ELSA-2019-4575

ULN >
Oracle Linux Errata repository >
ELSA-2019-4575

ELSA-2019-4575 - Unbreakable Enterprise kernel security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2019-03-12

Description

[4.1.12-124.26.1]
- NFS: commit direct writes even if they fail partially (J. Bruce Fields) [Orabug: 28212440]
- rds: update correct congestion map for loopback transport (Mukesh Kacker) [Orabug: 29175685]
- ext4: only look at the bg_flags field if it is valid (Theodore Tso) [Orabug: 29316684] {CVE-2018-10876} {CVE-2018-10876}
- uek-rpm: Add kernel-uek version to kernel-ueknano provides (Somasundaram Krishnasamy) [Orabug: 29357643]
- net: Set sk_prot_creator when cloning sockets to the right proto (Christoph Paasch) [Orabug: 29422739] {CVE-2018-9568}
- ext4: always check block group bounds in ext4_init_block_bitmap() (Theodore Tso) [Orabug: 29428607] {CVE-2018-10878}
- ext4: make sure bitmaps and the inode table dont overlap with bg descriptors (Theodore Tso) [Orabug: 29428607] {CVE-2018-10878}
- vfs: Add sb_rdonly(sb) to query the MS_RDONLY flag on s_flags (David Howells) [Orabug: 29428607] {CVE-2018-10878}
- iscsi: Capture iscsi debug messages using tracepoints (Fred Herard) [Orabug: 29429855]

[4.1.12-124.25.4]
- KEYS: add missing permission check for request_key() destination (Eric Biggers) [Orabug: 29304551] {CVE-2017-17807}
- KEYS: Dont permit request_key() to construct a new keyring (David Howells) [Orabug: 29304551] {CVE-2017-17807}
- mlx4_ib: Distribute completion vectors when zero is supplied (Hakon Bugge) [Orabug: 29318191]
- bnxt_en: Fix TX timeout during netpoll. (Michael Chan) [Orabug: 29357977]
- bnxt_en: Fix for system hang if request_irq fails (Vikas Gupta) [Orabug: 29357977]
- bnxt_en: Fix firmware message delay loop regression. (Michael Chan) [Orabug: 29357977]
- bnxt_en: reduce timeout on initial HWRM calls (Andy Gospodarek) [Orabug: 29357977]
- bnxt_en: Fix NULL pointer dereference at bnxt_free_irq(). (Michael Chan) [Orabug: 29357977]
- bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa(). (Michael Chan) [Orabug: 29357977]
- bnxt_en: Do not modify max IRQ count after RDMA driver requests/frees IRQs. (Michael Chan) [Orabug: 29357977]
- mm: cleancache: fix corruption on missed inode invalidation (Pavel Tikhomirov) [Orabug: 29364670] {CVE-2018-16862}
- l2tp: fix reading optional fields of L2TPv3 (Jacob Wen) [Orabug: 29368048]
- net/packet: fix a race in packet_bind() and packet_notifier() (Eric Dumazet) [Orabug: 29385593] {CVE-2018-18559}
- ext4: verify the depth of extent tree in ext4_find_extent() (Theodore Tso) [Orabug: 29396712] {CVE-2018-10877} {CVE-2018-10877}

[4.1.12-124.25.3]
- blk-mq: Do not invoke .queue_rq() for a stopped queue (Bart Van Assche) [Orabug: 28766011]
- uek-rpm: use multi-threaded xz compression for rpms (Alexander Burmashev) [Orabug: 29323635]
- uek-rpm: optimize find-requires usage (Alexander Burmashev) [Orabug: 29323635]
- find-debuginfo.sh: backport parallel files procession (Alexander Burmashev) [Orabug: 29323635]
- KVM: SVM: Add MSR-based feature support for serializing LFENCE (Tom Lendacky) [Orabug: 29335274]

[4.1.12-124.25.2]
- Enable RANDOMIZE_BASE (John Haxby) [Orabug: 29305587]
- slub: make ->cpu_partial unsigned (Alexey Dobriyan) [Orabug: 28620592]
- dtrace: support kernels built with RANDOMIZE_BASE (Kris Van Hees) [Orabug: 29204005]

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 6 (x86_64)	kernel-uek-4.1.12-124.26.1.el6uek.src.rpm	b0baa4c3b9204fbc8536335350a9b85d5d7fc1cec21c53f4769e4e1de47e5acf	ELSA-2025-20007	ol6_x86_64_UEKR4_archive
	kernel-uek-4.1.12-124.26.1.el6uek.x86_64.rpm	ffc0d337702a2cde0e7c1d7fc85e4bb82f428da46dcb599fde2cfb143e69338b	ELSA-2025-20007	ol6_x86_64_UEKR4_archive
	kernel-uek-debug-4.1.12-124.26.1.el6uek.x86_64.rpm	58ac0c1426a8588f17c2ac5c77d13bf84756bb7247c7ec6bd5facf1bec8ae963	ELSA-2025-20007	ol6_x86_64_UEKR4_archive
	kernel-uek-debug-devel-4.1.12-124.26.1.el6uek.x86_64.rpm	61d590e1113bc7594145f0d841ba4bd5e7871465ad36529bca29cfb654345269	ELSA-2025-20007	ol6_x86_64_UEKR4_archive
	kernel-uek-devel-4.1.12-124.26.1.el6uek.x86_64.rpm	9193acf418a7d63f15fa2dc0d79f7700c94face69dd816db96372566338ddc9f	ELSA-2025-20007	ol6_x86_64_UEKR4_archive
	kernel-uek-doc-4.1.12-124.26.1.el6uek.noarch.rpm	4592eac02b91ed09a30d09f3d0951a8b43fa1f93b95f06965974083f88523880	ELSA-2025-20007	ol6_x86_64_UEKR4_archive
	kernel-uek-firmware-4.1.12-124.26.1.el6uek.noarch.rpm	29eaab65067edec485c43bd726943da02686dce6d309b1e7ed1cb0d1f27a9127	ELSA-2025-20007	ol6_x86_64_UEKR4_archive

Oracle Linux 7 (x86_64)	kernel-uek-4.1.12-124.26.1.el7uek.src.rpm	ae0af09518fba4f7ccbcbe066b5bdc0c8648d5fecd2a656ae86c4ca0bf001379	ELSA-2025-20190	ol7_x86_64_UEKR4_archive
	kernel-uek-4.1.12-124.26.1.el7uek.x86_64.rpm	c1b0a719558adf22f0ba44b84aa630f1b817819ec499201ec0e2e8032bb431c5	ELSA-2025-20190	ol7_x86_64_UEKR4_archive
	kernel-uek-debug-4.1.12-124.26.1.el7uek.x86_64.rpm	46325589ae7a5d89de8614dec449415d204542220915c418f70e4467a8126a34	ELSA-2025-20190	ol7_x86_64_UEKR4_archive
	kernel-uek-debug-devel-4.1.12-124.26.1.el7uek.x86_64.rpm	07239fcd8be1cdc7b8c4bc31bda454058cd84285615f094500c5f377a7451aac	ELSA-2025-20190	ol7_x86_64_UEKR4_archive
	kernel-uek-devel-4.1.12-124.26.1.el7uek.x86_64.rpm	9cdd14657e12cf3c8cd4583508831b135045dcc5ed1c7c2e401fbd335eb9fe8a	ELSA-2025-20190	ol7_x86_64_UEKR4_archive
	kernel-uek-doc-4.1.12-124.26.1.el7uek.noarch.rpm	2958a4d394bff8f889bb3bb0eaf69dc13d78d975d837fa850c9ba950754bd3f2	ELSA-2025-20190	ol7_x86_64_UEKR4_archive
	kernel-uek-firmware-4.1.12-124.26.1.el7uek.noarch.rpm	8ff1c9ec5dabb59b05c5855aac5a79b1d4fb654ffff827f4f48a41c9802e9aa4	ELSA-2025-20007	ol7_x86_64_UEKR4_archive

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691