ELSA-2019-4628
- ULN >
- Oracle Linux Errata repository >
- ELSA-2019-4628
ELSA-2019-4628 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2019-05-14 |
Description
[4.14.35-1844.4.5.2]
- x86/mds: Add empty commit for CVE-2019-11091 (Konrad Rzeszutek Wilk) [Orabug: 29721848] {CVE-2019-11091}
- x86/speculation/mds: Make mds_mitigation mutable after init (Konrad Rzeszutek Wilk) [Orabug: 29721835] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
[4.14.35-1844.4.5.1]
- x86/speculation: Support 'mitigations=' cmdline option (Josh Poimboeuf) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- cpu/speculation: Add 'mitigations=' cmdline option (Josh Poimboeuf) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Konrad Rzeszutek Wilk) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Fix comment (Boris Ostrovsky) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add debugfs for controlling MDS (Kanth Ghatraju) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add boot option to enable MDS protection only while in idle (Boris Ostrovsky) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add SMT warning message (Josh Poimboeuf) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation: Move arch_smt_update() call to after mitigation decisions (Josh Poimboeuf) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mds=full,nosmt cmdline option (Josh Poimboeuf) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- Documentation: Add MDS vulnerability documentation (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- Documentation: Move L1TF to separate directory (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mitigation mode VMWERV (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add sysfs reporting for MDS (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mitigation control for MDS (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Clear CPU buffers on exit to user (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mds_clear_cpu_buffers() (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Andi Kleen) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add BUG_MSBDS_ONLY (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add basic bug infrastructure for MDS (Andi Kleen) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127} {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation: Consolidate CPU whitelists (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/msr-index: Cleanup bit defines (Thomas Gleixner) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
file (Will Deacon) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/cpu: Sanitize FAM6_ATOM naming (Peter Zijlstra) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- Documentation/l1tf: Fix small spelling typo (Salvatore Bonaccorso) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation: Simplify the CPU bug detection logic (Dominik Brodowski) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- tools include: Adopt linux/bits.h (Arnaldo Carvalho de Melo) [Orabug: 29526899] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
Related CVEs
| CVE-2018-12127 |
| CVE-2019-11091 |
| CVE-2018-12130 |
| CVE-2018-12126 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 7 (aarch64) | kernel-uek-4.14.35-1844.4.5.2.el7uek.src.rpm | 51423ff8b86082929acb9db33a986ce99a445733997b06c81b7475b0666d970d | ELSA-2025-20190 | ol7_aarch64_latest |
| kernel-uek-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | f22a84381ce449f0b54d76e96cd98aecec5966d72501a52427869753973a25a8 | ELSA-2025-20190 | ol7_aarch64_latest | |
| kernel-uek-debug-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | 30113da1337108fe0c7886dac2470e5b49ec5e860cb077be4cb4cdbd295dead3 | ELSA-2025-20190 | ol7_aarch64_latest | |
| kernel-uek-debug-devel-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | dea3b1694d5b240b266ca4eaab2f82751ebf2de1358622b53069b711db60fc3b | ELSA-2025-20190 | ol7_aarch64_latest | |
| kernel-uek-devel-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | 6168bcafe684efccf4c4f7a95908ab7b436c6654dd0ed320e7aad85e5db22b32 | ELSA-2025-20190 | ol7_aarch64_latest | |
| kernel-uek-headers-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | 0a2a6369dc0d19dddb46387ac8b23074170780070e300834c43fd053ab828adc | ELBA-2025-20014 | ol7_aarch64_latest | |
| kernel-uek-tools-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | 59eadf95043f624080ce4d99535c82c106633e9f5850bf6b23e574e54948d989 | ELSA-2025-20190 | ol7_aarch64_latest | |
| kernel-uek-tools-libs-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | 7682b898af4484d55bdee2d34f21b4c6bcd01df7b45dd4035e2dbd13273fa198 | ELSA-2025-20019 | ol7_aarch64_latest | |
| kernel-uek-tools-libs-devel-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | 8f09c253cf7e93e90d5d6cbb0f8e6dc0805ea139c1c1a606134e663ee2f9e126 | ELBA-2025-20014 | ol7_aarch64_latest | |
| perf-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | cf54c09b5eabfc0a38a709f22977336f9b2be11b91e4c7d156fba85916dc2cb9 | ELSA-2025-20019 | ol7_aarch64_latest | |
| python-perf-4.14.35-1844.4.5.2.el7uek.aarch64.rpm | 5be753001e59403ee01b17a92941c11af9e5184de3ec025cb0da89063a5a114c | ELSA-2025-20019 | ol7_aarch64_latest | |
| Oracle Linux 7 (x86_64) | kernel-uek-4.14.35-1844.4.5.2.el7uek.src.rpm | 51423ff8b86082929acb9db33a986ce99a445733997b06c81b7475b0666d970d | ELSA-2025-20190 | ol7_x86_64_UEKR5_archive |
| kernel-uek-4.14.35-1844.4.5.2.el7uek.x86_64.rpm | 862d5d7eb751cb8082db827953f0d5f7a1af243914f0524b87c787d04d647bd9 | ELSA-2025-20190 | ol7_x86_64_UEKR5_archive | |
| kernel-uek-debug-4.14.35-1844.4.5.2.el7uek.x86_64.rpm | 10b0669f01b07944790ebbbdb8f485f660aad82aa97e703784d676e5fe3445d5 | ELSA-2025-20190 | ol7_x86_64_UEKR5_archive | |
| kernel-uek-debug-devel-4.14.35-1844.4.5.2.el7uek.x86_64.rpm | e1b73f006af015156a66c11c46c5ad757f29bb99bc71db87c28dcababc6a1bbd | ELSA-2025-20190 | ol7_x86_64_UEKR5_archive | |
| kernel-uek-devel-4.14.35-1844.4.5.2.el7uek.x86_64.rpm | 2b1f6fc8ec15925d53066b273b9f4142736991bc522f77c8383cc86da6733ac4 | ELSA-2025-20190 | ol7_x86_64_UEKR5_archive | |
| kernel-uek-doc-4.14.35-1844.4.5.2.el7uek.noarch.rpm | f318f69e2a943eb62e9c4fc7de6ee3cfa897542b12755aaebb4b19dbb569013f | ELSA-2025-20190 | ol7_x86_64_UEKR5_archive | |
| kernel-uek-tools-4.14.35-1844.4.5.2.el7uek.x86_64.rpm | b6e10a7be3af28f1d506ff0c43a130e968c14bb138c933ec468be48f2c859c94 | ELSA-2025-20190 | ol7_x86_64_UEKR5_archive | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
