ELSA-2019-4509
- ULN >
- Oracle Linux Errata repository >
- ELSA-2019-4509
ELSA-2019-4509 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2019-01-15 |
Description
[4.14.35-1844.1.3]
- net: rds: fix rds_ib_sysctl_max_recv_allocation error (Zhu Yanjun) [Orabug: 29003422]
- nfs: dont dirty kernel pages read by direct-io (Dave Kleikamp) [Orabug: 29122062]
- KVM: X86: Fix scan ioapic use-before-initialization (Wanpeng Li) [Orabug: 29026132] {CVE-2018-19407}
- hugetlb: take PMD sharing into account when flushing tlb/caches (Mike Kravetz) [Orabug: 28951436]
- mm: migration: fix migration of huge PMD shared pages (Mike Kravetz) [Orabug: 28951436]
- mm/mmu_notifier: avoid double notification when it is useless (Jerome Glisse) [Orabug: 28951436]
[4.14.35-1844.1.2]
- ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c (Hui Peng) [Orabug: 29042979] {CVE-2018-19824}
- arm64/kernel: kaslr: reduce module randomization range to 4 GB (Ard Biesheuvel) [Orabug: 28954789]
- xfs: enhance dinode verifier (Eric Sandeen) [Orabug: 28997653] {CVE-2018-10322}
- xfs: move inode fork verifiers to xfs_dinode_verify (Darrick J. Wong) [Orabug: 28997653] {CVE-2018-10322}
- Revert 'xfs: move inode fork verifiers to xfs_dinode_verify' (Shan Hai) [Orabug: 28997653]
- Revert 'xfs: enhance dinode verifier' (Shan Hai) [Orabug: 28997653]
[4.14.35-1844.1.1]
- arm64: disable /dev/port on 64 bit ARM (Eric Saint-Etienne) [Orabug: 28961247]
- crypto: ccp - add timeout support in the SEV command (Brijesh Singh) [Orabug: 29029018]
- crypto: ccp - Add GET_ID SEV command (Janakarajan Natarajan) [Orabug: 29029018]
- crypto: ccp - Add DOWNLOAD_FIRMWARE SEV command (Janakarajan Natarajan) [Orabug: 29029018]
- net: phy: mdio-bcm-unimac: fix potential NULL dereference in unimac_mdio_probe() (Wei Yongjun) [Orabug: 27677743] {CVE-2018-8043}
- vti6: remove !skb->ignore_df check from vti6_xmit() (Alexey Kodanev) [Orabug: 28940590]
- A/A failback does not work in concert with ibacm (Hakon Bugge) [Orabug: 28972800]
- ACPICA: Reference Counts: increase max to 0x4000 for large servers (Erik Schmauss) [Orabug: 29019053]
[4.14.35-1844.1.0]
- wil6210: missing length check in wmi_set_ie (Lior David) [Orabug: 28951264] {CVE-2018-5848}
- [PATCH UEK5 u1 v3] dtrace: add DTRACEACT_PCAP for packet capture for later pcap_dump() (Alan Maguire) [Orabug: 28951771]
- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (Andy Whitcroft) {CVE-2018-7755} {CVE-2018-7755}
- [PATCH UEK5 u1 v2] dtrace: fix ip provider inconsistencies between IPv4/IPv6 (Alan Maguire) [Orabug: 28956807]
- x86/speculation: Make enhanced IBRS the default spectre v2 mitigation (Alejandro Jimenez) [Orabug: 28992002]
- x86/speculation: Enable enhanced IBRS usage (Alejandro Jimenez) [Orabug: 28992002]
- x86/speculation: functions for supporting enhanced IBRS (Alejandro Jimenez) [Orabug: 28992002]
