ELSA-2018-3651

ELSA-2018-3651 - kernel security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2018-11-27

Description


[3.10.0-957.1.3.el7.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_
key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [bug 24817676]

[3.10.0-957.1.3.el7]
- [x86] Mark Intel Cascade Lake supported (Steve Best) [1650213 1639980]

[3.10.0-957.1.2.el7]
- [net] rtnetlink: give a user socket to get_target_net() (Jiri Benc) [1639635 1630694] {CVE-2018-14646}
- [net] Add variants of capable for use on on sockets (Jiri Benc) [1639635 1630694] {CVE-2018-14646}

[3.10.0-957.1.1.el7]
- [x86] boot: Fix kexec booting failure in the SEV bit detection code (Kairui Song) [1644990 1628828]
- [net] 8021q: create device with all possible features in wanted_features (Davide Caratti) [1644675 1640645]
- [mm] memcontrol: fix high scheduling latency source in mem_cgroup_reparent_charges (Andrea Arcangeli) [1644673 1632898]
- [kernel] cpuset: use trialcs->mems_allowed as a temp variable (Aristeu Rozanski) [1644236 1613248]
- [kernel] cpuset: fix a warning when clearing configured masks in old hierarchy (Aristeu Rozanski) [1644236 1613248]
- [kernel] cpuset: initialize effective masks when clone_children is enabled (Aristeu Rozanski) [1644236 1613248]
- [x86] efi: Only load initrd above 4g on second try (Lenny Szubowicz) [1643359 1608955]
- [x86] efi: Support initrd loaded above 4G (Lenny Szubowicz) [1643359 1608955]
- [x86] efi: Generalize handle_ramdisks() and rename to handle_cmdline_files() (Lenny Szubowicz) [1643359 1608955]
- [kernel] sched/fair: Fix throttle_list starvation with low CFS quota (Phil Auld) [1640675 1601153]
- [target] scsi: iscsi: Use bin2hex instead of a re-implementation (Maurizio Lombardi) [1634711 1627034] {CVE-2018-14633}
- [target] scsi: iscsi: Use hex2bin instead of a re-implementation (Maurizio Lombardi) [1634711 1627034] {CVE-2018-14633}


Related CVEs


CVE-2018-14633
CVE-2018-14646

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) kernel-3.10.0-957.1.3.el7.src.rpm5571e9cb1828dc34eba2ee4b19b33345-
bpftool-3.10.0-957.1.3.el7.x86_64.rpm4b1988fb1923fffb906013662d00e3fb-
kernel-3.10.0-957.1.3.el7.x86_64.rpmfc96fd48f2c39f69667ebaa6981c1ed1-
kernel-abi-whitelists-3.10.0-957.1.3.el7.noarch.rpmbd84324669a9dc08feb11ba285f1dd08-
kernel-debug-3.10.0-957.1.3.el7.x86_64.rpm7eb5d303af1dac039ea4d87820c34564-
kernel-debug-devel-3.10.0-957.1.3.el7.x86_64.rpm994d58ec680be16493689ff9336b97a4-
kernel-devel-3.10.0-957.1.3.el7.x86_64.rpmc06085d25b7114cf7f18994abcb868ec-
kernel-doc-3.10.0-957.1.3.el7.noarch.rpma555fbbb3ee67b706b6601e2ac1cc752-
kernel-headers-3.10.0-957.1.3.el7.x86_64.rpm560210e59d2ea7bbef9274b3860097f7-
kernel-tools-3.10.0-957.1.3.el7.x86_64.rpm33016a3f6889b2399f701078a64efe4e-
kernel-tools-libs-3.10.0-957.1.3.el7.x86_64.rpm9ed9d652ff4d2aafe8ab2e6838901504-
kernel-tools-libs-devel-3.10.0-957.1.3.el7.x86_64.rpme8ed1f69f05721370211ed0d612ac1d2-
perf-3.10.0-957.1.3.el7.x86_64.rpm79cf5aa2c962aa458ae6ccbd72d626e1-
python-perf-3.10.0-957.1.3.el7.x86_64.rpma78e36366af2075c1a5921eb98a7d2a0-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete