ELSA-2019-4628
- ULN >
- Oracle Linux Errata repository >
- ELSA-2019-4628
ELSA-2019-4628 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2019-05-14 |
Description
[4.14.35-1844.4.5.2]
- x86/mds: Add empty commit for CVE-2019-11091 (Konrad Rzeszutek Wilk) [Orabug: 29721848] {CVE-2019-11091}
- x86/speculation/mds: Make mds_mitigation mutable after init (Konrad Rzeszutek Wilk) [Orabug: 29721835] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
[4.14.35-1844.4.5.1]
- x86/speculation: Support 'mitigations=' cmdline option (Josh Poimboeuf) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- cpu/speculation: Add 'mitigations=' cmdline option (Josh Poimboeuf) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Konrad Rzeszutek Wilk) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Fix comment (Boris Ostrovsky) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add debugfs for controlling MDS (Kanth Ghatraju) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add boot option to enable MDS protection only while in idle (Boris Ostrovsky) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add SMT warning message (Josh Poimboeuf) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation: Move arch_smt_update() call to after mitigation decisions (Josh Poimboeuf) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mds=full,nosmt cmdline option (Josh Poimboeuf) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- Documentation: Add MDS vulnerability documentation (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- Documentation: Move L1TF to separate directory (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mitigation mode VMWERV (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add sysfs reporting for MDS (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mitigation control for MDS (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Clear CPU buffers on exit to user (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mds_clear_cpu_buffers() (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Andi Kleen) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add BUG_MSBDS_ONLY (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add basic bug infrastructure for MDS (Andi Kleen) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127} {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation: Consolidate CPU whitelists (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/msr-index: Cleanup bit defines (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
file (Will Deacon) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/cpu: Sanitize FAM6_ATOM naming (Peter Zijlstra) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- Documentation/l1tf: Fix small spelling typo (Salvatore Bonaccorso) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation: Simplify the CPU bug detection logic (Dominik Brodowski) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- tools include: Adopt linux/bits.h (Arnaldo Carvalho de Melo) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
Related CVEs
| CVE-2018-12126 |
| CVE-2018-12130 |
| CVE-2018-12127 |
| CVE-2019-11091 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (aarch64) | kernel-uek-4.14.35-1844.4.5.2.el7uek.src.rpm | 3abbee1c3b7fddb0c93e618ccc6535e5 | ELSA-2021-9220 |
| kernel-uek-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | b42844aecd8db48f0293c5ccce7b6c4c | ELSA-2021-9220 | |
| kernel-uek-debug-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | 8fed9d94104a17942968a0e3c059161d | ELSA-2021-9220 | |
| kernel-uek-debug-devel-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | fa088e1cb9b795aec489eb59525c7d71 | ELSA-2021-9220 | |
| kernel-uek-devel-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | 30ec624b7b1dc4d30fdfe210b5ad704d | ELSA-2021-9220 | |
| kernel-uek-headers-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | a784654cd9d894bd0975d16a21cd402f | ELSA-2021-9222 | |
| kernel-uek-tools-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | ee1eca076fa8313c7b0b0ce077ea7402 | ELSA-2021-9220 | |
| kernel-uek-tools-libs-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | ae2050ec3eab6bf2e73e03a85e151ad8 | ELSA-2021-9220 | |
| kernel-uek-tools-libs-devel-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | eaac9ee7bbc958fab0f45326dddf64d3 | ELSA-2021-9222 | |
| perf-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | 296005bfd26671ec143f47e2e89bcf10 | ELSA-2021-9220 | |
| python-perf-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | 22c0efeb5963d53cef5d8e509809c6ae | ELSA-2021-9220 | |
| Oracle Linux 7 (x86_64) | kernel-uek-4.14.35-1844.4.5.2.el7uek.src.rpm | 3abbee1c3b7fddb0c93e618ccc6535e5 | ELSA-2021-9220 |
| kernel-uek-4.14.35-1844.4.5.2.el7uek.x86_64.rpm | 54003d5fd4c389b9491e629486c39da5 | ELSA-2021-9220 | |
| kernel-uek-debug-4.14.35-1844.4.5.2.el7uek.x86_64.rpm | a32fdd18e32fd9b77d621ac0eb2e7f8a | ELSA-2021-9220 | |
| kernel-uek-debug-devel-4.14.35-1844.4.5.2.el7uek.x86_64.rpm | 0225bbf3eee34e6cafc128cd5424d89d | ELSA-2021-9220 | |
| kernel-uek-devel-4.14.35-1844.4.5.2.el7uek.x86_64.rpm | d3dc1c25fc31d4c48010f8fd62a68ffa | ELSA-2021-9220 | |
| kernel-uek-doc-4.14.35-1844.4.5.2.el7uek.noarch.rpm | 664a3fae57a36e04b9843cd63df0541d | ELSA-2021-9220 | |
| kernel-uek-tools-4.14.35-1844.4.5.2.el7uek.x86_64.rpm | cd0f1ac96e520fd3197de50f662774a4 | ELSA-2021-9220 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
