ELSA-2019-1488
- ULN >
- Oracle Linux Errata repository >
- ELSA-2019-1488
ELSA-2019-1488 - kernel security and bug fix update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2019-06-18 |
Description
[2.6.32-754.15.3.OL6]
- Update genkey [bug 25599697]
[2.6.32-754.15.3]
- [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719614] {CVE-2019-11479}
- [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719614] {CVE-2019-11479}
- [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719840] {CVE-2019-11478}
- [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719585] {CVE-2019-11477}
- [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719585] {CVE-2019-11477}
[2.6.32-754.15.2]
- [lib] idr: free the top layer if idr tree has the maximum height (Denys Vlasenko) [1698139] {CVE-2019-3896}
- [lib] idr: fix top layer handling (Denys Vlasenko) [1698139] {CVE-2019-3896}
- [lib] idr: fix backtrack logic in idr_remove_all (Denys Vlasenko) [1698139] {CVE-2019-3896}
[2.6.32-754.15.1]
- [x86] x86/speculation: Don't print MDS_MSG_SMT message if mds_nosmt specified (Waiman Long) [1710081 1710517]
- [x86] x86/spec_ctrl: Fix incorrect MDS handling in late microcode loading (Waiman Long) [1710081 1710517]
- [x86] x86/speculation: Fix misuse of boot_cpu_has() with bug bits (Waiman Long) [1710121]
- [x86] x86/speculation/mds: Fix documentation typo (Waiman Long) [1710517]
- [documentation] Documentation: Correct the possible MDS sysfs values (Waiman Long) [1710517]
- [x86] x86/mds: Add MDSUM variant to the MDS documentation (Waiman Long) [1710517]
- [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1710517]
- [x86] x86/speculation/mds: Fix comment (Waiman Long) [1710517]
- [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mds=full, nosmt cmdline option (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kernel] sched/smt: Provide sched_smt_active() (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Provide arch_smt_update() (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/mm: Fix compilation warning in pgtable_types.h (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
Related CVEs
| CVE-2019-11477 |
| CVE-2019-11479 |
| CVE-2019-3896 |
| CVE-2019-11478 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 6 (i386) | kernel-2.6.32-754.15.3.el6.src.rpm | 15f39ca84222375f638c37c3ee112774 | ELSA-2021-9212 |
| kernel-2.6.32-754.15.3.el6.i686.rpm | 78ec2448895004ebbc590a7ea952f350 | ELSA-2021-9212 | |
| kernel-abi-whitelists-2.6.32-754.15.3.el6.noarch.rpm | 4a40ab5f2e143189e47dea8ec0c7450a | ELSA-2021-9212 | |
| kernel-debug-2.6.32-754.15.3.el6.i686.rpm | 7993908ac0ec702b7ad93919062b3ca1 | ELSA-2021-9212 | |
| kernel-debug-devel-2.6.32-754.15.3.el6.i686.rpm | 1a21434f0a234297d4df0145e25907af | ELSA-2021-9212 | |
| kernel-devel-2.6.32-754.15.3.el6.i686.rpm | e676bfc0b54c2df0525b99570041adb7 | ELSA-2021-9212 | |
| kernel-doc-2.6.32-754.15.3.el6.noarch.rpm | 3b5b35dd31089a637542fa26280db6d8 | ELSA-2021-9212 | |
| kernel-firmware-2.6.32-754.15.3.el6.noarch.rpm | 3670c0cff52ba5e8d7a5692f9b645fd5 | ELSA-2021-9212 | |
| kernel-headers-2.6.32-754.15.3.el6.i686.rpm | 25705d6323a785f6fe1de0c428227982 | ELSA-2021-9212 | |
| perf-2.6.32-754.15.3.el6.i686.rpm | c556d4470f3b5cfd5caa119a5c407508 | ELSA-2021-9212 | |
| python-perf-2.6.32-754.15.3.el6.i686.rpm | 8d1902d8bf90374bfc18c57523a391c3 | ELSA-2021-9212 | |
| Oracle Linux 6 (x86_64) | kernel-2.6.32-754.15.3.el6.src.rpm | 15f39ca84222375f638c37c3ee112774 | ELSA-2021-9212 |
| kernel-2.6.32-754.15.3.el6.x86_64.rpm | a75425eeb673584848469348c3a267aa | ELSA-2021-9212 | |
| kernel-abi-whitelists-2.6.32-754.15.3.el6.noarch.rpm | 4a40ab5f2e143189e47dea8ec0c7450a | ELSA-2021-9212 | |
| kernel-debug-2.6.32-754.15.3.el6.x86_64.rpm | 955ff99a713953281b746d094801ca98 | ELSA-2021-9212 | |
| kernel-debug-devel-2.6.32-754.15.3.el6.i686.rpm | 1a21434f0a234297d4df0145e25907af | ELSA-2021-9212 | |
| kernel-debug-devel-2.6.32-754.15.3.el6.x86_64.rpm | 55fc89c4bef9263101a9cd666599b32c | ELSA-2021-9212 | |
| kernel-devel-2.6.32-754.15.3.el6.x86_64.rpm | 96434e6e9aec07627fc93fa872b7760d | ELSA-2021-9212 | |
| kernel-doc-2.6.32-754.15.3.el6.noarch.rpm | 3b5b35dd31089a637542fa26280db6d8 | ELSA-2021-9212 | |
| kernel-firmware-2.6.32-754.15.3.el6.noarch.rpm | 3670c0cff52ba5e8d7a5692f9b645fd5 | ELSA-2021-9212 | |
| kernel-headers-2.6.32-754.15.3.el6.x86_64.rpm | 8adf5e55b3b125c6b8d92593af33e1dd | ELSA-2021-9212 | |
| perf-2.6.32-754.15.3.el6.x86_64.rpm | dfc1af282828318f38e59ab01fb126b8 | ELSA-2021-9212 | |
| python-perf-2.6.32-754.15.3.el6.x86_64.rpm | 56a1313ba9cf2c89e491d606325ccbe6 | ELSA-2021-9212 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
