ELSA-2018-4215
- ULN >
- Oracle Linux Errata repository >
- ELSA-2018-4215
ELSA-2018-4215 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2018-09-13 |
Description
kernel-uek
[3.8.13-118.24.2]
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (Vlastimil Babka) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation/l1tf: Protect PAE swap entries against L1TF (Vlastimil Babka) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation/l1tf: Extend 64bit swap file size limit (Vlastimil Babka) [Orabug: 28505476] {CVE-2018-3620}
- mm, fremap: mitigate L1TF in remap_file_pages (Daniel Jordan) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation: Don't mark cpu_no_l1tf __initconst (Boris Ostrovsky) [Orabug: 28505476] {CVE-2018-3620}
- x86/mm/kmmio: Make the tracer robust against L1TF (Andi Kleen) [Orabug: 28505476] {CVE-2018-3620}
- x86/mm/pat: Make set_memory_np() L1TF safe (Andi Kleen) [Orabug: 28505476] {CVE-2018-3620}
- x86/mm/pat: Ensure cpa->pfn only contains page frame numbers (Matt Fleming) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (Andi Kleen) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (Sean Christopherson) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation/l1tf: Invert all not present mappings (Andi Kleen) [Orabug: 28505476] {CVE-2018-3620}
- x86/bugs: Move the l1tf function and define pr_fmt properly (Konrad Rzeszutek Wilk) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation/l1tf: Limit swap file size to MAX_PA/2 (Andi Kleen) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings (Andi Kleen) [Orabug: 28505476] {CVE-2018-3620}
- mm/pagewalk.c: prevent positive return value of walk_page_test() from being passed to callers (Naoya Horiguchi) [Orabug: 28505476] {CVE-2018-3620}
- pagewalk: improve vma handling (Naoya Horiguchi) [Orabug: 28505476] {CVE-2018-3620}
- mm/pagewalk: remove pgd_entry() and pud_entry() (Naoya Horiguchi) [Orabug: 28505476] {CVE-2018-3620}
- mm/pagewalk.c: fix walk_page_range() access of wrong PTEs (Chen LinX) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation/l1tf: Add sysfs reporting for l1tf (Andi Kleen) [Orabug: 28505476] {CVE-2018-3620}
- x86/cpu/intel: Add Knights Mill to Intel family (Piotr Luc) [Orabug: 28505476] {CVE-2018-3620}
- x86/bugs: Concentrate bug reporting into a separate function (Konrad Rzeszutek Wilk) [Orabug: 28505476] {CVE-2018-3620}
- x86/bugs: Concentrate bug detection into a separate function (Konrad Rzeszutek Wilk) [Orabug: 28505476] {CVE-2018-3620}
- x86/cpufeature: Add X86_FEATURE_IA32_ARCH_CAPS and X86_FEATURE_IBRS_ATT (Konrad Rzeszutek Wilk) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation/l1tf: Make sure the first page is always reserved (Andi Kleen) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (Michal Hocko) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation/l1tf: Protect PROT_NONE PTEs against speculation (Andi Kleen) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation/l1tf: Protect swap entries against L1TF (Linus Torvalds) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation/l1tf: Change order of offset/type in swap entry (Linus Torvalds) [Orabug: 28505476] {CVE-2018-3620}
- x86/mm: Fix swap entry comment and macro (Dave Hansen) [Orabug: 28505476] {CVE-2018-3620}
- x86/mm: Move swap offset/type up in PTE to work around erratum (Dave Hansen) [Orabug: 28505476] {CVE-2018-3620}
- mm: x86 pgtable: drop unneeded preprocessor ifdef (Cyrill Gorcunov) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT (Andi Kleen) [Orabug: 28505476] {CVE-2018-3620}
- x86/mm: Fix regression with huge pages on PAE (Kirill A. Shutemov) [Orabug: 28505476] {CVE-2018-3620}
- x86/asm: Fix pud/pmd interfaces to handle large PAT bit (Toshi Kani) [Orabug: 28505476] {CVE-2018-3620}
- x86/asm: Add pud/pmd mask interfaces to handle large PAT bit (Toshi Kani) [Orabug: 28505476] {CVE-2018-3620}
- x86/asm: Move PUD_PAGE macros to page_types.h (Toshi Kani) [Orabug: 28505476] {CVE-2018-3620}
- x86/speculation: sort X86_BUG_* with X86_FEATURE_* (Daniel Jordan) [Orabug: 28505476] {CVE-2018-3620}
- Disable kaiser if the cpu is not vulnerable to X86_BUG_CPU_MELTDOWN (Kanth Ghatraju) [Orabug: 27958074]
- x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown (David Woodhouse) [Orabug: 27958074]
- x86/msr: Add definitions for IA32_ARCH_CAPABILITIES MSR (Kanth Ghatraju) [Orabug: 27958074]
- x86/cpufeatures: Add Intel feature bit for IA32_ARCH_CAPABILITIES supported (Kanth Ghatraju) [Orabug: 27958074]
Related CVEs
| CVE-2018-3620 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 6 (x86_64) | dtrace-modules-3.8.13-118.24.2.el6uek-0.4.5-3.el6.src.rpm | df3a676a9e5d79055267555647252715 | - |
| kernel-uek-3.8.13-118.24.2.el6uek.src.rpm | 996f3286024dd129f7e98e4ace49c987 | ELSA-2021-9215 | |
| dtrace-modules-3.8.13-118.24.2.el6uek-0.4.5-3.el6.x86_64.rpm | a1cad6a1e7d480213a75cbf59d71bd19 | - | |
| kernel-uek-3.8.13-118.24.2.el6uek.x86_64.rpm | 2d32cb520c6ab22226b0e2f18a534749 | ELSA-2021-9215 | |
| kernel-uek-debug-3.8.13-118.24.2.el6uek.x86_64.rpm | 669417b41242a51c2b40b97df883c4cc | ELSA-2021-9215 | |
| kernel-uek-debug-devel-3.8.13-118.24.2.el6uek.x86_64.rpm | d985f824e7e3b9a32d2bf6b958214686 | ELSA-2021-9215 | |
| kernel-uek-devel-3.8.13-118.24.2.el6uek.x86_64.rpm | 88793f45969b351426b1013c3378f2bc | ELSA-2021-9215 | |
| kernel-uek-doc-3.8.13-118.24.2.el6uek.noarch.rpm | bca8bb7b41c27756ec3b152ded6eb5a3 | ELSA-2021-9215 | |
| kernel-uek-firmware-3.8.13-118.24.2.el6uek.noarch.rpm | 25c2af4002224bcce07492dcbeae38a2 | ELSA-2021-9215 | |
| Oracle Linux 7 (x86_64) | dtrace-modules-3.8.13-118.24.2.el7uek-0.4.5-3.el7.src.rpm | 840de03a8c3a4b62ff0a4fcad170d73c | - |
| kernel-uek-3.8.13-118.24.2.el7uek.src.rpm | fe436e483d4072265100f2d1e0e184b6 | ELSA-2021-9220 | |
| dtrace-modules-3.8.13-118.24.2.el7uek-0.4.5-3.el7.x86_64.rpm | 6611aebc31ca927cedbd0d62d26e8515 | - | |
| kernel-uek-3.8.13-118.24.2.el7uek.x86_64.rpm | e43f67b2c526ba273321cc190f7696a4 | ELSA-2021-9220 | |
| kernel-uek-debug-3.8.13-118.24.2.el7uek.x86_64.rpm | 3ded269286f696230fde01a40e5a4e4c | ELSA-2021-9220 | |
| kernel-uek-debug-devel-3.8.13-118.24.2.el7uek.x86_64.rpm | c5b29b2283899cb2f3fadf75ba89de78 | ELSA-2021-9220 | |
| kernel-uek-devel-3.8.13-118.24.2.el7uek.x86_64.rpm | 580ca3df56236d778224576bf0c1f128 | ELSA-2021-9220 | |
| kernel-uek-doc-3.8.13-118.24.2.el7uek.noarch.rpm | 4af640614757a874625afc31937da072 | ELSA-2021-9220 | |
| kernel-uek-firmware-3.8.13-118.24.2.el7uek.noarch.rpm | 5d09bf42078f7f37dc2c75c9e02f1ce5 | ELSA-2021-9215 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
