ELSA-2018-4214
- ULN >
- Oracle Linux Errata repository >
- ELSA-2018-4214
ELSA-2018-4214 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2018-09-13 |
Description
[2.6.39-400.301.1]
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (Vlastimil Babka) [Orabug: 28505519] {CVE-2018-3620}
- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (Sean Christopherson) [Orabug: 28505519] {CVE-2018-3620}
- x86/speculation/l1tf: Protect PAE swap entries against L1TF (Vlastimil Babka) [Orabug: 28505519] {CVE-2018-3620}
- x86/speculation/l1tf: Extend 64bit swap file size limit (Vlastimil Babka) [Orabug: 28505519] {CVE-2018-3620}
- mm, fremap: mitigate L1TF in remap_file_pages (Daniel Jordan) [Orabug: 28505519] {CVE-2018-3620}
- x86/speculation: Don't mark cpu_no_l1tf __initconst (Boris Ostrovsky) [Orabug: 28505519] {CVE-2018-3620}
- x86/mm/kmmio: Make the tracer robust against L1TF (Andi Kleen) [Orabug: 28505519] {CVE-2018-3620}
- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (Andi Kleen) [Orabug: 28505519] {CVE-2018-3620}
- x86/speculation/l1tf: Invert all not present mappings (Andi Kleen) [Orabug: 28505519] {CVE-2018-3620}
- x86/bugs: Move the l1tf function and define pr_fmt properly (Konrad Rzeszutek Wilk) [Orabug: 28505519] {CVE-2018-3620}
- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 (Andi Kleen) [Orabug: 28505519] {CVE-2018-3620}
- x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings (Andi Kleen) [Orabug: 28505519] {CVE-2018-3620}
- mm/pagewalk.c: prevent positive return value of walk_page_test() from being passed to callers (Naoya Horiguchi) [Orabug: 28505519] {CVE-2018-3620}
- mm: pagewalk: fix misbehavior of walk_page_range for vma(VM_PFNMAP) (Naoya Horiguchi) [Orabug: 28505519] {CVE-2018-3620}
- pagewalk: improve vma handling (Naoya Horiguchi) [Orabug: 28505519] {CVE-2018-3620}
- mm/pagewalk: remove pgd_entry() and pud_entry() (Naoya Horiguchi) [Orabug: 28505519] {CVE-2018-3620}
- mm/pagewalk.c: fix walk_page_range() access of wrong PTEs (Chen LinX) [Orabug: 28505519] {CVE-2018-3620}
- mm/pagewalk.c: walk_page_range should avoid VM_PFNMAP areas (Cliff Wickman) [Orabug: 28505519] {CVE-2018-3620}
- pagewalk: don't look up vma if walk->hugetlb_entry is unused (KOSAKI Motohiro) [Orabug: 28505519] {CVE-2018-3620}
- x86/speculation/l1tf: Add sysfs reporting for l1tf (Andi Kleen) [Orabug: 28505519] {CVE-2018-3620}
- x86/bugs: Concentrate bug reporting into a separate function (Konrad Rzeszutek Wilk) [Orabug: 28505519] {CVE-2018-3620}
- x86/bugs: Concentrate bug detection into a separate function (Konrad Rzeszutek Wilk) [Orabug: 28505519] {CVE-2018-3620}
- x86/cpufeature: Add X86_FEATURE_IA32_ARCH_CAPS and X86_FEATURE_IBRS_ATT (Konrad Rzeszutek Wilk) [Orabug: 28505519] {CVE-2018-3620}
- x86/speculation/l1tf: Make sure the first page is always reserved (Andi Kleen) [Orabug: 28505519] {CVE-2018-3620}
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (Michal Hocko) [Orabug: 28505519] {CVE-2018-3620}
- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation (Andi Kleen) [Orabug: 28505519] {CVE-2018-3620}
- x86/speculation/l1tf: Protect swap entries against L1TF (Linus Torvalds) [Orabug: 28505519] {CVE-2018-3620}
- x86/speculation/l1tf: Change order of offset/type in swap entry (Linus Torvalds) [Orabug: 28505519] {CVE-2018-3620}
- x86/mm: Fix swap entry comment and macro (Dave Hansen) [Orabug: 28505519] {CVE-2018-3620}
- x86/mm: Move swap offset/type up in PTE to work around erratum (Dave Hansen) [Orabug: 28505519] {CVE-2018-3620}
- mm: x86 pgtable: drop unneeded preprocessor ifdef (Cyrill Gorcunov) [Orabug: 28505519] {CVE-2018-3620}
- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT (Andi Kleen) [Orabug: 28505519] {CVE-2018-3620}
- x86/mm: Fix regression with huge pages on PAE (Kirill A. Shutemov) [Orabug: 28505519] {CVE-2018-3620}
- x86/asm: Fix pud/pmd interfaces to handle large PAT bit (Toshi Kani) [Orabug: 28505519] {CVE-2018-3620}
- x86/asm: Add pud/pmd mask interfaces to handle large PAT bit (Toshi Kani) [Orabug: 28505519] {CVE-2018-3620}
- x86/asm: Move PUD_PAGE macros to page_types.h (Toshi Kani) [Orabug: 28505519] {CVE-2018-3620}
- x86/cpufeature: uniquely define *IA32_ARCH_CAPS and *IBRS_ATT (Daniel Jordan) [Orabug: 28505519] {CVE-2018-3620}
- Disable kaiser if the cpu is not vulnerable to X86_BUG_CPU_MELTDOWN (Kanth Ghatraju) [Orabug: 28001909]
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown (David Woodhouse) [Orabug: 28001909]
- x86/msr: Add definitions for IA32_ARCH_CAPABILITIES MSR (David Woodhouse) [Orabug: 28001909]
- Add driver auto probing for x86 features v4 (Andi Kleen) [Orabug: 28001909]
- mm/mempolicy: fix use after free when calling get_mempolicy (zhong jiang) [Orabug: 28022110] {CVE-2018-10675}
- xen-netback: do not requeue skb if xenvif is already disconnected (Dongli Zhang) [Orabug: 28247698]
- posix-timer: Properly check sigevent->sigev_notify (Thomas Gleixner) [Orabug: 28481397] {CVE-2017-18344}
Related CVEs
| CVE-2018-10675 |
| CVE-2018-3620 |
| CVE-2017-18344 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 5 (i386) | kernel-uek-2.6.39-400.301.1.el5uek.src.rpm | a90ee84aeee21ef29c290b0d97f900e4bccbd28233cbd3ac3cb2f5cffd444e15 | ELSA-2020-5936 | ol5_i386_UEK_ELS |
| kernel-uek-2.6.39-400.301.1.el5uek.i686.rpm | 846bcc2bbeb14d4f25a2ca9d7a7922b6ed746e803c7d33693b7180cbbc6a47bd | ELSA-2020-5936 | ol5_i386_UEK_ELS | |
| kernel-uek-debug-2.6.39-400.301.1.el5uek.i686.rpm | 34dd4a74725392b120104a9bff50daf92cb5d511436d6a6409895f24e53f3289 | ELSA-2020-5936 | ol5_i386_UEK_ELS | |
| kernel-uek-debug-devel-2.6.39-400.301.1.el5uek.i686.rpm | 457ec7390a37145868ad359d4673e177b1aae0950321ea7a9c2e303350eea873 | ELSA-2020-5936 | ol5_i386_UEK_ELS | |
| kernel-uek-devel-2.6.39-400.301.1.el5uek.i686.rpm | 9dd0537f4ea6362f64a74a99fd547397395ffa6451c822738cc3c0b7a4a27c28 | ELSA-2020-5936 | ol5_i386_UEK_ELS | |
| kernel-uek-doc-2.6.39-400.301.1.el5uek.noarch.rpm | 0e5e77c1cf7f10241fc103c27aad0845863069ed1cde328c117338bfcabe8747 | ELSA-2020-5936 | ol5_i386_UEK_ELS | |
| kernel-uek-firmware-2.6.39-400.301.1.el5uek.noarch.rpm | ba3b54588ae371e2a5f0d1d6db03d7b9d8620de74ebf5929d957dd7b629c1d66 | ELSA-2020-5936 | ol5_i386_UEK_ELS | |
| Oracle Linux 5 (x86_64) | kernel-uek-2.6.39-400.301.1.el5uek.src.rpm | a90ee84aeee21ef29c290b0d97f900e4bccbd28233cbd3ac3cb2f5cffd444e15 | ELSA-2020-5936 | ol5_x86_64_UEK_ELS |
| kernel-uek-2.6.39-400.301.1.el5uek.x86_64.rpm | 3cebc91694632054991c1723dfb8208b55a6b60e2d18cdd3e3e6b9b5b47518c6 | ELSA-2020-5936 | ol5_x86_64_UEK_ELS | |
| kernel-uek-debug-2.6.39-400.301.1.el5uek.x86_64.rpm | c94cb72a18d55290ad3fdb1c3739d6da84c22851d75c0b0a995801c6f767f2d7 | ELSA-2020-5936 | ol5_x86_64_UEK_ELS | |
| kernel-uek-debug-devel-2.6.39-400.301.1.el5uek.x86_64.rpm | 712c3dc1aa94433f4bb1a212cd9547d80dcf8eb39fcf7d5493f7679f3cd912b0 | ELSA-2020-5936 | ol5_x86_64_UEK_ELS | |
| kernel-uek-devel-2.6.39-400.301.1.el5uek.x86_64.rpm | f763e9d79a00dcee94bb3f7f99bf02fba2fc980c1037c2cfc2c3378ed4cfe956 | ELSA-2020-5936 | ol5_x86_64_UEK_ELS | |
| kernel-uek-doc-2.6.39-400.301.1.el5uek.noarch.rpm | 0e5e77c1cf7f10241fc103c27aad0845863069ed1cde328c117338bfcabe8747 | ELSA-2020-5936 | ol5_x86_64_UEK_ELS | |
| kernel-uek-firmware-2.6.39-400.301.1.el5uek.noarch.rpm | ba3b54588ae371e2a5f0d1d6db03d7b9d8620de74ebf5929d957dd7b629c1d66 | ELSA-2020-5936 | ol5_x86_64_UEK_ELS | |
| Oracle Linux 6 (i386) | kernel-uek-2.6.39-400.301.1.el6uek.src.rpm | f2439c41ba5c4e262df0656db4015df3e06ba4b6ea04adc33fdc3cc31dc6a19f | ELSA-2025-20007 | ol6_i386_UEK_latest |
| kernel-uek-2.6.39-400.301.1.el6uek.i686.rpm | 480e20706bf8532555527ec355eaacd8e10f675450b453033f75355d8daf16cf | ELSA-2025-20007 | ol6_i386_UEK_latest | |
| kernel-uek-debug-2.6.39-400.301.1.el6uek.i686.rpm | fb7a8dd7d73a41c5ef86c19d8fec7394b0de88550cb474c61208cb14ab397242 | ELSA-2025-20007 | ol6_i386_UEK_latest | |
| kernel-uek-debug-devel-2.6.39-400.301.1.el6uek.i686.rpm | 3bbb61f0c1a2a627cb5b11530d57c6cab0eb251b392e2d102932c99c75f388cf | ELSA-2025-20007 | ol6_i386_UEK_latest | |
| kernel-uek-devel-2.6.39-400.301.1.el6uek.i686.rpm | 6c58983c2493d524c253eef979126d0f923c7fa08ec3a6731b885c6981d63346 | ELSA-2025-20007 | ol6_i386_UEK_latest | |
| kernel-uek-doc-2.6.39-400.301.1.el6uek.noarch.rpm | ac7b4dcbc4db08289e15d7b08c16870630f3c26a41a9e0d9bb4f445c7114d637 | ELSA-2025-20007 | ol6_i386_UEK_latest | |
| kernel-uek-firmware-2.6.39-400.301.1.el6uek.noarch.rpm | baf09a283443e818fbb5a30ed2cb9c184cc6d0e0789229fa6fbcab62d56550e2 | ELSA-2025-20007 | ol6_i386_UEK_latest | |
| Oracle Linux 6 (x86_64) | kernel-uek-2.6.39-400.301.1.el6uek.src.rpm | f2439c41ba5c4e262df0656db4015df3e06ba4b6ea04adc33fdc3cc31dc6a19f | ELSA-2025-20007 | ol6_x86_64_UEK_latest |
| kernel-uek-2.6.39-400.301.1.el6uek.x86_64.rpm | 7d67a065da50a7f2f9010da67244b12bae7eda611dbc6e474d9120edaea3cb47 | ELSA-2025-20007 | ol6_x86_64_UEK_latest | |
| kernel-uek-debug-2.6.39-400.301.1.el6uek.x86_64.rpm | c57d77120eb0d2e137a9d2b62cb7f0ae94949cf5c4d93030658ddea68fc626fc | ELSA-2025-20007 | ol6_x86_64_UEK_latest | |
| kernel-uek-debug-devel-2.6.39-400.301.1.el6uek.x86_64.rpm | 491d13ed287d20e3ce7a687cd9f934929d160fea9805f0b4af6afee54eac9a62 | ELSA-2025-20007 | ol6_x86_64_UEK_latest | |
| kernel-uek-devel-2.6.39-400.301.1.el6uek.x86_64.rpm | dfe05b7b82a5c79647db8c76cd6ece333498808f2af605fef17854d916cc58c2 | ELSA-2025-20007 | ol6_x86_64_UEK_latest | |
| kernel-uek-doc-2.6.39-400.301.1.el6uek.noarch.rpm | ac7b4dcbc4db08289e15d7b08c16870630f3c26a41a9e0d9bb4f445c7114d637 | ELSA-2025-20007 | ol6_x86_64_UEK_latest | |
| kernel-uek-firmware-2.6.39-400.301.1.el6uek.noarch.rpm | baf09a283443e818fbb5a30ed2cb9c184cc6d0e0789229fa6fbcab62d56550e2 | ELSA-2025-20007 | ol6_x86_64_UEK_latest | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
