ELSA-2019-4820

ELSA-2019-4820 - Unbreakable Enterprise kernel security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2019-10-11

Description


[4.14.35-1902.6.6]
- RDMA/restrack: Protect from reentry to resource return path (Leon Romanovsky) [Orabug: 30388717]

[4.14.35-1902.6.5]
- hv_netvsc: fix vf serial matching with pci slot info (Haiyang Zhang) [Orabug: 30373111]
- rds: Use correct conn when dropping connections due to cancel (Hakon Bugge) [Orabug: 30293898]
- scsi: megaraid_sas: Introduce module parameter for default queue depth (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Fix a compilation warning (Qian Cai) [Orabug: 30317396]
- scsi: megaraid_sas: Make a bunch of functions static (YueHaibing) [Orabug: 30317396]
- scsi: megaraid_sas: Update driver version to 07.710.50.00 (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Add module parameter for FW Async event logging (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Enable msix_load_balance for Invader and later controllers (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Fix calculation of target ID (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Make some symbols static (YueHaibing) [Orabug: 30317396]
- scsi: megaraid_sas: Update driver version to 07.710.06.00-rc1 (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Introduce various Aero performance modes (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Use high IOPS queues based on IO workload (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Set affinity for high IOPS reply queues (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Enable coalescing for high IOPS queues (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Add support for High IOPS queues (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Add support for MPI toolbox commands (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Offload Aero RAID5/6 division calculations to driver (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: RAID1 PCI bandwidth limit algorithm is applicable for only Ventura (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: megaraid_sas: Add check for count returned by HOST_DEVICE_LIST DCMD (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Handle sequence JBOD map failure at driver level (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Dont send FPIO to RL Bypass queue (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: In probe context, retry IOC INIT once if firmware is in fault (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Release Mutex lock before OCR in case of DCMD timeout (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Call disable_irq from process IRQ poll (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Remove few debug counters from IO path (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Add support for Non-secure Aero PCI IDs (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Add 32 bit atomic descriptor support to AERO adapters (Chandrakanth Patil) [Orabug: 30317396]
- scsi: megaraid_sas: Use struct_size() helper (Gustavo A. R. Silva) [Orabug: 30317396]
(YueHaibing) [Orabug: 30317396]
- scsi: megaraid_sas: use DEVICE_ATTR_{RO, RW} (Tomas Henzl) [Orabug: 30317396]
- scsi: megaraid_sas: use octal permissions instead of constants (Tomas Henzl) [Orabug: 30317396]
- scsi: megaraid_sas: make max_sectors visible in sys (Tomas Henzl) [Orabug: 30317396]
- scsi: megaraid_sas: remove set but not used variables 'buff_addr' and 'ci_h' (YueHaibing) [Orabug: 30317396]
- scsi: megaraid_sas: remove set but not used variable 'sge_sz' (YueHaibing) [Orabug: 30317396]
- scsi: megaraid_sas: remove set but not used variables 'host' and 'wait_time' (YueHaibing) [Orabug: 30317396]
- scsi: megaraid_sas: remove set but not used variable 'cur_state' (YueHaibing) [Orabug: 30317396]
- scsi: megaraid_sas: Update driver version to 07.708.03.00 (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Export RAID map through debugfs (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Fix MSI-X vector print (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Add debug prints for device list (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Add prints in suspend and resume path (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Print firmware interrupt status (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Print FW fault information (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Export RAID map id through sysfs (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Print BAR information from driver (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Dump system registers for debugging (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Dump system interface regs from sysfs (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Add formatting option for megasas_dump (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Enhance internal DCMD timeout prints (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Enhance prints in OCR and TM path (Sumit Saxena) [Orabug: 30317396]
- scsi: megaraid_sas: Load balance completions across all MSI-X (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: IRQ poll to avoid CPU hard lockups (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Block PCI config space access from userspace during OCR (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Rework code around controller reset (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: fw_reset_no_pci_access required for MFI adapters only (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Remove unused variable target_index (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: fix spelling mistake 'oustanding' -> 'outstanding' (Colin Ian King) [Orabug: 30317396]
- scsi: megaraid_sas: Make megasas_host_device_list_query() static (YueHaibing) [Orabug: 30317396]
- scsi: megaraid_sas: reduce module load time (Steve Sistare) [Orabug: 30317396]
- scsi: megaraid_sas: Remove a bunch of set but not used variables (YueHaibing) [Orabug: 30317396]
- scsi: megaraid_sas: driver version update (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Update structures for HOST_DEVICE_LIST DCMD (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Add support for DEVICE_LIST DCMD in driver (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Rework device add code in AEN path (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Rework code to get PD and LD list (Shivasharan S) [Orabug: 30317396]
- scsi: megaraid_sas: Retry reads of outbound_intr_status reg (Shivasharan S) [Orabug: 30317396]
- rds: ib: Optimize rds_ib_laddr_check (Hakon Bugge) [Orabug: 30327669]
- x86,sched: Allow topologies where NUMA nodes share an LLC (Mridula Shastry) [Orabug: 30068079]

[4.14.35-1902.6.4]
- net/rds: Use DMA memory pool allocation for rds_header (Ka-Cheong Poon) [Orabug: 30358057]
- net/rds: Check laddr_check before calling it (Ka-Cheong Poon) [Orabug: 30319176]
- x86/microcode/intel: Issue the revision updated message only on the BSP (Borislav Petkov) [Orabug: 30298021]
- x86/microcode: Update late microcode in parallel (Ashok Raj) [Orabug: 30298021]
- xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink (YueHaibing) [Orabug: 30322228] {CVE-2019-15666}
- floppy: fix out-of-bounds read in copy_buffer (Denis Efremov) [Orabug: 30318218] {CVE-2019-14283}
- ALSA: line6: Fix write on zero-sized buffer (Takashi Iwai) [Orabug: 30254322] {CVE-2019-15221}

[4.14.35-1902.6.3]
- KVM: coalesced_mmio: add bounds checking (Matt Delco) [Orabug: 30328863] {CVE-2019-14821} {CVE-2019-14821}
- net/rds: Incorrect work request accouting (Ka-Cheong Poon) [Orabug: 30288715]
- vhost: make sure log_num < in_num (yongduan) [Orabug: 30313999] {CVE-2019-14835}
- vhost: block speculation of translated descriptors (Michael S. Tsirkin) [Orabug: 30313999] {CVE-2019-14835}
- vhost: Fix Spectre V1 vulnerability (Jason Wang) [Orabug: 30313999]
- RDMA/restrack: Release task struct which was hold by CM_ID object (Leon Romanovsky) [Orabug: 30307611]
- x86/speculation: Re-initialize x86_spec_ctrl_base/priv during late microcode update (Boris Ostrovsky) [Orabug: 30312533]
- x86/speculation: Properly initialize percpu variables (Boris Ostrovsky) [Orabug: 30312533]
- nfsd4: catch some false session retries (J. Bruce Fields) [Orabug: 30172625]
- nfsd4: fix cached replies to solo SEQUENCE compounds (J. Bruce Fields) [Orabug: 30172625]
- net/rds: Fix info leak in rds6_inc_info_copy() (Ka-Cheong Poon) [Orabug: 30260894]
- A/A Bonding: Log ip_config details if it fails to find a failover port (Sudhakar Dindukurti) [Orabug: 30313262]
- A/A Bonding: X8-8 RoCE network re-connect stalls after loss of switch (Sudhakar Dindukurti) [Orabug: 30313262]
- KVM: svm: svm_set_msr(MSR_IA32_SPEC_CTRL) should allow SPEC_CTRL_SSBD bit (Liam Merwick) [Orabug: 30257820]
- rds: RDS/TCP does not initiate a connection (Ka-Cheong Poon) [Orabug: 30255694]
- xen-netfront: do not assume sk_buff_head list is empty in error handling (Dongli Zhang) [Orabug: 30313831]

[4.14.35-1902.6.2]
- net/rds: An rds_sock is added too early to the hash table (Ka-Cheong Poon) [Orabug: 30304759]
- route: set the deleted fnhe fnhe_daddr to 0 in ip_del_fnhe to fix a race (Xin Long) [Orabug: 30276919]
- KVM: VMX: sync pending posted interrupts based on PIR (Luwei Kang) [Orabug: 30270374]
- Revert 'KVM: x86: Recompute PID.ON when clearing PID.SN' (Joao Martins) [Orabug: 30270374]
- x86/tsc: Make calibration refinement more robust (Daniel Vacek) [Orabug: 30260381]
- xen/swiotlb: remember having called xen_create_contiguous_region() (Juergen Gross) [Orabug: 30255523]
- xen/swiotlb: simplify range_straddles_page_boundary() (Juergen Gross) [Orabug: 30255523]
- xen/swiotlb: fix condition for calling xen_destroy_contiguous_region() (Juergen Gross) [Orabug: 30255523]
- xen-swiotlb: use actually allocated size on check physical continuous (Joe Jin) [Orabug: 30255523]
- Bluetooth: hci_uart: check for missing tty operations (Vladis Dronov) [Orabug: 30244614] {CVE-2019-10207} {CVE-2019-10207}
- IB/mlx5: Fix leaking stack memory to userspace (Jason Gunthorpe) [Orabug: 30244589] {CVE-2018-20855}
- mm: memcontrol: drain stocks on resize limit (Shakeel Butt) [Orabug: 30229285]
- mm/memcontrol.c: try harder to decrease [memory,memsw].limit_in_bytes (Andrey Ryabinin) [Orabug: 30229285]
- memcg: refactor mem_cgroup_resize_limit() (Yu Zhao) [Orabug: 30229285]
- cgroup/pids: turn cgroup_subsys->free() into cgroup_subsys->release() to fix the accounting (Oleg Nesterov) [Orabug: 30229262]
- drivers: net: Remove unnecessary semicolon (YueHaibing) [Orabug: 29320005]
- net: cisco: enic: Replace GFP_ATOMIC with GFP_KERNEL (Jia-Ju Bai) [Orabug: 29320005]
- enic: fix UDP rss bits (Govindarajulu Varadarajan) [Orabug: 29320005]
- enic: drop IP proto check for vxlan tunnel delete (Govindarajulu Varadarajan) [Orabug: 29320005]
- enic: fix boolreturn.cocci warnings (Fengguang Wu) [Orabug: 29320005]
- enic: set IG desc cache flag in open (Govindarajulu Varadarajan) [Orabug: 29320005]
- enic: set UDP rss flag (Govindarajulu Varadarajan) [Orabug: 29320005]
- enic: Check if hw supports multi wq with vxlan offload (Govindarajulu Varadarajan) [Orabug: 29320005]
- enic: Add vxlan offload support for IPv6 pkts (Govindarajulu Varadarajan) [Orabug: 29320005]
- enic: Check inner ip proto for pseudo header csum (Govindarajulu Varadarajan) [Orabug: 29320005]
- enic: add wq clean up budget (Govindarajulu Varadarajan) [Orabug: 29320005]
- enic: add sw timestamp support (Govindarajulu Varadarajan) [Orabug: 29320005]
- enic: Add support for 'ethtool -g/-G' (Parvi Kaustubhi) [Orabug: 29320005]
- enic: reset fetch index (Parvi Kaustubhi) [Orabug: 29320005]
- cgroup: make code and documentation consistent for cgroup cpuset v2 (chris hyser) [Orabug: 29447566]
- x86: cpu: update blacklist spec features for late loading (Mihai Carabas) [Orabug: 29336757]
- x86: cpu: bugs.c: update cpu_smt_disable to support late loading (Mihai Carabas) [Orabug: 29336757]
- x86: cpu: bugs.c: create microcode late loading logic (Mihai Carabas) [Orabug: 29336757]
- x86: cpu: bugs.c: remove init attribute from functions and variables (Mihai Carabas) [Orabug: 29336757]
- x86: kernel: cpu: bugs.c: modify static_has to boot_bas (Mihai Carabas) [Orabug: 29336757]
- x86: cpu: modify boot_command_line to saved_command_line (Mihai Carabas) [Orabug: 29336757]
- x86: cpu: microcode: update flags for all cpus (Mihai Carabas) [Orabug: 29336757]

[4.14.35-1902.6.1]
- rds: Bring loop-back peer down as well (Hakon Bugge) [Orabug: 30290065]
- rds: ib: Avoid connect retry on loopback connections (Hakon Bugge) [Orabug: 30290065]
- net/rds: Adding missing 'dev_put' to __flush_eth_arp_entry() (Gerd Rausch) [Orabug: 30290073]


Related CVEs


CVE-2019-14835
CVE-2019-14821
CVE-2019-14283
CVE-2019-15666
CVE-2018-20855
CVE-2019-10207
CVE-2019-15221

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) kernel-uek-4.14.35-1902.6.6.el7uek.src.rpm74b7d3678ce7f83f2c5664b44edb4600ELSA-2021-9220
kernel-uek-4.14.35-1902.6.6.el7uek.aarch64.rpm158c4d6231b9f0459616ebd8efdbcc95ELSA-2021-9220
kernel-uek-debug-4.14.35-1902.6.6.el7uek.aarch64.rpmb0d2d5afe21d02a6ec4283b133971d97ELSA-2021-9220
kernel-uek-debug-devel-4.14.35-1902.6.6.el7uek.aarch64.rpm4cc9ea6ce6483829aa2c063754b232c6ELSA-2021-9220
kernel-uek-devel-4.14.35-1902.6.6.el7uek.aarch64.rpmab7c8ac16a11d9f39f64faa52379f68fELSA-2021-9220
kernel-uek-headers-4.14.35-1902.6.6.el7uek.aarch64.rpm12ee95b6b85f60fbe620b9dcd251093bELSA-2021-9222
kernel-uek-tools-4.14.35-1902.6.6.el7uek.aarch64.rpm8d133ddfa80539062a058255701f7297ELSA-2021-9220
kernel-uek-tools-libs-4.14.35-1902.6.6.el7uek.aarch64.rpm4e8927ebf792ed4dabc3ea2c5b120383ELSA-2021-9220
kernel-uek-tools-libs-devel-4.14.35-1902.6.6.el7uek.aarch64.rpmda37be0f67b885132c7869508103d7bcELSA-2021-9222
perf-4.14.35-1902.6.6.el7uek.aarch64.rpm89f005cb5f0b1e32885caa115e486f74ELSA-2021-9220
python-perf-4.14.35-1902.6.6.el7uek.aarch64.rpm7eb19bf31baf05fc50d5a32ecbde69a1ELSA-2021-9220
Oracle Linux 7 (x86_64) kernel-uek-4.14.35-1902.6.6.el7uek.src.rpm74b7d3678ce7f83f2c5664b44edb4600ELSA-2021-9220
kernel-uek-4.14.35-1902.6.6.el7uek.x86_64.rpm99209bb978724296fdca6a0c7ccde0edELSA-2021-9220
kernel-uek-debug-4.14.35-1902.6.6.el7uek.x86_64.rpm4f333ab8361b5b9d964f81c3c619a25cELSA-2021-9220
kernel-uek-debug-devel-4.14.35-1902.6.6.el7uek.x86_64.rpma12d057e5acace48bb67031b7931fd74ELSA-2021-9220
kernel-uek-devel-4.14.35-1902.6.6.el7uek.x86_64.rpm771904e559c4a146a109cc2336fff4c6ELSA-2021-9220
kernel-uek-doc-4.14.35-1902.6.6.el7uek.noarch.rpm4a9f52b7cd08d69455614153c93e777dELSA-2021-9220
kernel-uek-tools-4.14.35-1902.6.6.el7uek.x86_64.rpm75643d020b6493d518c5f5289df9f72bELSA-2021-9220



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete