speculation: Allow KVM guests to use SSBD even if host does not (Alejandro Jimenez) [Orabug: 29423804]
- x86/speculation: Keep enhanced IBRS on when spec_store_bypass_disable=on is used (Alejandro Jimenez) [Orabug: 29423804]
- x86/speculation: Clean up enhanced IBRS checks in bugs_64.c (Alejandro Jimenez) [Orabug: 29423804]
- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (Andrea Arcangeli) [Orabug: 29510356]
- bnxt_en: Reset device on RX buffer errors. (Michael Chan) [Orabug: 29651238]
- x86/mitigations: Fix the test for Xen PV guest (Boris Ostrovsky) [Orabug: 29774291]
- x86/speculation/mds: Fix verw usage to use memory operand (Kanth Ghatraju) [Orabug: 29791036] {CVE-2018-12127} {CVE-2018-12130}


Related CVEs


CVE-2018-12130
CVE-2018-12127

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (x86_64) kernel-uek-4.1.12-124.27.2.el6uek.src.rpm22608acf6c879e55f98b241f52ceb68dELSA-2021-9215
kernel-uek-4.1.12-124.27.2.el6uek.x86_64.rpm2dbe65afdec70eef9cc6f1d87ea8039eELSA-2021-9215
kernel-uek-debug-4.1.12-124.27.2.el6uek.x86_64.rpm48abd5cde2bece6a343db91f3d0d7ee8ELSA-2021-9215
kernel-uek-debug-devel-4.1.12-124.27.2.el6uek.x86_64.rpmed8c41374a589841a9f1fd77f039b90aELSA-2021-9215
kernel-uek-devel-4.1.12-124.27.2.el6uek.x86_64.rpm5b2c1428b182575b7f90f68e82e12373ELSA-2021-9215
kernel-uek-doc-4.1.12-124.27.2.el6uek.noarch.rpme6a07ede7eed753986da087eba904e0dELSA-2021-9215
kernel-uek-firmware-4.1.12-124.27.2.el6uek.noarch.rpm4b0f109acf68c7c499619c1dbc2a21f6ELSA-2021-9215
Oracle Linux 7 (x86_64) kernel-uek-4.1.12-124.27.2.el7uek.src.rpm1cfd6b311ec489829f9b30912eb9aacdELSA-2021-9220
kernel-uek-4.1.12-124.27.2.el7uek.x86_64.rpm9b0b696ae59da4fa794ab69d68c9af55ELSA-2021-9220
kernel-uek-debug-4.1.12-124.27.2.el7uek.x86_64.rpm1aa6868c5395b134a2bd6faff03a0e9cELSA-2021-9220
kernel-uek-debug-devel-4.1.12-124.27.2.el7uek.x86_64.rpmf2dd922aa740d716482c4dfca70faf0dELSA-2021-9220
kernel-uek-devel-4.1.12-124.27.2.el7uek.x86_64.rpmee2853ab04f7c2a11349594b3496f62bELSA-2021-9220
kernel-uek-doc-4.1.12-124.27.2.el7uek.noarch.rpm0d84f4f53dae651224599216668504b3ELSA-2021-9220
kernel-uek-firmware-4.1.12-124.27.2.el7uek.noarch.rpme24b7954a1a9302112206971a2e383d5ELSA-2021-9215



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete