ELSA-2019-1169

ELSA-2019-1169 - kernel security and bug fix update

Type:SECURITY
Severity:IMPORTANT
Release Date:2019-05-14

Description


[2.6.32-754.14.2.OL6]
- Update genkey [bug 25599697]

[2.6.32-754.14.2]
- [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mds=full, nosmt cmdline option (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kernel] sched/smt: Provide sched_smt_active() (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Provide arch_smt_update() (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/mm: Fix compilation warning in pgtable_types.h (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}

[2.6.32-754.14.1]
- [s390] kernel: Add crypto card toleration support (Hendrik Brueckner) [1695496]

[2.6.32-754.13.1]
- [fs] ext4: Fix data corruption caused by unaligned direct AIO (Lukas Czerner) [1686170]


Related CVEs


CVE-2018-12126
CVE-2018-12130
CVE-2018-12127
CVE-2019-11091

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) kernel-2.6.32-754.14.2.el6.src.rpmd188aad616698d809c30e559a43fd67a-
kernel-2.6.32-754.14.2.el6.i686.rpm9e2aa62691171b8a56b2fa6bf96b6479-
kernel-abi-whitelists-2.6.32-754.14.2.el6.noarch.rpm571ec5db1d729582db0b5968d195a4fd-
kernel-debug-2.6.32-754.14.2.el6.i686.rpm34e8de6318f6eb099b2a1f2f7f45ca06-
kernel-debug-devel-2.6.32-754.14.2.el6.i686.rpmfd3e1b679b7765f5a009851215ea43b7-
kernel-devel-2.6.32-754.14.2.el6.i686.rpm37356ad61299ce12074c09a90d72e87a-
kernel-doc-2.6.32-754.14.2.el6.noarch.rpm8d1de933130c570e46442220b1e7cc36-
kernel-firmware-2.6.32-754.14.2.el6.noarch.rpm720508d809a3ee4fb0e03461991e790c-
kernel-headers-2.6.32-754.14.2.el6.i686.rpm542c1490d3322b3235e7668843a63c30-
perf-2.6.32-754.14.2.el6.i686.rpmb296b5a805842b066f8c3eb7565d82c7-
python-perf-2.6.32-754.14.2.el6.i686.rpm8deb44cc2f5723adc686b6e0e3d2c7d5-
Oracle Linux 6 (x86_64) kernel-2.6.32-754.14.2.el6.src.rpmd188aad616698d809c30e559a43fd67a-
kernel-2.6.32-754.14.2.el6.x86_64.rpm25faa894d102fa8b7f4814fdb9c1faf2-
kernel-abi-whitelists-2.6.32-754.14.2.el6.noarch.rpm571ec5db1d729582db0b5968d195a4fd-
kernel-debug-2.6.32-754.14.2.el6.x86_64.rpm25960f229b57f2fc4bb0e0fe3dabb367-
kernel-debug-devel-2.6.32-754.14.2.el6.i686.rpmfd3e1b679b7765f5a009851215ea43b7-
kernel-debug-devel-2.6.32-754.14.2.el6.x86_64.rpm1593599fc235fbc53262a4b02e8daa6e-
kernel-devel-2.6.32-754.14.2.el6.x86_64.rpma12fca12a5b8852a0217fbc105e16f5d-
kernel-doc-2.6.32-754.14.2.el6.noarch.rpm8d1de933130c570e46442220b1e7cc36-
kernel-firmware-2.6.32-754.14.2.el6.noarch.rpm720508d809a3ee4fb0e03461991e790c-
kernel-headers-2.6.32-754.14.2.el6.x86_64.rpm5725c624123f131545fd8f66af9e26c9-
perf-2.6.32-754.14.2.el6.x86_64.rpm66221b3cbf75e9622fd05b9eac3a6835-
python-perf-2.6.32-754.14.2.el6.x86_64.rpmbcfe4935c024c83bf0c520dcb983985a-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete