ELSA-2018-4196

ULN >
Oracle Linux Errata repository >
ELSA-2018-4196

ELSA-2018-4196 - Unbreakable Enterprise kernel security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2018-08-14

Description

[4.1.12-124.18.5]
- inet: frag: enforce memory limits earlier (Eric Dumazet) [Orabug: 28450977]
- x86/mm/pageattr.c: fix page prot mask (Mihai Carabas) [Orabug: 28492122]
- x86/pgtable.h: fix PMD/PUD mask (Mihai Carabas) [Orabug: 28492122]
- x86/asm: Add pud/pmd mask interfaces to handle large PAT bit (Toshi Kani) [Orabug: 28492122]

[4.1.12-124.18.4]
- kvm/vmx: Dont mark vmx_exit() __exit (Boris Ostrovsky) [Orabug: 28491688]
- x86/speculation: Dont mark cpu_no_l1tf __initconst (Boris Ostrovsky) [Orabug: 28491688]
- x86/speculation: parse l1tf boot parameter early (Boris Ostrovsky) [Orabug: 28491688]

[4.1.12-124.18.3]
- posix-timer: Properly check sigevent->sigev_notify (Thomas Gleixner) [Orabug: 28481412] {CVE-2017-18344}

[4.1.12-124.18.2]
- x86/mm/kmmio: Make the tracer robust against L1TF (Andi Kleen) [Orabug: 28220674] {CVE-2018-3620}
- x86/mm/pat: Make set_memory_np() L1TF safe (Andi Kleen) [Orabug: 28220674] {CVE-2018-3620}
- x86/mm/pat: Ensure cpa->pfn only contains page frame numbers (Matt Fleming) [Orabug: 28220674] {CVE-2018-3620}
- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (Andi Kleen) [Orabug: 28220674] {CVE-2018-3620}
- x86/speculation/l1tf: Invert all not present mappings (Andi Kleen) [Orabug: 28220674] {CVE-2018-3620}
- cpu/hotplug: Fix SMT supported evaluation (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (Paolo Bonzini) [Orabug: 28220674] {CVE-2018-3646}
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (Paolo Bonzini) [Orabug: 28220674] {CVE-2018-3620}
- KVM/VMX: Emulate MSR_IA32_ARCH_CAPABILITIES (KarimAllah Ahmed) [Orabug: 28220674] {CVE-2018-3646}
- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Paolo Bonzini) [Orabug: 28220674] {CVE-2018-3620}
- Documentation/l1tf: Remove Yonah processors from not vulnerable list (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- x86/KVM/VMX: Dont set l1tf_flush_l1d from vmx_handle_external_intr() (Nicolai Stange) [Orabug: 28220674] {CVE-2018-3646}
- x86/irq: Let interrupt handlers set kvm_cpu_l1tf_flush_l1d (Nicolai Stange) [Orabug: 28220674] {CVE-2018-3646}
- x86: Dont include linux/irq.h from asm/hardirq.h (Nicolai Stange) [Orabug: 28220625] {CVE-2018-3620}
- x86/KVM/VMX: Introduce per-host-cpu analogue of l1tf_flush_l1d (Nicolai Stange) [Orabug: 28220625] {CVE-2018-3646}
- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() (Nicolai Stange) [Orabug: 28220625] {CVE-2018-3646}
- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond' (Nicolai Stange) [Orabug: 28220625] {CVE-2018-3646}
- x86/KVM/VMX: Dont set l1tf_flush_l1d to true from vmx_l1d_flush() (Nicolai Stange) [Orabug: 28220625] {CVE-2018-3646}
- KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (Paolo Bonzini) [Orabug: 28220625] {CVE-2018-3646}
- KVM: X86: Introduce kvm_get_msr_feature() (Wanpeng Li) [Orabug: 28220674] {CVE-2018-3646}
- KVM: x86: Add a framework for supporting MSR-based features (Tom Lendacky) [Orabug: 28220674] {CVE-2018-3646}
- cpu/hotplug: detect SMT disabled by BIOS (Josh Poimboeuf) [Orabug: 28220674] {CVE-2018-3620}
- Documentation/l1tf: Fix typos (Tony Luck) [Orabug: 28220674] {CVE-2018-3620}
- x86/KVM/VMX: Initialize the vmx_l1d_flush_pages content (Nicolai Stange) [Orabug: 28220674] {CVE-2018-3646}
- x86/speculation/l1tf: Unbreak !__HAVE_ARCH_PFN_MODIFY_ALLOWED architectures (Jiri Kosina) [Orabug: 28220674] {CVE-2018-3620}
- Documentation: Add section about CPU vulnerabilities (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- x86/bugs, kvm: Introduce boot-time control of L1TF mitigations (Jiri Kosina) [Orabug: 28220674] {CVE-2018-3646}
- cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- cpu/hotplug: Expose SMT control init function (Jiri Kosina) [Orabug: 28220674] {CVE-2018-3620}
- x86/kvm: Allow runtime control of L1D flush (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3646}
- x86/kvm: Serialize L1D flush parameter setter (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3646}
- x86/kvm: Add static key for flush always (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3646}
- x86/kvm: Move l1tf setup function (Thomas Gleixner) [Orabug: 28220625] {CVE-2018-3646}
- x86/l1tf: Handle EPT disabled state proper (Thomas Gleixner) [Orabug: 28220625] {CVE-2018-3620}
- x86/kvm: Drop L1TF MSR list approach (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3646}
- x86/litf: Introduce vmx status variable (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- cpu/hotplug: Online siblings when SMT control is turned on (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- x86/KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required (Konrad Rzeszutek Wilk) [Orabug: 28220674] {CVE-2018-3646}
- x86/KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs (Konrad Rzeszutek Wilk) [Orabug: 28220674] {CVE-2018-3646}
- x86/KVM/VMX: Separate the VMX AUTOLOAD guest/host number accounting (Konrad Rzeszutek Wilk) [Orabug: 28220674] {CVE-2018-3646}
- x86/KVM/VMX: Add find_msr() helper function (Konrad Rzeszutek Wilk) [Orabug: 28220674] {CVE-2018-3646}
- x86/KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest numbers (Konrad Rzeszutek Wilk) [Orabug: 28220674] {CVE-2018-3646}
- x86/KVM/VMX: Add L1D flush logic (Paolo Bonzini) [Orabug: 28220674] {CVE-2018-3646}
- x86/KVM/VMX: Add L1D MSR based flush (Paolo Bonzini) [Orabug: 28220674] {CVE-2018-3646}
- x86/KVM/VMX: Add L1D flush algorithm (Paolo Bonzini) [Orabug: 28220674] {CVE-2018-3646}
- x86/KVM/VMX: Add module argument for L1TF mitigation (Konrad Rzeszutek Wilk) [Orabug: 28220674] {CVE-2018-3646} {CVE-2018-3646}
- locking/static_keys: Add static_key_{en,dis}able() helpers (Peter Zijlstra) [Orabug: 28220674] {CVE-2018-3620}
- x86/KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present (Konrad Rzeszutek Wilk) [Orabug: 28220674] {CVE-2018-3646}
- KVM: x86: Introducing kvm_x86_ops VM init/destroy hooks (Suravee Suthikulpanit) [Orabug: 28220674] {CVE-2018-3646}
- cpu/hotplug: Boot HT siblings at least once (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- Revert 'x86/apic: Ignore secondary threads if nosmt=force' (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (Michal Hocko) [Orabug: 28220674] {CVE-2018-3620}
- x86/speculation/l1tf: Protect PAE swap entries against L1TF (Vlastimil Babka) [Orabug: 28220674] {CVE-2018-3620}
- x86/CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings (Borislav Petkov) [Orabug: 28220674] {CVE-2018-3620}
- x86/cpufeatures: Add detection of L1D cache flush support. (Konrad Rzeszutek Wilk) [Orabug: 28220674] {CVE-2018-3620}
- x86/speculation/l1tf: Extend 64bit swap file size limit (Vlastimil Babka) [Orabug: 28220674] {CVE-2018-3620}
- x86/apic: Ignore secondary threads if nosmt=force (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- x86/cpu/AMD: Evaluate smp_num_siblings early (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- x86/CPU/AMD: Do not check CPUID max ext level before parsing SMP info (Borislav Petkov) [Orabug: 28220674] {CVE-2018-3620}
- x86/cpu/intel: Evaluate smp_num_siblings early (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- x86/cpu/topology: Provide detect_extended_topology_early() (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- x86/cpu/common: Provide detect_ht_early() (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- x86/cpu/AMD: Remove the pointless detect_ht() call (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- x86/cpu: Remove the pointless CPU printout (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- cpu/hotplug: Provide knobs to control SMT (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- x86/topology: Add topology_max_smt_threads() (Andi Kleen) [Orabug: 28220674] {CVE-2018-3620}
- cpu/hotplug: Split do_cpu_down() (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- x86/topology: Provide topology_smt_supported() (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- x86/smp: Provide topology_is_primary_thread() (Thomas Gleixner) [Orabug: 28220674] {CVE-2018-3620}
- x86/bugs: Move the l1tf function and define pr_fmt properly (Konrad Rzeszutek Wilk) [Orabug: 28220674] {CVE-2018-3620}
- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 (Andi Klein) [Orabug: 28220674] {CVE-2018-3620}
- x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings (Andi Klein) [Orabug: 28220674] {CVE-2018-3620}
- x86/speculation/l1tf: Add sysfs reporting for l1tf (Andi Klein) [Orabug: 28220674] {CVE-2018-3620}
- x86/speculation/l1tf: Make sure the first page is always reserved (Andi Klein) [Orabug: 28220674] {CVE-2018-3620}
- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation (Andi Klein) [Orabug: 28220674] {CVE-2018-3620}
- x86/speculation/l1tf: Protect swap entries against L1TF (Linus Torvalds) [Orabug: 28220674] {CVE-2018-3620}
- x86/speculation/l1tf: Change order of offset/type in swap entry (Linus Torvalds) [Orabug: 28220674] {CVE-2018-3620}
- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT (Andi Klein) [Orabug: 28220674] {CVE-2018-3620}
- x86/mm: Limit mmap() of /dev/mem to valid physical addresses (Craig Bergstrom) [Orabug: 28220674] {CVE-2018-3620}
- x86/mm: Prevent non-MAP_FIXED mapping across DEFAULT_MAP_WINDOW border (Kirill A. Shutemov) [Orabug: 28220674] {CVE-2018-3620}

