ELSA-2018-4235

ULN >
Oracle Linux Errata repository >
ELSA-2018-4235

ELSA-2018-4235 - kernel security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2018-10-01

Description

kernel
[2.6.18-419.0.0.0.12]
- [x86] mm/dump_pagetables: Add a check_l1tf debugfs file (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] cpu: Make flush_l1d visible in /proc/cpuinfo (Chris von Recklinghausen) [1593378]
- [x86] cpufeatures: Add detection of L1D cache flush support. (Chris von Recklinghausen) [1593378]
- [x86] l1tf: protect _PAGE_FILE PTEs against speculation (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Extend 64bit swap file size limit (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] bugs: Move the l1tf function and define pr_fmt properly (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Limit swap file size to MAX_PA/2 (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Add sysfs reporting for l1tf (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Protect PROT_NONE PTEs against speculation (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Protect swap entries against L1TF (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Change order of offset/type in swap entry (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] cpu: Fix incorrect vulnerabilities files function prototypes (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] bugs: Export the internal __cpu_bugs variable (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] spec_ctrl: sync with upstream cpu_set_bug_bits() (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] intel-family.h: Add GEMINI_LAKE SOC (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] mm: Fix swap entry comment and macro (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] mm: Move swap offset/type up in PTE to work around erratum (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] cpufeatures: Resolve X86_FEATURE_SMEP definition conflict (Radomir Vrbovsky) [1570474]
- [x86] fix kexec load warnings with PTI enabled (Rafael Aquini) [1576191]
- [x86] ia32entry: make target ia32_ret_from_sys_call the common exit point to long-mode (Rafael Aquini) [1570474] {CVE-2009-2910}
- [x86] spec_ctrl: only perform RSB stuffing on SMEP capable CPUs (Rafael Aquini) [1570474] {CVE-2009-2910}
- [net] tcp: fix 0 divide in __tcp_select_window (Davide Caratti) [1488343] {CVE-2017-14106}
- [net] tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Davide Caratti) [1488343] {CVE-2017-14106}
- [x86] adjust / fix LDT handling for PTI (Rafael Aquini) [1584622]
- [x86] Fix up /proc/cpuinfo entries (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [kernel] spec_ctrl: work around broken microcode (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] Only expose PR_{GET, SET}_SPECULATION_CTRL if CONFIG_SPEC_CTRL is defined (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] misc changes to fix i386 builds (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] amd: Disable AMD SSBD mitigation in a VM (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] spec_ctrl: add support for SSBD to RHEL IBRS entry/exit macros (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] bugs: Rename _RDS to _SSBD (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] speculation: Add prctl for Speculative Store Bypass mitigation (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] process: Allow runtime control of Speculative Store Bypass (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] 64: add skeletonized version of __switch_to_xtra (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [kernel] prctl: Add speculation control prctls (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] bugs/AMD: Add support to disable RDS on Fam[15, 16, 17]h if requested (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] spec_ctrl: Sync up RDS setting with IBRS code (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] bugs: Provide boot parameters for the spec_store_bypass_disable mitigation (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] bugs: Expose the /sys/../spec_store_bypass and X86_BUG_SPEC_STORE_BYPASS (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] include: add latest intel-family.h from RHEL6 (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] spec_ctrl: Use separate PCP variables for IBRS entry and exit (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] cpuid: Fix up IBRS/IBPB/STIBP feature bits on Intel (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] cpufeatures: Clean up Spectre v2 related CPUID flags (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] cpufeatures: Add AMD feature bits for Speculation Control (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] cpufeatures: Add Intel feature bits for Speculation (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] cpu: Add driver auto probing for x86 features (Chris von Recklinghausen) [1566896] {CVE-2018-3639}

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 5 (i386)	kernel-2.6.18-419.0.0.0.12.el5.src.rpm	52a2093c0fd36fefef7f64f6d3fa0f3a	ELSA-2019-4732
	ocfs2-2.6.18-419.0.0.0.12.el5-1.4.11-1.el5.src.rpm	bc6048398f28118bb8efac6d9c72fa65	-
	oracleasm-2.6.18-419.0.0.0.12.el5-2.0.5-2.el5.src.rpm	1e7e3a73f4107ffda5bfea80f01db1e1	-
	kernel-2.6.18-419.0.0.0.12.el5.i686.rpm	dc66e3b20082c77188d50dce3bd3c692	ELSA-2019-4732
	kernel-PAE-2.6.18-419.0.0.0.12.el5.i686.rpm	1b6faa09cf986c1142861cc7f91da3f2	ELSA-2019-4732
	kernel-PAE-devel-2.6.18-419.0.0.0.12.el5.i686.rpm	77e9680fffed000f240679df7d9b3ca0	ELSA-2019-4732
	kernel-debug-2.6.18-419.0.0.0.12.el5.i686.rpm	685fc40363b02d48cf9b559a6fe58150	ELSA-2019-4732
	kernel-debug-devel-2.6.18-419.0.0.0.12.el5.i686.rpm	2971b8db3bbb9bbc2c171252985043a0	ELSA-2019-4732
	kernel-devel-2.6.18-419.0.0.0.12.el5.i686.rpm	be44253ff8f7769f27e1f8a67390dbca	ELSA-2019-4732
	kernel-doc-2.6.18-419.0.0.0.12.el5.noarch.rpm	3adf2a18f3356dfdb39037e42a39d889	ELSA-2019-4732
	kernel-headers-2.6.18-419.0.0.0.12.el5.i386.rpm	d232c268468139d9dbd9d416f646ddb8	ELSA-2019-4732
	kernel-xen-2.6.18-419.0.0.0.12.el5.i686.rpm	48c61b059e33f015c853f79ee3d9dfa3	ELSA-2019-4732
	kernel-xen-devel-2.6.18-419.0.0.0.12.el5.i686.rpm	e5fefb6768702f117ca9e5ec33048d0d	ELSA-2019-4732
	ocfs2-2.6.18-419.0.0.0.12.el5-1.4.11-1.el5.i686.rpm	29dc2d99f17743cb0664103a3217332e	-
	ocfs2-2.6.18-419.0.0.0.12.el5PAE-1.4.11-1.el5.i686.rpm	46bb29cc6674fdee8c62907671bbd119	-
	ocfs2-2.6.18-419.0.0.0.12.el5debug-1.4.11-1.el5.i686.rpm	c9c4eb5e887b1ee2cc695c5117ccc11e	-
	ocfs2-2.6.18-419.0.0.0.12.el5xen-1.4.11-1.el5.i686.rpm	beae7956fc31a94be00e350c43f13700	-
	oracleasm-2.6.18-419.0.0.0.12.el5-2.0.5-2.el5.i686.rpm	39bb0d5d2bd3b99a6916c64fa45f311f	-
	oracleasm-2.6.18-419.0.0.0.12.el5PAE-2.0.5-2.el5.i686.rpm	b19bf003aa26de76b071038be86c7cd0	-
	oracleasm-2.6.18-419.0.0.0.12.el5debug-2.0.5-2.el5.i686.rpm	3a0a681133709201431cac4f8c3c2d24	-
	oracleasm-2.6.18-419.0.0.0.12.el5xen-2.0.5-2.el5.i686.rpm	fa110202deac75ba7988e596b2517d78	-

Oracle Linux 5 (ia64)	kernel-2.6.18-419.0.0.0.12.el5.src.rpm	52a2093c0fd36fefef7f64f6d3fa0f3a	ELSA-2019-4732
	ocfs2-2.6.18-419.0.0.0.12.el5-1.4.11-1.el5.src.rpm	bc6048398f28118bb8efac6d9c72fa65	-
	oracleasm-2.6.18-419.0.0.0.12.el5-2.0.5-2.el5.src.rpm	1e7e3a73f4107ffda5bfea80f01db1e1	-
	kernel-2.6.18-419.0.0.0.12.el5.ia64.rpm	6fa9d1fdc5bc4cd3d96459cf84ac70dd	ELSA-2019-4732
	kernel-debug-2.6.18-419.0.0.0.12.el5.ia64.rpm	f337d11b497f4847f95961498bd1e25d	ELSA-2019-4732
	kernel-debug-devel-2.6.18-419.0.0.0.12.el5.ia64.rpm	c49e9778dc254968439e7759902dcb23	ELSA-2019-4732
	kernel-devel-2.6.18-419.0.0.0.12.el5.ia64.rpm	7c157b3125b0f23c2fd4011ed74f313d	ELSA-2019-4732
	kernel-doc-2.6.18-419.0.0.0.12.el5.noarch.rpm	3adf2a18f3356dfdb39037e42a39d889	ELSA-2019-4732
	kernel-headers-2.6.18-419.0.0.0.12.el5.ia64.rpm	4ff36290a0db9913c8a23ec9d31ee959	ELSA-2019-4732
	kernel-xen-2.6.18-419.0.0.0.12.el5.ia64.rpm	28377da574b5bde6bc94bb0043c8fced	ELSA-2019-4732
	kernel-xen-devel-2.6.18-419.0.0.0.12.el5.ia64.rpm	053f8bb395591fd92bbeeb22abd76984	ELSA-2019-4732
	ocfs2-2.6.18-419.0.0.0.12.el5-1.4.11-1.el5.ia64.rpm	78f0ab4880c8b178c5ec8f3173488d06	-
	ocfs2-2.6.18-419.0.0.0.12.el5debug-1.4.11-1.el5.ia64.rpm	584be07f653e58e12c035ea798d702b9	-
	ocfs2-2.6.18-419.0.0.0.12.el5xen-1.4.11-1.el5.ia64.rpm	e1556d79f6be8f8c27bdc42dde2d632c	-

Oracle Linux 5 (x86_64)	kernel-2.6.18-419.0.0.0.12.el5.src.rpm	52a2093c0fd36fefef7f64f6d3fa0f3a	ELSA-2019-4732
	ocfs2-2.6.18-419.0.0.0.12.el5-1.4.11-1.el5.src.rpm	bc6048398f28118bb8efac6d9c72fa65	-
	oracleasm-2.6.18-419.0.0.0.12.el5-2.0.5-2.el5.src.rpm	1e7e3a73f4107ffda5bfea80f01db1e1	-
	kernel-2.6.18-419.0.0.0.12.el5.x86_64.rpm	6bf8d020bc0d6d5e78c65cffd790a77c	ELSA-2019-4732
	kernel-debug-2.6.18-419.0.0.0.12.el5.x86_64.rpm	096a9599f13e5b17a57108b0bd4907ac	ELSA-2019-4732
	kernel-debug-devel-2.6.18-419.0.0.0.12.el5.x86_64.rpm	94b04bdbf880f90941b82efc84419b9b	ELSA-2019-4732
	kernel-devel-2.6.18-419.0.0.0.12.el5.x86_64.rpm	748437818c328c2ebf3625887aae8c06	ELSA-2019-4732
	kernel-doc-2.6.18-419.0.0.0.12.el5.noarch.rpm	3adf2a18f3356dfdb39037e42a39d889	ELSA-2019-4732
	kernel-headers-2.6.18-419.0.0.0.12.el5.x86_64.rpm	95bdeb47a3e2c0342d2724945537dd0d	ELSA-2019-4732
	kernel-xen-2.6.18-419.0.0.0.12.el5.x86_64.rpm	93d74df13a3c4eb4692a5225188dadf2	ELSA-2019-4732
	kernel-xen-devel-2.6.18-419.0.0.0.12.el5.x86_64.rpm	ae098feea30f03c19463e16f4fc767b6	ELSA-2019-4732
	ocfs2-2.6.18-419.0.0.0.12.el5-1.4.11-1.el5.x86_64.rpm	2b1b31f26098d02adf5110983cf3dfba	-
	ocfs2-2.6.18-419.0.0.0.12.el5debug-1.4.11-1.el5.x86_64.rpm	ef3676f973a8a85f5d7b56d96773f639	-
	ocfs2-2.6.18-419.0.0.0.12.el5xen-1.4.11-1.el5.x86_64.rpm	1b28d11314e1f572918e4137f9efc95c	-
	oracleasm-2.6.18-419.0.0.0.12.el5-2.0.5-2.el5.x86_64.rpm	211c1743558d122765ae9e3eeb28ac21	-
	oracleasm-2.6.18-419.0.0.0.12.el5debug-2.0.5-2.el5.x86_64.rpm	477384fd7660bc2eb9958ced19a9d8da	-
	oracleasm-2.6.18-419.0.0.0.12.el5xen-2.0.5-2.el5.x86_64.rpm	e01fede3d9afaac32c863e9c4e2a43e1	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691