Type: | SECURITY |
Severity: | IMPORTANT |
Release Date: | 2018-01-05 |
[4.1.12-112.14.5]
- x86/ibrs: Remove 'ibrs_dump' and remove the pr_debug (Konrad Rzeszutek Wilk) [Orabug: 27350825]
[4.1.12-112.14.4]
- kABI: Revert kABI: Make the boot_cpu_data look normal (Konrad Rzeszutek Wilk) {CVE-2017-5715}
[4.1.12-112.14.3]
- userns: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- udf: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- net: mpls: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- fs: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- ipv6: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- ipv4: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- Thermal/int340x: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- cw1200: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- qla2xxx: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- p54: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- carl9170: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- uvcvideo: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- bpf: prevent speculative execution in eBPF interpreter (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- locking/barriers: introduce new observable speculation barrier (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- x86/cpu/AMD: Make the LFENCE instruction serialized (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- kABI: Make the boot_cpu_data look normal. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- kernel.spec: Require the new microcode_ctl. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715} {CVE-2017-5715}
- x86/microcode/AMD: Add support for fam17h microcode loading (Tom Lendacky) [Orabug: 27339995] {CVE-2017-5715}
- x86/spec_ctrl: Disable if running as Xen PV guest. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- Set IBPB when running a different VCPU (Dave Hansen) [Orabug: 27339995] {CVE-2017-5715}
- Clear the host registers after setbe (Jun Nakajima) [Orabug: 27339995] {CVE-2017-5715}
- Use the ibpb_inuse variable. (Jun Nakajima) [Orabug: 27339995] {CVE-2017-5715}
- KVM: x86: add SPEC_CTRL to MSR and CPUID lists (Andrea Arcangeli) [Orabug: 27339995] {CVE-2017-5715}
- kvm: vmx: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Paolo Bonzini) [Orabug: 27339995] {CVE-2017-5715}
- Use the 'ibrs_inuse' variable. (Jun Nakajima) [Orabug: 27339995] {CVE-2017-5715}
- kvm: svm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Andrea Arcangeli) [Orabug: 27339995] {CVE-2017-5715}
- x86/svm: Set IBPB when running a different VCPU (Paolo Bonzini) [Orabug: 27339995] {CVE-2017-5715}
- x86/kvm: Pad RSB on VM transition (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/cpu/AMD: Add speculative control support for AMD (Tom Lendacky) [Orabug: 27339995] {CVE-2017-5715}
- x86/microcode: Recheck IBRS and IBPB feature on microcode reload (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86: Move IBRS/IBPB feature detection to scattered.c (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/kvm: clear registers on VM exit (Tom Lendacky) [Orabug: 27339995] {CVE-2017-5715}
- x86/kvm: Set IBPB when switching VM (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- *INCOMPLETE* x86/syscall: Clear unused extra registers on syscall entrance (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/mm: Only set IBPB when the new thread cannot ptrace current thread (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/mm: Set IBPB upon context switch (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/spec_ctrl: save IBRS MSR value in paranoid_entry (Andrea Arcangeli) [Orabug: 27339995] {CVE-2017-5715}
- *Scaffolding* x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/enter: Use IBRS on syscall and interrupts (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86: Add macro that does not save rax, rcx, rdx on stack to disable IBRS (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/enter: MACROS to set/clear IBRS and set IBP (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/feature: Report presence of IBPB and IBRS control (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86: Add STIBP feature enumeration (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/cpufeature: Add X86_FEATURE_IA32_ARCH_CAPS and X86_FEATURE_IBRS_ATT (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/feature: Enable the x86 feature to control (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
CVE-2017-5715 |
CVE-2017-5753 |
Release/Architecture | Filename | MD5sum | Superseded By Advisory |
Oracle Linux 6 (x86_64) | kernel-uek-4.1.12-112.14.5.el6uek.src.rpm | 09f8c3a35caf53e640403035ec0de612 | ELSA-2021-9215 |
kernel-uek-4.1.12-112.14.5.el6uek.x86_64.rpm | 0eee1a0035f8fb01abc4889d982c58d3 | ELSA-2021-9215 | |
kernel-uek-debug-4.1.12-112.14.5.el6uek.x86_64.rpm | 23e1c03e0c93a006f9ae197a2a101dae | ELSA-2021-9215 | |
kernel-uek-debug-devel-4.1.12-112.14.5.el6uek.x86_64.rpm | 8ab7028e175e88ee770426f00ca539a7 | ELSA-2021-9215 | |
kernel-uek-devel-4.1.12-112.14.5.el6uek.x86_64.rpm | 9dc63dd05ef659fe04ff863e56a5cdcc | ELSA-2021-9215 | |
kernel-uek-doc-4.1.12-112.14.5.el6uek.noarch.rpm | 98d9966de34a3f118bfc065241aec68e | ELSA-2021-9215 | |
kernel-uek-firmware-4.1.12-112.14.5.el6uek.noarch.rpm | 9fdd5bbfc68d41376630f962fdd78d49 | ELSA-2021-9215 | |
Oracle Linux 7 (x86_64) | kernel-uek-4.1.12-112.14.5.el7uek.src.rpm | 0fd5a9b454215f15b1b6e2bde914e5e8 | ELSA-2021-9220 |
kernel-uek-4.1.12-112.14.5.el7uek.x86_64.rpm | 6327f9b520ef1cf34a43548c6eb5a1f6 | ELSA-2021-9220 | |
kernel-uek-debug-4.1.12-112.14.5.el7uek.x86_64.rpm | 12978bab80205577d13cb39dc6361b29 | ELSA-2021-9220 | |
kernel-uek-debug-devel-4.1.12-112.14.5.el7uek.x86_64.rpm | fc228d35c02c17617b001abbe79d8416 | ELSA-2021-9220 | |
kernel-uek-devel-4.1.12-112.14.5.el7uek.x86_64.rpm | 41554f633dec0c2a701540710aff925c | ELSA-2021-9220 | |
kernel-uek-doc-4.1.12-112.14.5.el7uek.noarch.rpm | 41f26f60cd21f3419af2f2263b161e4b | ELSA-2021-9220 | |
kernel-uek-firmware-4.1.12-112.14.5.el7uek.noarch.rpm | 61e1e5aba98c3fdb5adaeb5276c7b838 | ELSA-2021-9215 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team