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 6 (x86_64)	kernel-uek-4.1.12-124.18.5.el6uek.src.rpm	a9abb19864a5847e481d818bd2c5718ec0bed9225da6ba2e3a282c75cefc3ea3	ELSA-2025-20007	ol6_x86_64_UEKR4_archive
	kernel-uek-4.1.12-124.18.5.el6uek.x86_64.rpm	f36a2fbfff00206b5ff0dad5817e1909dffe44976069bd8b9d257bb565dac809	ELSA-2025-20007	ol6_x86_64_UEKR4_archive
	kernel-uek-debug-4.1.12-124.18.5.el6uek.x86_64.rpm	5c95e80c80910fc98f5546dd19d9199425b5c00314628f9a4ff6d5e1ab4234d9	ELSA-2025-20007	ol6_x86_64_UEKR4_archive
	kernel-uek-debug-devel-4.1.12-124.18.5.el6uek.x86_64.rpm	ec5ba7ee3af1c25a64a73c14f6b9454172cdc48fa8e9b69f4271f3ac2bd7d6d5	ELSA-2025-20007	ol6_x86_64_UEKR4_archive
	kernel-uek-devel-4.1.12-124.18.5.el6uek.x86_64.rpm	df24764847212c2c43df27fb67161e967b9d7da94768aac1eb2a8265bde70832	ELSA-2025-20007	ol6_x86_64_UEKR4_archive
	kernel-uek-doc-4.1.12-124.18.5.el6uek.noarch.rpm	cbbb6f6ff32578fed4d6453cf6699d825f89d11f2e38acc0b6a3726cac8126dc	ELSA-2025-20007	ol6_x86_64_UEKR4_archive
	kernel-uek-firmware-4.1.12-124.18.5.el6uek.noarch.rpm	96d36cf08e640a27f07dbfa3b98f2adfe556c6c42a0c2ac4c449d711e3cd9747	ELSA-2025-20007	ol6_x86_64_UEKR4_archive

Oracle Linux 7 (x86_64)	kernel-uek-4.1.12-124.18.5.el7uek.src.rpm	2370b3be9732d90902b630b8067d24187e46dd16a5cc1b694d7cbfc92703afb6	ELSA-2025-20190	ol7_x86_64_UEKR4_archive
	kernel-uek-4.1.12-124.18.5.el7uek.x86_64.rpm	51a1e08880eb02cde96814d28036bf83df32eaca2007bbfd75d4214aeb303236	ELSA-2025-20190	ol7_x86_64_UEKR4_archive
	kernel-uek-debug-4.1.12-124.18.5.el7uek.x86_64.rpm	9a1c953f84ae91857f897fa7886dad2849dca4be5338b32311ccce9a0e3b7e74	ELSA-2025-20190	ol7_x86_64_UEKR4_archive
	kernel-uek-debug-devel-4.1.12-124.18.5.el7uek.x86_64.rpm	5491ed842cff54680a4e463e0fd0feee1b54704822a68530dd98f7cb4aeeb614	ELSA-2025-20190	ol7_x86_64_UEKR4_archive
	kernel-uek-devel-4.1.12-124.18.5.el7uek.x86_64.rpm	3d8653f512cb3c97c370a7a5963b4a7adb8157743e170f9a30d736a4032b8ca0	ELSA-2025-20190	ol7_x86_64_UEKR4_archive
	kernel-uek-doc-4.1.12-124.18.5.el7uek.noarch.rpm	b0ff600605c996bea15d11a5827dc09868dddbf85d61d3dc97e4dff202398104	ELSA-2025-20190	ol7_x86_64_UEKR4_archive
	kernel-uek-firmware-4.1.12-124.18.5.el7uek.noarch.rpm	1acede85a3a0bc831d84e8491ed4668e0905112489819bbb34deec4edfbd308c	ELSA-2025-20007	ol7_x86_64_UEKR4_archive

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691