- Add forward declaration of tlb_flush, required for asm-generic. (Jack Vogel) [Orabug: 28866513]
- x86/mm: Page size aware flush_tlb_mm_range() (Peter Zijlstra) [Orabug: 28866513]
- mm/memory: Move mmu_gather and TLB invalidation code into its own file (Peter Zijlstra) [Orabug: 28866513]
- asm-generic/tlb: Track which levels of the page tables have been cleared (Will Deacon) [Orabug: 28866513]
- asm-generic/tlb: Track freeing of page-table directories in struct mmu_gather (Peter Zijlstra) [Orabug: 28866513]
- mm: mmu_notifier fix for tlb_end_vma (Nicholas Piggin) [Orabug: 28866513]
- mm: update comment describing tlb_gather_mmu (Mike Rapoport) [Orabug: 28866513]
Related CVEs
| CVE-2018-5848 |
| CVE-2018-10322 |
| CVE-2018-7755 |
| CVE-2018-8043 |
| CVE-2018-19824 |
| CVE-2018-19407 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (aarch64) | kernel-uek-4.14.35-1844.1.3.el7uek.src.rpm | 98829d41d52284341d0749b31b5fe2ac | ELSA-2021-9220 |
| kernel-uek-4.14.35-1844.1.3.el7uek.aarch64.rpm | ed1942e47b16a0ae329bfa0a35293e78 | ELSA-2021-9220 | |
| kernel-uek-debug-4.14.35-1844.1.3.el7uek.aarch64.rpm | 8f9a3ccffcea9688a554ad3110e80b22 | ELSA-2021-9220 | |
| kernel-uek-debug-devel-4.14.35-1844.1.3.el7uek.aarch64.rpm | 569b363fdc4c2e615ef2c5bf8a456c5d | ELSA-2021-9220 | |
| kernel-uek-devel-4.14.35-1844.1.3.el7uek.aarch64.rpm | 6b11a577daa381ad47af09f20d03a9d8 | ELSA-2021-9220 | |
| kernel-uek-headers-4.14.35-1844.1.3.el7uek.aarch64.rpm | 8a638f8b22e1cf2e05b9f53eba8cc43b | ELSA-2021-9222 | |
| kernel-uek-tools-4.14.35-1844.1.3.el7uek.aarch64.rpm | fa534ed934fa847acc096c18c74ca96f | ELSA-2021-9220 | |
| kernel-uek-tools-libs-4.14.35-1844.1.3.el7uek.aarch64.rpm | 731e4942dda1a13f0af412255856e828 | ELSA-2021-9220 | |
| kernel-uek-tools-libs-devel-4.14.35-1844.1.3.el7uek.aarch64.rpm | 41d2adf3798f97fdc95c90feb26fee6b | ELSA-2021-9222 | |
| perf-4.14.35-1844.1.3.el7uek.aarch64.rpm | 5bc6072faa4d029e3834f1d3886d7695 | ELSA-2021-9220 | |
| python-perf-4.14.35-1844.1.3.el7uek.aarch64.rpm | 28eb1578a549cb6128084146f4125ef3 | ELSA-2021-9220 | |
| Oracle Linux 7 (x86_64) | kernel-uek-4.14.35-1844.1.3.el7uek.src.rpm | 98829d41d52284341d0749b31b5fe2ac | ELSA-2021-9220 |
| kernel-uek-4.14.35-1844.1.3.el7uek.x86_64.rpm | 94d1515bc81876965cab9d9c31e72a37 | ELSA-2021-9220 | |
| kernel-uek-debug-4.14.35-1844.1.3.el7uek.x86_64.rpm | 8ecbcc52395344c5f6e54c4cc88d6bae | ELSA-2021-9220 | |
| kernel-uek-debug-devel-4.14.35-1844.1.3.el7uek.x86_64.rpm | 080ca3c22d839f42466f3c5b0abe61bd | ELSA-2021-9220 | |
| kernel-uek-devel-4.14.35-1844.1.3.el7uek.x86_64.rpm | f67571d3fa054c4f54e6daaa1db840c8 | ELSA-2021-9220 | |
| kernel-uek-doc-4.14.35-1844.1.3.el7uek.noarch.rpm | 2ebd6f3dea47aefcdd8e19739aec6d89 | ELSA-2021-9220 | |
| kernel-uek-tools-4.14.35-1844.1.3.el7uek.x86_64.rpm | 541787e7d2696fb6517d25ca584c54e9 | ELSA-2021-9220 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
