ELSA-2019-1167
- ULN >
- Oracle Linux Errata repository >
- ELSA-2019-1167
ELSA-2019-1167 - kernel security and bug fix update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2019-07-30 |
Description
[4.18.0-80.1.2_0.OL8]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
[4.18.0-80.1.2_0]
- [arm64] arm64/speculation: Support 'mitigations=' cmdline option (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [s390] s390/speculation: Support 'mitigations=' cmdline option (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [powerpc] powerpc/speculation: Support 'mitigations=' cmdline option (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [powerpc] powerpc/64: Disable the speculation barrier from the command line (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation/mds: Add 'mitigations=' support for MDS (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation: Support 'mitigations=' cmdline option (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [kernel] cpu/speculation: Add 'mitigations=' cmdline option (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation/mds: Fix comment (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation/mds: Add SMT warning message (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation/mds: Add mds=full, nosmt cmdline option (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [documentation] Documentation: Add MDS vulnerability documentation (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [documentation] Documentation: Move L1TF to separate directory (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation/mds: Add mitigation mode VMWERV (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation/mds: Add sysfs reporting for MDS (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation/mds: Add mitigation control for MDS (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation: Consolidate CPU whitelists (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/msr-index: Cleanup bit defines (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/speculation: Cast ~SPEC_CTRL_STIBP atomic value to int (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [x86] x86/cpu: Sanitize FAM6_ATOM naming (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
file (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
- [tools] tools include: Adopt linux/bits.h (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
[4.18.0-80.1.1_0]
- [zstream] switch to zstream (Frantisek Hrbata)
Related CVEs
| CVE-2018-12126 |
| CVE-2018-12130 |
| CVE-2018-12127 |
| CVE-2019-11091 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 8 (aarch64) | kernel-4.18.0-80.1.2.el8_0.src.rpm | 6ec90ce31d404624c79348dadd5c488f | - |
| kernel-tools-libs-devel-4.18.0-80.1.2.el8_0.aarch64.rpm | 14ea462686104ce2a4d13a2375163d3f | - | |
| Oracle Linux 8 (x86_64) | kernel-4.18.0-80.1.2.el8_0.src.rpm | 6ec90ce31d404624c79348dadd5c488f | - |
| bpftool-4.18.0-80.1.2.el8_0.x86_64.rpm | 31471c992fc4ca441849023a47afddd7 | - | |
| kernel-4.18.0-80.1.2.el8_0.x86_64.rpm | 570329689f5ad401e26112a0a01bc091 | - | |
| kernel-abi-whitelists-4.18.0-80.1.2.el8_0.noarch.rpm | 51b370f05f3fb3912edce0013a509ceb | - | |
| kernel-core-4.18.0-80.1.2.el8_0.x86_64.rpm | 516698c59dd09fa8ef97aa9031ac8350 | - | |
| kernel-cross-headers-4.18.0-80.1.2.el8_0.x86_64.rpm | f7371c06b817c0ccd5a0222b51120050 | - | |
| kernel-debug-4.18.0-80.1.2.el8_0.x86_64.rpm | 28cfd8272f721bbd44c1e23dec71580e | - | |
| kernel-debug-core-4.18.0-80.1.2.el8_0.x86_64.rpm | 073afd28b1f02ee5e8d0b9a5ae778357 | - | |
| kernel-debug-devel-4.18.0-80.1.2.el8_0.x86_64.rpm | 4285a5b8ba480b17541194b4821b818d | - | |
| kernel-debug-modules-4.18.0-80.1.2.el8_0.x86_64.rpm | 67c87b4c9be22f7a8827af6de03cb38a | - | |
| kernel-debug-modules-extra-4.18.0-80.1.2.el8_0.x86_64.rpm | b9ac7118c95dd11184598656035cecd7 | - | |
| kernel-devel-4.18.0-80.1.2.el8_0.x86_64.rpm | bb09cf6ae6df55594a3f8667fabc24da | - | |
| kernel-doc-4.18.0-80.1.2.el8_0.noarch.rpm | 3347e2a5bdd28e0dbc5974793b7edb72 | - | |
| kernel-headers-4.18.0-80.1.2.el8_0.x86_64.rpm | f8f2f4e736a2887fefb1c0344ce915ea | - | |
| kernel-modules-4.18.0-80.1.2.el8_0.x86_64.rpm | aae47b41f1744ecb8c05cc84f24da822 | - | |
| kernel-modules-extra-4.18.0-80.1.2.el8_0.x86_64.rpm | 6ed7cd69a82e2bdeb88ec806b52b1239 | - | |
| kernel-tools-4.18.0-80.1.2.el8_0.x86_64.rpm | cc11291034af342c2a14881ba43c0074 | - | |
| kernel-tools-libs-4.18.0-80.1.2.el8_0.x86_64.rpm | 6067039c9c63dd42ea8c6717569977a8 | - | |
| kernel-tools-libs-devel-4.18.0-80.1.2.el8_0.x86_64.rpm | 6c21f482aaa7d52d72ef1cc2d0b30eaa | - | |
| perf-4.18.0-80.1.2.el8_0.x86_64.rpm | 79a1f94d58a7166d3993c20d06b61d93 | - | |
| python3-perf-4.18.0-80.1.2.el8_0.x86_64.rpm | 49b66c0a9a60d3fa6d64c2e7606377e3 | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
