ELSA-2018-4126

ELSA-2018-4126 - Unbreakable Enterprise kernel security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2018-06-07

Description


[4.1.12-124.15.4]
- x86/bugs/IBRS: Keep SSBD mitigation in effect if spectre_v2=ibrs is selected (Mihai Carabas)
- fs/pstore: update the backend parameter in pstore module (Wang Long) [Orabug: 27994372]
- kvm: vmx: Reinstate support for CPUs without virtual NMI (Paolo Bonzini) [Orabug: 28041210]
- dm crypt: add big-endian variant of plain64 IV (Milan Broz) [Orabug: 28043932]
- x86/bugs: Rename SSBD_NO to SSB_NO (Konrad Rzeszutek Wilk) [Orabug: 28063992] {CVE-2018-3639}
- KVM: SVM: Implement VIRT_SPEC_CTRL support for SSBD (Tom Lendacky) [Orabug: 28063992] [Orabug: 28069548] {CVE-2018-3639}
- x86/speculation, KVM: Implement support for VIRT_SPEC_CTRL/LS_CFG (Thomas Gleixner) [Orabug: 28063992] {CVE-2018-3639}
- x86/bugs: Rework spec_ctrl base and mask logic (Thomas Gleixner) [Orabug: 28063992] {CVE-2018-3639}
- x86/bugs: Expose x86_spec_ctrl_base directly (Thomas Gleixner) [Orabug: 28063992] {CVE-2018-3639}
- x86/bugs: Unify x86_spec_ctrl_{set_guest,restore_host} (Borislav Petkov) [Orabug: 28063992] {CVE-2018-3639}
- x86/speculation: Rework speculative_store_bypass_update() (Thomas Gleixner) [Orabug: 28063992] {CVE-2018-3639}
- x86/speculation: Add virtualized speculative store bypass disable support (Tom Lendacky) [Orabug: 28063992] {CVE-2018-3639}
- x86/bugs, KVM: Extend speculation control for VIRT_SPEC_CTRL (Thomas Gleixner) [Orabug: 28063992] {CVE-2018-3639}
- x86/speculation: Handle HT correctly on AMD (Thomas Gleixner) [Orabug: 28063992] {CVE-2018-3639}
- x86/cpufeatures: Add FEATURE_ZEN (Thomas Gleixner) [Orabug: 28063992] {CVE-2018-3639}
- x86/cpu/AMD: Fix erratum 1076 (CPB bit) (Borislav Petkov) [Orabug: 28063992] {CVE-2018-3639}

[4.1.12-124.15.3]
- perf/hwbp: Simplify the perf-hwbp code, fix documentation (Linus Torvalds) [Orabug: 27947602] {CVE-2018-1000199}
- Revert 'perf/hwbp: Simplify the perf-hwbp code, fix documentation' (Brian Maly) [Orabug: 27947602]


Related CVEs


CVE-2018-1000199
CVE-2018-3639

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (x86_64) kernel-uek-4.1.12-124.15.4.el6uek.src.rpm120a64013296e22745c720d01cf7e56eELSA-2021-9215
kernel-uek-4.1.12-124.15.4.el6uek.x86_64.rpm51155a5a6b27033753c005abd656c3eeELSA-2021-9215
kernel-uek-debug-4.1.12-124.15.4.el6uek.x86_64.rpm07e6c7c3be8aed85b07ea84d8821755fELSA-2021-9215
kernel-uek-debug-devel-4.1.12-124.15.4.el6uek.x86_64.rpmd33c877535480a5319d749b5e56bd4fdELSA-2021-9215
kernel-uek-devel-4.1.12-124.15.4.el6uek.x86_64.rpm01526739aec6869762feac177158df25ELSA-2021-9215
kernel-uek-doc-4.1.12-124.15.4.el6uek.noarch.rpm91513865ad3ff5b6052958302c7ff893ELSA-2021-9215
kernel-uek-firmware-4.1.12-124.15.4.el6uek.noarch.rpmab8264f81f7480bbd88bfa13071bee05ELSA-2021-9215
Oracle Linux 7 (x86_64) kernel-uek-4.1.12-124.15.4.el7uek.src.rpm38f9382ecf29752b23fe52d10f741335ELSA-2021-9220
kernel-uek-4.1.12-124.15.4.el7uek.x86_64.rpm36ee821a2456367dfbeaff96cdd11861ELSA-2021-9220
kernel-uek-debug-4.1.12-124.15.4.el7uek.x86_64.rpmd79621dc77e4e14fe084d455305e7d44ELSA-2021-9220
kernel-uek-debug-devel-4.1.12-124.15.4.el7uek.x86_64.rpm3fbbedc94a21a5b6bdd5ab8f2d5cc1deELSA-2021-9220
kernel-uek-devel-4.1.12-124.15.4.el7uek.x86_64.rpm172e8f5b3edee8efde4406a9c4599e41ELSA-2021-9220
kernel-uek-doc-4.1.12-124.15.4.el7uek.noarch.rpmc74936ccbadf7a237a5bb6c1abcb9512ELSA-2021-9220
kernel-uek-firmware-4.1.12-124.15.4.el7uek.noarch.rpmb3170ddd8b9251b0e0e18c59ebfd73dbELSA-2021-9215



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete