Stay Connected:

ELSA-2019-3872

ELSA-2019-3872 - kernel security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2019-11-14

Description


[3.10.0-1062.4.3.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]

[3.10.0-1062.4.3]
- [drm] drm/i915/cmdparser: Fix jump whitelist clearing (Dave Airlie) [1756882 1756883] {CVE-2019-0155}

[3.10.0-1062.4.2]
- [drm] drm/i915: Lower RM timeout to avoid DSI hard hangs (Dave Airlie) [1756815 1756816] {CVE-2019-0154}
- [drm] drm/i915/gen8+: Add RC6 CTX corruption WA (Dave Airlie) [1756815 1756816] {CVE-2019-0154}
- [drm] drm/i915/cmdparser: Ignore Length operands during command matching (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915/cmdparser: Add support for backward jumps (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915/cmdparser: Use explicit goto for error paths (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915: Add gen9 BCS cmdparsing (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915: Allow parsing of unsized batches (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915: Add support for mandatory cmdparsing (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915: Remove Master tables from cmdparser (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915: Disable Secure Batches for gen6+ (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915: Rename gen7 cmdparser tables (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [x86] tsx: Add config options to set tsx=on|off|auto (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [documentation] x86/speculation/taa: Add documentation for TSX Async Abort (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [x86] tsx: Add 'auto' option to the tsx= cmdline parameter (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [x86] speculation/taa: Add sysfs reporting for TSX Async Abort (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [x86] speculation/taa: Add mitigation for TSX Async Abort (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [x86] cpu: Add a 'tsx=' cmdline option with TSX disabled by default (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [x86] cpu: Add a helper function x86_read_arch_cap_msr() (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [x86] msr: Add the IA32_TSX_CTRL MSR (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [documentation] documentation: Add ITLB_MULTIHIT documentation (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: x86: mmu: Recovery of shattered NX large pages (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [virt] kvm: Add helper function for creating VM worker threads (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: mmu: ITLB_MULTIHIT mitigation (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [kernel] cpu/speculation: Uninline and export CPU mitigations helpers (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] cpu: Add Tremont to the cpu vulnerability whitelist (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] Add ITLB_MULTIHIT bug infrastructure (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: x86: add tracepoints around __direct_map and FNAME(fetch) (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: x86: remove now unneeded hugepage gfn adjustment (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: x86: make FNAME(fetch) and __direct_map more similar (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: mmu: Do not release the page inside mmu_set_spte() (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: x86: mmu: Remove unused parameter of __direct_map() (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [virt] kvm: Convert kvm_lock to a mutex (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: mmu: drop vcpu param in gpte_access (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [virt] kvm: x86, powerpc: do not allow clearing largepages debugfs entry (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}


Related CVEs


CVE-2019-0155

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (x86_64) kernel-3.10.0-1062.4.3.el7.src.rpmad3572ec2916ae763c40d6fde423d9639fee6dcdec8774aff3119febe90ba89cELSA-2025-1281ol7_x86_64_latest
kernel-3.10.0-1062.4.3.el7.src.rpmad3572ec2916ae763c40d6fde423d9639fee6dcdec8774aff3119febe90ba89cELSA-2025-1281ol7_x86_64_latest_archive
kernel-3.10.0-1062.4.3.el7.src.rpmad3572ec2916ae763c40d6fde423d9639fee6dcdec8774aff3119febe90ba89cELSA-2025-1281ol7_x86_64_optional_archive
kernel-3.10.0-1062.4.3.el7.src.rpmad3572ec2916ae763c40d6fde423d9639fee6dcdec8774aff3119febe90ba89cELSA-2025-1281ol7_x86_64_optional_latest
kernel-3.10.0-1062.4.3.el7.src.rpmad3572ec2916ae763c40d6fde423d9639fee6dcdec8774aff3119febe90ba89cELSA-2025-1281ol7_x86_64_u7_patch
bpftool-3.10.0-1062.4.3.el7.x86_64.rpm8c0a7f67a9cc8f8dfa99c4583d023c4d02a9401938b8c2f48e67fc50707bbc51ELSA-2025-1281ol7_x86_64_latest
bpftool-3.10.0-1062.4.3.el7.x86_64.rpm8c0a7f67a9cc8f8dfa99c4583d023c4d02a9401938b8c2f48e67fc50707bbc51ELSA-2025-1281ol7_x86_64_latest_archive
bpftool-3.10.0-1062.4.3.el7.x86_64.rpm8c0a7f67a9cc8f8dfa99c4583d023c4d02a9401938b8c2f48e67fc50707bbc51ELSA-2025-1281ol7_x86_64_u7_patch
kernel-3.10.0-1062.4.3.el7.x86_64.rpm7fa350733215871d5369851373f554dc8aa392a6d6852f3248acd442427ae334ELSA-2025-1281ol7_x86_64_latest
kernel-3.10.0-1062.4.3.el7.x86_64.rpm7fa350733215871d5369851373f554dc8aa392a6d6852f3248acd442427ae334ELSA-2025-1281ol7_x86_64_latest_archive
kernel-3.10.0-1062.4.3.el7.x86_64.rpm7fa350733215871d5369851373f554dc8aa392a6d6852f3248acd442427ae334ELSA-2025-1281ol7_x86_64_u7_patch
kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm602f89369e73732981827304265509a3468606ce263a8ee673ed868ac67be6b0ELSA-2025-1281ol7_x86_64_latest
kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm602f89369e73732981827304265509a3468606ce263a8ee673ed868ac67be6b0ELSA-2025-1281ol7_x86_64_latest_archive
kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm602f89369e73732981827304265509a3468606ce263a8ee673ed868ac67be6b0ELSA-2025-1281ol7_x86_64_u7_patch
kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpmf9d0f5a45eb02be932c2c8cd05d2aa6b4f67ca93ebe2b05082ebba650d3c78ddELSA-2025-1281ol7_x86_64_latest
kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpmf9d0f5a45eb02be932c2c8cd05d2aa6b4f67ca93ebe2b05082ebba650d3c78ddELSA-2025-1281ol7_x86_64_latest_archive
kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpmf9d0f5a45eb02be932c2c8cd05d2aa6b4f67ca93ebe2b05082ebba650d3c78ddELSA-2025-1281ol7_x86_64_u7_patch
kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm917a5cdaf88f09e528b537dbc1d8567956929722b6f17b5e1ac025dc171de0caELSA-2025-1281ol7_x86_64_latest
kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm917a5cdaf88f09e528b537dbc1d8567956929722b6f17b5e1ac025dc171de0caELSA-2025-1281ol7_x86_64_latest_archive
kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm917a5cdaf88f09e528b537dbc1d8567956929722b6f17b5e1ac025dc171de0caELSA-2025-1281ol7_x86_64_u7_patch
kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm8ecb439f049a57c439ceb3cf2e7a61c68b327335fb1147cc4fc4e2cd49d346ccELSA-2025-1281ol7_x86_64_latest
kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm8ecb439f049a57c439ceb3cf2e7a61c68b327335fb1147cc4fc4e2cd49d346ccELSA-2025-1281ol7_x86_64_latest_archive
kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm8ecb439f049a57c439ceb3cf2e7a61c68b327335fb1147cc4fc4e2cd49d346ccELSA-2025-1281ol7_x86_64_u7_patch
kernel-doc-3.10.0-1062.4.3.el7.noarch.rpmfd14ff606476f125df1155d30be665b89eca15fe5c0ae9881dc0aebdbd643041ELSA-2025-1281ol7_x86_64_latest
kernel-doc-3.10.0-1062.4.3.el7.noarch.rpmfd14ff606476f125df1155d30be665b89eca15fe5c0ae9881dc0aebdbd643041ELSA-2025-1281ol7_x86_64_latest_archive
kernel-doc-3.10.0-1062.4.3.el7.noarch.rpmfd14ff606476f125df1155d30be665b89eca15fe5c0ae9881dc0aebdbd643041ELSA-2025-1281ol7_x86_64_u7_patch
kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm7adeb966f81ee4776c459f869056f2185fc4f6b7c5e4f81d6ebda66e12665202ELSA-2025-1281exadata_dbserver_19.2.9.0.0_x86_64_base
kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm7adeb966f81ee4776c459f869056f2185fc4f6b7c5e4f81d6ebda66e12665202ELSA-2025-1281exadata_dbserver_19.3.3.0.0_x86_64_base
kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm7adeb966f81ee4776c459f869056f2185fc4f6b7c5e4f81d6ebda66e12665202ELSA-2025-1281ol7_x86_64_latest
kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm7adeb966f81ee4776c459f869056f2185fc4f6b7c5e4f81d6ebda66e12665202ELSA-2025-1281ol7_x86_64_latest_archive
kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm7adeb966f81ee4776c459f869056f2185fc4f6b7c5e4f81d6ebda66e12665202ELSA-2025-1281ol7_x86_64_u7_patch
kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm081aff8f528ec5b4633207c36a791e18362537d518052742c1b752f8d6b24865ELSA-2025-1281ol7_x86_64_latest
kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm081aff8f528ec5b4633207c36a791e18362537d518052742c1b752f8d6b24865ELSA-2025-1281ol7_x86_64_latest_archive
kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm081aff8f528ec5b4633207c36a791e18362537d518052742c1b752f8d6b24865ELSA-2025-1281ol7_x86_64_u7_patch
kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpmaa32d61fbd501632216530b42b04127948dfc74c7a42b6cbf6b79d604ea5b2d1ELSA-2025-1281ol7_x86_64_latest
kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpmaa32d61fbd501632216530b42b04127948dfc74c7a42b6cbf6b79d604ea5b2d1ELSA-2025-1281ol7_x86_64_latest_archive
kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpmaa32d61fbd501632216530b42b04127948dfc74c7a42b6cbf6b79d604ea5b2d1ELSA-2025-1281ol7_x86_64_u7_patch
kernel-tools-libs-devel-3.10.0-1062.4.3.el7.x86_64.rpm8ae68c005ee026e5d9783acaa85ce3ebbf2db4b3fb3d360f1f5733d294d9b028ELSA-2025-1281ol7_x86_64_optional_archive
kernel-tools-libs-devel-3.10.0-1062.4.3.el7.x86_64.rpm8ae68c005ee026e5d9783acaa85ce3ebbf2db4b3fb3d360f1f5733d294d9b028ELSA-2025-1281ol7_x86_64_optional_latest
perf-3.10.0-1062.4.3.el7.x86_64.rpm78d3e77ebba70ba4e8ec240190b13f23bb9e225bf7c02a6b48ddacc9f0cba67bELSA-2025-20019ol7_x86_64_latest
perf-3.10.0-1062.4.3.el7.x86_64.rpm78d3e77ebba70ba4e8ec240190b13f23bb9e225bf7c02a6b48ddacc9f0cba67bELSA-2025-20019ol7_x86_64_latest_archive
perf-3.10.0-1062.4.3.el7.x86_64.rpm78d3e77ebba70ba4e8ec240190b13f23bb9e225bf7c02a6b48ddacc9f0cba67bELSA-2025-20019ol7_x86_64_u7_patch
python-perf-3.10.0-1062.4.3.el7.x86_64.rpm2837337b7fc20591b180af586a14cf36d73874f080ef58ee036798619a6ddee9ELSA-2025-20019ol7_x86_64_latest
python-perf-3.10.0-1062.4.3.el7.x86_64.rpm2837337b7fc20591b180af586a14cf36d73874f080ef58ee036798619a6ddee9ELSA-2025-20019ol7_x86_64_latest_archive
python-perf-3.10.0-1062.4.3.el7.x86_64.rpm2837337b7fc20591b180af586a14cf36d73874f080ef58ee036798619a6ddee9ELSA-2025-20019ol7_x86_64_u7_patch



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights