ELSA-2018-4235

ULN >
Oracle Linux Errata repository >
ELSA-2018-4235

ELSA-2018-4235 - kernel security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2018-10-01

Description

kernel
[2.6.18-419.0.0.0.12]
- [x86] mm/dump_pagetables: Add a check_l1tf debugfs file (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] cpu: Make flush_l1d visible in /proc/cpuinfo (Chris von Recklinghausen) [1593378]
- [x86] cpufeatures: Add detection of L1D cache flush support. (Chris von Recklinghausen) [1593378]
- [x86] l1tf: protect _PAGE_FILE PTEs against speculation (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Extend 64bit swap file size limit (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] bugs: Move the l1tf function and define pr_fmt properly (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Limit swap file size to MAX_PA/2 (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Add sysfs reporting for l1tf (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Protect PROT_NONE PTEs against speculation (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Protect swap entries against L1TF (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Change order of offset/type in swap entry (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] cpu: Fix incorrect vulnerabilities files function prototypes (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] bugs: Export the internal __cpu_bugs variable (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] spec_ctrl: sync with upstream cpu_set_bug_bits() (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] intel-family.h: Add GEMINI_LAKE SOC (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] mm: Fix swap entry comment and macro (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] mm: Move swap offset/type up in PTE to work around erratum (Chris von Recklinghausen) [1593378] {CVE-2018-3620}
- [x86] cpufeatures: Resolve X86_FEATURE_SMEP definition conflict (Radomir Vrbovsky) [1570474]
- [x86] fix kexec load warnings with PTI enabled (Rafael Aquini) [1576191]
- [x86] ia32entry: make target ia32_ret_from_sys_call the common exit point to long-mode (Rafael Aquini) [1570474] {CVE-2009-2910}
- [x86] spec_ctrl: only perform RSB stuffing on SMEP capable CPUs (Rafael Aquini) [1570474] {CVE-2009-2910}
- [net] tcp: fix 0 divide in __tcp_select_window (Davide Caratti) [1488343] {CVE-2017-14106}
- [net] tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Davide Caratti) [1488343] {CVE-2017-14106}
- [x86] adjust / fix LDT handling for PTI (Rafael Aquini) [1584622]
- [x86] Fix up /proc/cpuinfo entries (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [kernel] spec_ctrl: work around broken microcode (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] Only expose PR_{GET, SET}_SPECULATION_CTRL if CONFIG_SPEC_CTRL is defined (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] misc changes to fix i386 builds (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] amd: Disable AMD SSBD mitigation in a VM (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] spec_ctrl: add support for SSBD to RHEL IBRS entry/exit macros (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] bugs: Rename _RDS to _SSBD (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] speculation: Add prctl for Speculative Store Bypass mitigation (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] process: Allow runtime control of Speculative Store Bypass (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] 64: add skeletonized version of __switch_to_xtra (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [kernel] prctl: Add speculation control prctls (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] bugs/AMD: Add support to disable RDS on Fam[15, 16, 17]h if requested (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] spec_ctrl: Sync up RDS setting with IBRS code (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] bugs: Provide boot parameters for the spec_store_bypass_disable mitigation (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] bugs: Expose the /sys/../spec_store_bypass and X86_BUG_SPEC_STORE_BYPASS (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] include: add latest intel-family.h from RHEL6 (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] spec_ctrl: Use separate PCP variables for IBRS entry and exit (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] cpuid: Fix up IBRS/IBPB/STIBP feature bits on Intel (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] cpufeatures: Clean up Spectre v2 related CPUID flags (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] cpufeatures: Add AMD feature bits for Speculation Control (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] cpufeatures: Add Intel feature bits for Speculation (Chris von Recklinghausen) [1566896] {CVE-2018-3639}
- [x86] cpu: Add driver auto probing for x86 features (Chris von Recklinghausen) [1566896] {CVE-2018-3639}

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 5 (i386)	kernel-2.6.18-419.0.0.0.12.el5.src.rpm	a2035f13053d7bf7edba0b7e40f79afdb814daefec1ec1a6da1e86d220b4e9be	ELSA-2019-4732	ol5_i386_ELS
	ocfs2-2.6.18-419.0.0.0.12.el5-1.4.11-1.el5.src.rpm	7f4e3f41d8b9e6e674e0800ebd4c6f177f5ca7b7a7c54d39581883031143f230	-	ol5_i386_ELS
	oracleasm-2.6.18-419.0.0.0.12.el5-2.0.5-2.el5.src.rpm	7e7d3d4fc58edaa3826a14d63cbdc100024daad3a4fbfbee53ee8f1aed93ed8f	-	ol5_i386_ELS
	kernel-2.6.18-419.0.0.0.12.el5.i686.rpm	48f0efc6511e07c70f9575b051b97c733f6025539c0783b2811f7397b1b0856d	ELSA-2019-4732	ol5_i386_ELS
	kernel-PAE-2.6.18-419.0.0.0.12.el5.i686.rpm	028b288f40cff500fb08e2cfae8ac4a07302ec1d0ffb1dd233fb0bcd3508ecb5	ELSA-2019-4732	ol5_i386_ELS
	kernel-PAE-devel-2.6.18-419.0.0.0.12.el5.i686.rpm	5786e63f8672d2050f13060930506691dffb7b487ebe757158338c1d83efe6ca	ELSA-2019-4732	ol5_i386_ELS
	kernel-debug-2.6.18-419.0.0.0.12.el5.i686.rpm	e01bd0e199aea36f2da0962ecc564cfead73aeac17cf6c15a393567bde788f9d	ELSA-2019-4732	ol5_i386_ELS
	kernel-debug-devel-2.6.18-419.0.0.0.12.el5.i686.rpm	e6d6111908a17da9c584ca498e3325060a2e173872311e145726703234cf50f0	ELSA-2019-4732	ol5_i386_ELS
	kernel-devel-2.6.18-419.0.0.0.12.el5.i686.rpm	282ae2d5cdbe5377fbdfa0a23d14a1cab3c16e0f126e307fad1ee4ff7ac62a85	ELSA-2019-4732	ol5_i386_ELS
	kernel-doc-2.6.18-419.0.0.0.12.el5.noarch.rpm	8047e352e23d769667b409cda0d595c139eb30e3085ba92d39f58abf1c107a5e	ELSA-2019-4732	ol5_i386_ELS
	kernel-headers-2.6.18-419.0.0.0.12.el5.i386.rpm	b7cf288589756485113677074b2f2ae9be36968860653acbf21b16282d61def9	ELSA-2019-4732	ol5_i386_ELS
	kernel-xen-2.6.18-419.0.0.0.12.el5.i686.rpm	444edb357aafcc9ea21065895520b7b4796f5d07c1ea05ee8847ff9b1bfd1bee	ELSA-2019-4732	ol5_i386_ELS
	kernel-xen-devel-2.6.18-419.0.0.0.12.el5.i686.rpm	e5d5519a0a2bc0024b209c6d56437992f9084a8dab9ade2f4eb25912059e70d3	ELSA-2019-4732	ol5_i386_ELS
	ocfs2-2.6.18-419.0.0.0.12.el5-1.4.11-1.el5.i686.rpm	43150786df923f13286dc364cbe1af7ac6ae9d3eabe90738cb88c0e25bb05297	-	ol5_i386_ELS
	ocfs2-2.6.18-419.0.0.0.12.el5PAE-1.4.11-1.el5.i686.rpm	ce4dfed62fb4af4a18123607b781c0853bedb7d2659565bf6561d9b2b9f16d8e	-	ol5_i386_ELS
	ocfs2-2.6.18-419.0.0.0.12.el5debug-1.4.11-1.el5.i686.rpm	75b243cc29becea8405b70f19787c24bd738c0c92237f9f21458d3ea4583d15b	-	ol5_i386_ELS
	ocfs2-2.6.18-419.0.0.0.12.el5xen-1.4.11-1.el5.i686.rpm	e22b3e810a6c83254c1655421f192f0ef2754e14a8ff892a16b5d9ebedb7afa5	-	ol5_i386_ELS
	oracleasm-2.6.18-419.0.0.0.12.el5-2.0.5-2.el5.i686.rpm	5ec9e2c9588bc6f20e3c8a6cd770c8266a0cfa1646d5b544e4998ff0dbb7bd48	-	ol5_i386_ELS
	oracleasm-2.6.18-419.0.0.0.12.el5PAE-2.0.5-2.el5.i686.rpm	5275e96f1b17559f1e51e3f8654c0aa34417a1d98046a1babd0b8b98dee7612a	-	ol5_i386_ELS
	oracleasm-2.6.18-419.0.0.0.12.el5debug-2.0.5-2.el5.i686.rpm	c6e7445887145e54e63a429c7ea6495e0b61c47aa9b4224ab1d5ff67e8d7541d	-	ol5_i386_ELS
	oracleasm-2.6.18-419.0.0.0.12.el5xen-2.0.5-2.el5.i686.rpm	6260de06e727d8d1568accb4dd533a618c8007f88b7e038338e34216ebdb8797	-	ol5_i386_ELS

Oracle Linux 5 (ia64)	kernel-2.6.18-419.0.0.0.12.el5.src.rpm	a2035f13053d7bf7edba0b7e40f79afdb814daefec1ec1a6da1e86d220b4e9be	ELSA-2019-4732	ol5_ia64_ELS
	ocfs2-2.6.18-419.0.0.0.12.el5-1.4.11-1.el5.src.rpm	7f4e3f41d8b9e6e674e0800ebd4c6f177f5ca7b7a7c54d39581883031143f230	-	ol5_ia64_ELS
	oracleasm-2.6.18-419.0.0.0.12.el5-2.0.5-2.el5.src.rpm	7e7d3d4fc58edaa3826a14d63cbdc100024daad3a4fbfbee53ee8f1aed93ed8f	-	ol5_ia64_ELS
	kernel-2.6.18-419.0.0.0.12.el5.ia64.rpm	54bb9a4689a8e692dde0d08cf70df81f2daf33d47bc916d413ace2e5a72cd0c0	ELSA-2019-4732	ol5_ia64_ELS
	kernel-debug-2.6.18-419.0.0.0.12.el5.ia64.rpm	7f668d14cbe8f9736cddda07c1e03ce59f623f264373d9afc81c124f8545b984	ELSA-2019-4732	ol5_ia64_ELS
	kernel-debug-devel-2.6.18-419.0.0.0.12.el5.ia64.rpm	891398577c0db3212d633535d8ef3a65afdb04a8fd347c091e5b47a6545da9f1	ELSA-2019-4732	ol5_ia64_ELS
	kernel-devel-2.6.18-419.0.0.0.12.el5.ia64.rpm	b0eee864c603f4b28a38b2e7138826e2a1b2834515f83710d6b9381afd13f6e0	ELSA-2019-4732	ol5_ia64_ELS
	kernel-doc-2.6.18-419.0.0.0.12.el5.noarch.rpm	8047e352e23d769667b409cda0d595c139eb30e3085ba92d39f58abf1c107a5e	ELSA-2019-4732	ol5_ia64_ELS
	kernel-headers-2.6.18-419.0.0.0.12.el5.ia64.rpm	0601f68445a968677e5236955f89b010c4e2fb6e53831261506991ad9dd575bc	ELSA-2019-4732	ol5_ia64_ELS
	kernel-xen-2.6.18-419.0.0.0.12.el5.ia64.rpm	fb5230ebddefdf014b0d42c44e041a30f5abed6061d4f245f142d401782e2a63	ELSA-2019-4732	ol5_ia64_ELS
	kernel-xen-devel-2.6.18-419.0.0.0.12.el5.ia64.rpm	3da6a51a9998bc08b6d01b6ca43bdc82d5e3e6afb056e0806a27562d1b393d61	ELSA-2019-4732	ol5_ia64_ELS
	ocfs2-2.6.18-419.0.0.0.12.el5-1.4.11-1.el5.ia64.rpm	cec98e5dc31e0c45b803ebd16db4b54363d226a9d3955640469f7ee0eecf507b	-	ol5_ia64_ELS
	ocfs2-2.6.18-419.0.0.0.12.el5debug-1.4.11-1.el5.ia64.rpm	4045819ee38346c4bb6813a36ffc899bc8be91267e38e3a2b417775fdffe5edb	-	ol5_ia64_ELS
	ocfs2-2.6.18-419.0.0.0.12.el5xen-1.4.11-1.el5.ia64.rpm	51cd2843f158200d02e4152fa6303bcd6a142df51c9c2c195c911fcc5425b404	-	ol5_ia64_ELS

Oracle Linux 5 (x86_64)	kernel-2.6.18-419.0.0.0.12.el5.src.rpm	a2035f13053d7bf7edba0b7e40f79afdb814daefec1ec1a6da1e86d220b4e9be	ELSA-2019-4732	ol5_x86_64_ELS
	ocfs2-2.6.18-419.0.0.0.12.el5-1.4.11-1.el5.src.rpm	7f4e3f41d8b9e6e674e0800ebd4c6f177f5ca7b7a7c54d39581883031143f230	-	ol5_x86_64_ELS
	oracleasm-2.6.18-419.0.0.0.12.el5-2.0.5-2.el5.src.rpm	7e7d3d4fc58edaa3826a14d63cbdc100024daad3a4fbfbee53ee8f1aed93ed8f	-	ol5_x86_64_ELS
	kernel-2.6.18-419.0.0.0.12.el5.x86_64.rpm	72c635f4b4746f003c005a311d6f32b8ca3d439950d27729cab151ac4c65a77c	ELSA-2019-4732	ol5_x86_64_ELS
	kernel-debug-2.6.18-419.0.0.0.12.el5.x86_64.rpm	60ce559ed78fdd6da85ac6486ae8c3b88a8b521c46f1189cb9d67a3aa0930051	ELSA-2019-4732	ol5_x86_64_ELS
	kernel-debug-devel-2.6.18-419.0.0.0.12.el5.x86_64.rpm	601f69b0fcca7ec580f8e944072098d8975537e2a2dc2270b584cf90774089ab	ELSA-2019-4732	ol5_x86_64_ELS
	kernel-devel-2.6.18-419.0.0.0.12.el5.x86_64.rpm	cc8b358723cee85e44a84e3e945cf98d82783abb1351f6b3c14a151fd99e909b	ELSA-2019-4732	ol5_x86_64_ELS
	kernel-doc-2.6.18-419.0.0.0.12.el5.noarch.rpm	8047e352e23d769667b409cda0d595c139eb30e3085ba92d39f58abf1c107a5e	ELSA-2019-4732	ol5_x86_64_ELS
	kernel-headers-2.6.18-419.0.0.0.12.el5.x86_64.rpm	9000d219930c20344d5a1faaa374ac0cff1de3a45dc3bda0f6b3d533ec194d84	ELSA-2019-4732	ol5_x86_64_ELS
	kernel-xen-2.6.18-419.0.0.0.12.el5.x86_64.rpm	a83c3385474c3c3697b1ae9cd8ca2da225216680aeea072a7743517b6afa6bf1	ELSA-2019-4732	ol5_x86_64_ELS
	kernel-xen-devel-2.6.18-419.0.0.0.12.el5.x86_64.rpm	379e00c50801666cf6f6e4d1dc73a166a7fb08a787d0400f3b85bc976704ffcc	ELSA-2019-4732	ol5_x86_64_ELS
	ocfs2-2.6.18-419.0.0.0.12.el5-1.4.11-1.el5.x86_64.rpm	acdb63b9d65c45363cbf426cc57a326fe2c977a4c40fff690e8563759de17231	-	ol5_x86_64_ELS
	ocfs2-2.6.18-419.0.0.0.12.el5debug-1.4.11-1.el5.x86_64.rpm	070790877aecf95be285109fdc98e3bd3440b11b5801d74f2eef00e5b7a57739	-	ol5_x86_64_ELS
	ocfs2-2.6.18-419.0.0.0.12.el5xen-1.4.11-1.el5.x86_64.rpm	5a01d4e6aa1f23d0cda307dc7a51428bec9653af4baa3ea23f3a2415ca4c9a71	-	ol5_x86_64_ELS
	oracleasm-2.6.18-419.0.0.0.12.el5-2.0.5-2.el5.x86_64.rpm	4fbcdb20204e83bf3d9c8f4bfcb71a6326e643aacd91474262e0859c545f93c6	-	ol5_x86_64_ELS
	oracleasm-2.6.18-419.0.0.0.12.el5debug-2.0.5-2.el5.x86_64.rpm	39a699294c1846d560397e3110a5c1459babb216b0d764567d87aa4e0f236171	-	ol5_x86_64_ELS
	oracleasm-2.6.18-419.0.0.0.12.el5xen-2.0.5-2.el5.x86_64.rpm	e968916fe97fb4ccdaa9ef97d1a3b70939e45514aa3c412f0e634766d38370ff	-	ol5_x86_64_ELS

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691