ELSA-2018-0512
- ULN >
- Oracle Linux Errata repository >
- ELSA-2018-0512
ELSA-2018-0512 - kernel security and bug fix update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2018-03-14 |
Description
[2.6.32-696.23.1.OL6]
- Update genkey [bug 25599697]
[2.6.32-696.23.1]
- [scsi] avoid a permanent stop of the scsi device's request queue (Ewan Milne) [1519857 1513455]
- [x86] retpoline/hyperv: Convert assembler indirect jumps (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: Upgrade GCC retpoline warning to an error for brew builds (Waiman Long) [1543022 1535645]
- [x86] retpoline: Don't use kernel indirect thunks in vsyscalls (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: Add a read-only retp_enabled debugfs knob (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: detect unretpolined modules (Waiman Long) [1543022 1535645]
- [x86] retpoline/ACPI: Convert indirect jump in wakeup code (Waiman Long) [1543022 1535645]
- [x86] retpoline/efi: Convert stub indirect calls & jumps (Waiman Long) [1543022 1535645]
- [watchdog] hpwdt: remove indirect call in drivers/watchdog/hpwdt.c (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: cleanup __ptrace_may_access (Waiman Long) [1543022 1535645]
- [x86] bugs: Drop one 'mitigation' from dmesg (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: fix ptrace IBPB optimization (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: Avoid returns in IBRS-disabled regions (Waiman Long) [1543022 1535645]
- [x86] spectre/meltdown: avoid the vulnerability directory to weaken kernel security (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: Update spec_ctrl.txt and kernel-parameters.txt (Waiman Long) [1543022 1535645]
- [x86] Use IBRS for firmware update path (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: stuff RSB on context switch with SMEP enabled (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: use upstream RSB stuffing function (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: add ibrs_enabled=3 (ibrs_user) (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: Integrate IBRS with retpoline (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: print features changed by microcode loading (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: refactor the init and microcode loading paths (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: move initialization of X86_FEATURE_IBPB_SUPPORT (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: remove SPEC_CTRL_PCP_IBPB bit (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: remove ibrs_enabled variable (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: add ibp_disabled variable (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: add X86_FEATURE_IBP_DISABLE (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: remove IBP disable for AMD model 0x16 (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: remove performance measurements from documentation (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: make ipbp_enabled read-only (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: remove ibpb_enabled=2 mode (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: Enable spec_ctrl functions for x86-32 (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: move vmexit rmb in the last branch before IBRS (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: satisfy the barrier like semantics of IBRS (Waiman Long) [1543022 1535645]
- [x86] spectre_v1: Mark it as mitigated (Waiman Long) [1543022 1535645]
- [x86] pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown (Waiman Long) [1543022 1535645]
- [x86] mce: Make machine check speculation protected (Waiman Long) [1543022 1535645]
- [x86] retpoline: Add LFENCE to the retpoline/RSB filling RSB macros (Waiman Long) [1543022 1535645]
- [x86] retpoline: Fill return stack buffer on vmexit (Waiman Long) [1543022 1535645]
- [x86] retpoline/irq32: Convert assembler indirect jumps (Waiman Long) [1543022 1535645]
- [x86] retpoline/checksum32: Convert assembler indirect jumps (Waiman Long) [1543022 1535645]
- [x86] retpoline/entry: Convert entry assembler indirect (Waiman Long) [1543022 1535645]
- [x86] retpoline/crypto: Convert crypto assembler indirect jumps (Waiman Long) [1543022 1535645]
- [x86] spectre: Add boot time option to select Spectre v2 mitigation (Waiman Long) [1543022 1535645]
- [x86] retpoline: Add initial retpoline support (Waiman Long) [1543022 1535645]
- [x86] cpu: Implement CPU vulnerabilites sysfs functions (Waiman Long) [1543022 1535645]
- [base] sysfs/cpu: Add vulnerability folder (Waiman Long) [1543022 1535645]
- [x86] cpufeatures: Add X86_BUG_SPECTRE_V[12] (Waiman Long) [1543022 1535645]
- [x86] pti: Add the pti= cmdline option and documentation (Waiman Long) [1543022 1535645]
- [x86] cpufeatures: Add X86_BUG_CPU_MELTDOWN (Waiman Long) [1543022 1535645]
- [x86] pti: Rename CONFIG_KAISER to CONFIG_PAGE_TABLE_ISOLATION (Waiman Long) [1543022 1535645]
- [x86] cpu: Expand cpufeature facility to include cpu bugs (Waiman Long) [1543022 1535645]
- [x86] cpu: Merge bugs.c and bugs_64.c (Waiman Long) [1543022 1535645]
- [x86] cpu/intel: Introduce macros for Intel family numbers (Waiman Long) [1543022 1535645]
- [x86] alternatives: Add missing '\n' at end of ALTERNATIVE inline asm (Waiman Long) [1543022 1535645]
- [x86] alternatives: Fix alt_max_short macro to really be a max() (Waiman Long) [1543022 1535645]
- [x86] asm: Make asm/alternative.h safe from assembly (Waiman Long) [1543022 1535645]
- [x86] alternatives: Document macros (Waiman Long) [1543022 1535645]
- [x86] alternatives: Fix ALTERNATIVE_2 padding generation properly (Waiman Long) [1543022 1535645]
- [x86] alternatives: Add instruction padding (Waiman Long) [1543022 1535645]
(Waiman Long) [1543022 1535645]
- [x86] alternative: Use .pushsection/.popsection (Waiman Long) [1543022 1535645]
- [x86] copy_user_generic: Optimize copy_user_generic with CPU erms feature (Waiman Long) [1543022 1535645]
- [x86] Make .altinstructions bit size neutral (Waiman Long) [1543022 1535645]
- [x86] pti: Rework the trampoline stack switching code (Waiman Long) [1543022 1535645]
- [x86] pti: Disable interrupt before trampoline stack switching (Waiman Long) [1543022 1535645]
[2.6.32-696.22.1]
- [mm] add cpu_relax() to 'dont return 0 too early' patch (Ian Kent) [1527811 988988]
- [mm] don't return 0 too early from find_get_pages() (Ian Kent) [1527811 988988]
- [crypto] cryptd: Add cryptd_max_cpu_qlen module parameter (Jon Maxwell) [1527802 1503322]
- [powerpc] spinlock: add gmb memory barrier (Mauricio Oliveira) [1531720 1538543]
- [powerpc] Prevent Meltdown attack with L1-D$ flush (Mauricio Oliveira) [1531720 1538543]
- [s390] vtime: turn BP on when going idle (Hendrik Brueckner) [1532733 1538542]
- [s390] cpuinfo: show facilities as reported by stfle (Hendrik Brueckner) [1532733 1538542]
- [s390] kconfigs: turn off SHARED_KERNEL support for s390 (Hendrik Brueckner) [1532733 1538542]
- [s390] add ppa to system call and program check path (Hendrik Brueckner) [1532733 1538542]
- [s390] spinlock: add gmb memory barrier (Hendrik Brueckner) [1532733 1538542]
- [s390] introduce CPU alternatives (Hendrik Brueckner) [1532733 1538542]
[2.6.32-696.21.1]
- [fs] sunrpc: Revert 'sunrpc: always treat the invalid cache as unexpired' (Thiago Becker) [1535938 1532786]
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 6 (i386) | kernel-2.6.32-696.23.1.el6.src.rpm | 460a9cbf54c6c99a5fdec7ed011421cb | ELSA-2021-9212 |
| kernel-2.6.32-696.23.1.el6.i686.rpm | 4b406035d5290aac9a54513bd252653a | ELSA-2021-9212 | |
| kernel-abi-whitelists-2.6.32-696.23.1.el6.noarch.rpm | 214008e3b8282ebd1a349c3a3849a0da | ELSA-2021-9212 | |
| kernel-debug-2.6.32-696.23.1.el6.i686.rpm | e3ff44d3d74731604abc1bb327a97583 | ELSA-2021-9212 | |
| kernel-debug-devel-2.6.32-696.23.1.el6.i686.rpm | b4fc7d8f7ad7cf19c2bd669a85da2617 | ELSA-2021-9212 | |
| kernel-devel-2.6.32-696.23.1.el6.i686.rpm | 09aa0b0c8eb8fce814b477f5a69a55ba | ELSA-2021-9212 | |
| kernel-doc-2.6.32-696.23.1.el6.noarch.rpm | 9203926085e3fc1c33d5b7b4a9869a49 | ELSA-2021-9212 | |
| kernel-firmware-2.6.32-696.23.1.el6.noarch.rpm | e3f38f3de7b10a6a95509ce8067f1d60 | ELSA-2021-9212 | |
| kernel-headers-2.6.32-696.23.1.el6.i686.rpm | 1b8f7452e079c8d40b41b823dca0d91f | ELSA-2021-9212 | |
| perf-2.6.32-696.23.1.el6.i686.rpm | fc6839138256f57e1b6a27894b069dfb | ELSA-2021-9212 | |
| python-perf-2.6.32-696.23.1.el6.i686.rpm | 9522dde7c5e7a947515b332e7a7efa63 | ELSA-2021-9212 | |
| Oracle Linux 6 (x86_64) | kernel-2.6.32-696.23.1.el6.src.rpm | 460a9cbf54c6c99a5fdec7ed011421cb | ELSA-2021-9212 |
| kernel-2.6.32-696.23.1.el6.x86_64.rpm | a256328b0e2cccaf55dbb218eab08b39 | ELSA-2021-9212 | |
| kernel-abi-whitelists-2.6.32-696.23.1.el6.noarch.rpm | 214008e3b8282ebd1a349c3a3849a0da | ELSA-2021-9212 | |
| kernel-debug-2.6.32-696.23.1.el6.x86_64.rpm | 8534d8592816f8f4e4918e8ce17a0452 | ELSA-2021-9212 | |
| kernel-debug-devel-2.6.32-696.23.1.el6.i686.rpm | b4fc7d8f7ad7cf19c2bd669a85da2617 | ELSA-2021-9212 | |
| kernel-debug-devel-2.6.32-696.23.1.el6.x86_64.rpm | 664bbcb6d8a4e41bceb57d5a7ab566f1 | ELSA-2021-9212 | |
| kernel-devel-2.6.32-696.23.1.el6.x86_64.rpm | 4d1ef81c82e247f0ea7efaceae10e361 | ELSA-2021-9212 | |
| kernel-doc-2.6.32-696.23.1.el6.noarch.rpm | 9203926085e3fc1c33d5b7b4a9869a49 | ELSA-2021-9212 | |
| kernel-firmware-2.6.32-696.23.1.el6.noarch.rpm | e3f38f3de7b10a6a95509ce8067f1d60 | ELSA-2021-9212 | |
| kernel-headers-2.6.32-696.23.1.el6.x86_64.rpm | f5bb467fd683fa39acaf033871b39614 | ELSA-2021-9212 | |
| perf-2.6.32-696.23.1.el6.x86_64.rpm | b81d5040ccf9f280d13b60e8c394ce99 | ELSA-2021-9212 | |
| python-perf-2.6.32-696.23.1.el6.x86_64.rpm | 7d959111e7e6a46b9db7329cec364d68 | ELSA-2021-9212 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
