ELSA-2019-4637

ELSA-2019-4637 - Unbreakable Enterprise kernel security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2019-05-14

Description


[2.6.39-400.310.1]
- x86/speculation/mds: Make cpu_matches() __cpuinit (Patrick Colp) [Orabug: 29752091] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127} {CVE-2019-11091}
- x86/speculation/mds: Only worry about firmware loaded microcode (Patrick Colp) [Orabug: 29641786] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127} {CVE-2019-11091}

[2.6.39-400.309.1]
- x86/mds: Add empty commit for CVE-2019-11091 (Patrick Colp) [Orabug: 29721938] {CVE-2019-11091}
- x86/speculation/mds: Fix comment (Boris Ostrovsky) [Orabug: 29641786] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mitigation mode VMWERV (Thomas Gleixner) [Orabug: 29641786] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add sysfs reporting for MDS (Thomas Gleixner) [Orabug: 29641786] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mitigation control for MDS (Thomas Gleixner) [Orabug: 29641786] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Allow runtime checking of CPU features (Patrick Colp) [Orabug: 29641786] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Improve coverage for MDS vulnerability (Boris Ostrovsky) [Orabug: 29641786] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Clear CPU buffers on exit to user (Thomas Gleixner) [Orabug: 29641786] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add mds_clear_cpu_buffers() (Thomas Gleixner) [Orabug: 29641786] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add BUG_MSBDS_ONLY (Thomas Gleixner) [Orabug: 29641786] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation/mds: Add basic bug infrastructure for MDS (Andi Kleen) [Orabug: 29641786] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127} {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}
- x86/speculation: Consolidate CPU whitelists (Thomas Gleixner) [Orabug: 29641786] {CVE-2018-12126} {CVE-2018-12130} {CVE-2018-12127}


Related CVEs


CVE-2018-12126
CVE-2018-12130
CVE-2018-12127
CVE-2019-11091

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 5 (i386) kernel-uek-2.6.39-400.310.1.el5uek.src.rpm39eb896a74e04de0d6eca80234d4e8cb-
kernel-uek-2.6.39-400.310.1.el5uek.i686.rpm21928a2331137847f9dbb88f6b89de18-
kernel-uek-debug-2.6.39-400.310.1.el5uek.i686.rpm0e6d4de3cc5442516df2cff8c2e626d7-
kernel-uek-debug-devel-2.6.39-400.310.1.el5uek.i686.rpm3db450452fb10148390ab6f9e04cd616-
kernel-uek-devel-2.6.39-400.310.1.el5uek.i686.rpm460562ec15f3e75c0cf818c89c094f71-
kernel-uek-doc-2.6.39-400.310.1.el5uek.noarch.rpmd5e37c577cc81531cd6d2fbd425862a0-
kernel-uek-firmware-2.6.39-400.310.1.el5uek.noarch.rpm1ed6dc153629e1482781eeecbbe34de1-
Oracle Linux 5 (x86_64) kernel-uek-2.6.39-400.310.1.el5uek.src.rpm39eb896a74e04de0d6eca80234d4e8cb-
kernel-uek-2.6.39-400.310.1.el5uek.x86_64.rpm64f34389d15fce821c565a5d16549409-
kernel-uek-debug-2.6.39-400.310.1.el5uek.x86_64.rpm69357988004bc2ab1a7424adefd8dc5c-
kernel-uek-debug-devel-2.6.39-400.310.1.el5uek.x86_64.rpmeb9a020c9e5753afd1b980ee872a586e-
kernel-uek-devel-2.6.39-400.310.1.el5uek.x86_64.rpm766924e0745c9d6b0570c22812b4885b-
kernel-uek-doc-2.6.39-400.310.1.el5uek.noarch.rpmd5e37c577cc81531cd6d2fbd425862a0-
kernel-uek-firmware-2.6.39-400.310.1.el5uek.noarch.rpm1ed6dc153629e1482781eeecbbe34de1-
Oracle Linux 6 (i386) kernel-uek-2.6.39-400.310.1.el6uek.src.rpm906857f903b74ed093eb96b0fcead9fb-
kernel-uek-2.6.39-400.310.1.el6uek.i686.rpmb64c22d24464d2021773fea57202883d-
kernel-uek-debug-2.6.39-400.310.1.el6uek.i686.rpm21f5624c53c78ce550dc6729c42fab7a-
kernel-uek-debug-devel-2.6.39-400.310.1.el6uek.i686.rpm25e5130a99c0caa012c188063053eaaa-
kernel-uek-devel-2.6.39-400.310.1.el6uek.i686.rpmc3a1d2dba6bbffad22dddf2c1abd0be6-
kernel-uek-doc-2.6.39-400.310.1.el6uek.noarch.rpm7edf6e8e30a781e0f1f9d070f0e7a9d9-
kernel-uek-firmware-2.6.39-400.310.1.el6uek.noarch.rpm588d874bc45808ae6641f0696371b56f-
Oracle Linux 6 (x86_64) kernel-uek-2.6.39-400.310.1.el6uek.src.rpm906857f903b74ed093eb96b0fcead9fb-
kernel-uek-2.6.39-400.310.1.el6uek.x86_64.rpm11578bba24dd8f244d23bcb19aafecb2-
kernel-uek-debug-2.6.39-400.310.1.el6uek.x86_64.rpm47a8460425ad083e0d807a44f8392712-
kernel-uek-debug-devel-2.6.39-400.310.1.el6uek.x86_64.rpm78f3d83b8928712b04943cc5ded467ec-
kernel-uek-devel-2.6.39-400.310.1.el6uek.x86_64.rpm836bdc963eff188038502a3949435731-
kernel-uek-doc-2.6.39-400.310.1.el6uek.noarch.rpm7edf6e8e30a781e0f1f9d070f0e7a9d9-
kernel-uek-firmware-2.6.39-400.310.1.el6uek.noarch.rpm588d874bc45808ae6641f0696371b56f-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete