Stay Connected:

ELSA-2019-4878

ELSA-2019-4878 - Unbreakable Enterprise kernel security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2019-12-13

Description


[4.14.35-1902.8.4]
- Revert 'oled: give panic handler chance to run before kexec' (John Donnelly) [Orabug: 30594702]
- Revert 'oled: export symbols' (John Donnelly) [Orabug: 30594702]
- net/rds: Recycle RDS headers to speed up connection fail over (Ka-Cheong Poon) [Orabug: 30628735]
- net/rds: Reduce RDS headers de-allocation time (Ka-Cheong Poon) [Orabug: 30628735]
- net/rds: Should use rds_rtd_ptr() to trace pointer value (Ka-Cheong Poon) [Orabug: 30628735]

[4.14.35-1902.8.3]
- rds: Disable heartbeat by default (Hakon Bugge) [Orabug: 30580080]

[4.14.35-1902.8.2]
- rds:ib: Set RoCE ACK timeout before resolving route (Dag Moxnes) [Orabug: 30581176]
- RDMA/cma: Use ACK timeout for RoCE packetLifeTime (Dag Moxnes) [Orabug: 30581176]
- x86/hyperv: Make vapic support x2apic mode (Roman Kagan) [Orabug: 30571044]
- PCI: hv: Refactor hv_irq_unmask() to use cpumask_to_vpset() (Maya Nakamura) [Orabug: 30571044]
- PCI: hv: Replace hv_vp_set with hv_vpset (Maya Nakamura) [Orabug: 30571044]
- PCI: hv: Add __aligned(8) to struct retarget_msi_interrupt (Maya Nakamura) [Orabug: 30571044]
- MAINTAINERS: Add Hyper-V IOMMU driver into Hyper-V CORE AND DRIVERS scope (Lan Tianyu) [Orabug: 30571044]
- iommu/hyper-v: Add Hyper-V stub IOMMU driver (Lan Tianyu) [Orabug: 30571044]
- x86/Hyper-V: Set x2apic destination mode to physical when x2apic is available (Lan Tianyu) [Orabug: 30571044]
- x86/apic: Provide apic_ack_irq() (Thomas Gleixner) [Orabug: 30571044]
- rds: ib: update WR sizes when bringing up connection (Dag Moxnes) [Orabug: 30572790]
- USB: sisusbvga: fix oops in error path of sisusb_probe (Oliver Neukum) [Orabug: 30548564] {CVE-2019-15219}
- block-mq: fix hung due to too much warning log (Junxiao Bi) [Orabug: 30544816]
- oled: export symbols (Wengang Wang) [Orabug: 30550387]
- oled: give panic handler chance to run before kexec (Wengang Wang) [Orabug: 30550387]

[4.14.35-1902.8.1]
- ocfs2: protect extent tree in ocfs2_prepare_inode_for_write() (Shuning Zhang) [Orabug: 30545335]
- kvm: mmu: ITLB_MULTIHIT mitigation selection (Kanth Ghatraju) [Orabug: 30539764]
- x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs (Josh Poimboeuf) [Orabug: 30539764]
- cpu/speculation: Uninline and export CPU mitigations helpers (Tyler Hicks) [Orabug: 30539764]
- x86/speculation/taa: Fix for mitigation for TSX Async Abort (Kanth Ghatraju) [Orabug: 30533711]
- media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap (Vandana BN) [Orabug: 30532773] {CVE-2019-15217}
- x86: cpu: bugs.c: Fix compile error when CONFIG_XEN=n (Aaron Young) [Orabug: 30516915]
- SUNRPC: Remove xprt_connect_status() (Trond Myklebust) [Orabug: 30513391]
- SUNRPC: Handle ENETDOWN errors (Trond Myklebust) [Orabug: 30513391]
- x86/platform/uv: Account for UV Hubless in is_uvX_hub Ops (Mike Travis) [Orabug: 30518602]
- x86/platform/uv: Check EFI Boot to set reboot type (Mike Travis) [Orabug: 30518602]
- x86/platform/uv: Decode UVsystab Info (Mike Travis) [Orabug: 30518602]
- x86/platform/uv: Add UV Hubbed/Hubless Proc FS Files (Mike Travis) [Orabug: 30518602]
- x86/platform/uv: Setup UV functions for Hubless UV Systems (Mike Travis) [Orabug: 30518602]
- x86/platform/uv: Add return code to UV BIOS Init function (Mike Travis) [Orabug: 30518602]
- x86/platform/uv: Return UV Hubless System Type (Mike Travis) [Orabug: 30518602]
- x86/platform/uv: Save OEM_ID from ACPI MADT probe (Mike Travis) [Orabug: 30518602]

[4.14.35-1902.8.0.1.sn]
- rds: ib: Improve neighbor cache flush throttling (Dag Moxnes) [Orabug: 30472626]
- KVM: VMX: Do not change PID.NDST when loading a blocked vCPU (Joao Martins) [Orabug: 30512558]
- KVM: x86: Recompute PID.ON when clearing PID.SN (Joao Martins) [Orabug: 30512558]
- Revert 'KVM: VMX: sync pending posted interrupts based on PIR' (Joao Martins) [Orabug: 30512558]
- cpuidle: haltpoll: Take 'idle=' override into account (Zhenzhong Duan) [Orabug: 30519673]
- media: cpia2_usb: first wake up, then free in disconnect (Oliver Neukum) [Orabug: 30511740] {CVE-2019-15215}
- rds: ib: __flush_neigh_conn error messages in syslog during failover/failback (Dag Moxnes) [Orabug: 30499609]
- kdump: decouple trace_extern_vmcoreinfo_setup from CONFIG_TRACING (Dave Kleikamp) [Orabug: 30493478]
- media: dvb: usb: fix use after free in dvb_usb_device_exit (Oliver Neukum) [Orabug: 30490490] {CVE-2019-15213}
- net: sit: fix memory leak in sit_init_net() (Mao Wenan) [Orabug: 30445304] {CVE-2019-16994}
- mISDN: enforce CAP_NET_RAW for raw sockets (Ori Nimron) [Orabug: 30445156] {CVE-2019-17055}
- ieee802154: enforce CAP_NET_RAW for raw sockets (Ori Nimron) [Orabug: 30444945] {CVE-2019-17053}
- net: hsr: fix memory leak in hsr_dev_finalize() (Mao Wenan) [Orabug: 30444852] {CVE-2019-16995}
- vhost/vsock: fix uninitialized vhost_vsock->guest_cid (Stefan Hajnoczi) [Orabug: 30339795]
- fm10k: Fix a potential NULL pointer dereference (Yue Haibing) [Orabug: 30322694] {CVE-2019-15924}
- x86/apic: Get rid of multi CPU affinity (Thomas Gleixner) [Orabug: 29645216]
- rds: ib: need to flush neighbor cache for local peer connections on failover (Dag Moxnes) [Orabug: 30472629]


Related CVEs


CVE-2019-15217
CVE-2019-15219

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (aarch64) kernel-uek-4.14.35-1902.8.4.el7uek.src.rpmf9d4b30ceda94db3cc1c5e6c40903d33052b52020af98f767cc24e25cdfefad5ELSA-2025-20190ol7_aarch64_latest
kernel-uek-4.14.35-1902.8.4.el7uek.src.rpmf9d4b30ceda94db3cc1c5e6c40903d33052b52020af98f767cc24e25cdfefad5ELSA-2025-20190ol7_aarch64_u7_patch
kernel-uek-4.14.35-1902.8.4.el7uek.aarch64.rpm8c376ac51ebfa0003ae7c14553a3b6993ae7877b617b0b86f06895218f55db08ELSA-2025-20190ol7_aarch64_latest
kernel-uek-4.14.35-1902.8.4.el7uek.aarch64.rpm8c376ac51ebfa0003ae7c14553a3b6993ae7877b617b0b86f06895218f55db08ELSA-2025-20190ol7_aarch64_u7_patch
kernel-uek-debug-4.14.35-1902.8.4.el7uek.aarch64.rpmc9c8b1f45fb7eb7af9d792cafb52017f74e435e50975e4f71f9dc24c947b5fb8ELSA-2025-20190ol7_aarch64_latest
kernel-uek-debug-4.14.35-1902.8.4.el7uek.aarch64.rpmc9c8b1f45fb7eb7af9d792cafb52017f74e435e50975e4f71f9dc24c947b5fb8ELSA-2025-20190ol7_aarch64_u7_patch
kernel-uek-debug-devel-4.14.35-1902.8.4.el7uek.aarch64.rpm77f24a739ed9f128341c9a8d88292b5601c8aadf9739fc5e7d9bf45e67b6bf48ELSA-2025-20190ol7_aarch64_latest
kernel-uek-debug-devel-4.14.35-1902.8.4.el7uek.aarch64.rpm77f24a739ed9f128341c9a8d88292b5601c8aadf9739fc5e7d9bf45e67b6bf48ELSA-2025-20190ol7_aarch64_u7_patch
kernel-uek-devel-4.14.35-1902.8.4.el7uek.aarch64.rpm2e2f91af64219fb359ca707fe81671a6d5a68969b6ceca51550893b10a0bbe5bELSA-2025-20190ol7_aarch64_latest
kernel-uek-devel-4.14.35-1902.8.4.el7uek.aarch64.rpm2e2f91af64219fb359ca707fe81671a6d5a68969b6ceca51550893b10a0bbe5bELSA-2025-20190ol7_aarch64_u7_patch
kernel-uek-headers-4.14.35-1902.8.4.el7uek.aarch64.rpm7ff799ac5b1d1b07c7098980ec53bfbcfb1b23a09e8398b1918f126af2f9344bELBA-2025-20014ol7_aarch64_latest
kernel-uek-headers-4.14.35-1902.8.4.el7uek.aarch64.rpm7ff799ac5b1d1b07c7098980ec53bfbcfb1b23a09e8398b1918f126af2f9344bELBA-2025-20014ol7_aarch64_u7_patch
kernel-uek-tools-4.14.35-1902.8.4.el7uek.aarch64.rpm4aaa0e53cc0f293b0cdae7ce5513d684460c1ba0c0ee81d481cd1fdc5acbbe24ELSA-2025-20190ol7_aarch64_latest
kernel-uek-tools-4.14.35-1902.8.4.el7uek.aarch64.rpm4aaa0e53cc0f293b0cdae7ce5513d684460c1ba0c0ee81d481cd1fdc5acbbe24ELSA-2025-20190ol7_aarch64_u7_patch
kernel-uek-tools-libs-4.14.35-1902.8.4.el7uek.aarch64.rpmec71f774091cbf9dc38fdb4d52f17e247809e08c292059d2b0e7103f8fcebf6fELSA-2025-20019ol7_aarch64_latest
kernel-uek-tools-libs-4.14.35-1902.8.4.el7uek.aarch64.rpmec71f774091cbf9dc38fdb4d52f17e247809e08c292059d2b0e7103f8fcebf6fELSA-2025-20019ol7_aarch64_u7_patch
kernel-uek-tools-libs-devel-4.14.35-1902.8.4.el7uek.aarch64.rpmd68173bbfb357355521f7c469f745ea68a111509028f65feff62f571056df1b7ELBA-2025-20014ol7_aarch64_latest
kernel-uek-tools-libs-devel-4.14.35-1902.8.4.el7uek.aarch64.rpmd68173bbfb357355521f7c469f745ea68a111509028f65feff62f571056df1b7ELBA-2025-20014ol7_aarch64_u7_patch
perf-4.14.35-1902.8.4.el7uek.aarch64.rpm29c681f7cb241cfd5aa483f9a3a7bc44b3096fd1038df129c3002d2c8e8202a3ELSA-2025-20019ol7_aarch64_latest
perf-4.14.35-1902.8.4.el7uek.aarch64.rpm29c681f7cb241cfd5aa483f9a3a7bc44b3096fd1038df129c3002d2c8e8202a3ELSA-2025-20019ol7_aarch64_u7_patch
python-perf-4.14.35-1902.8.4.el7uek.aarch64.rpma2cb93f487a8390212efe748b0feab0f97a054ec09044fff11a279d829a04757ELSA-2025-20019ol7_aarch64_latest
python-perf-4.14.35-1902.8.4.el7uek.aarch64.rpma2cb93f487a8390212efe748b0feab0f97a054ec09044fff11a279d829a04757ELSA-2025-20019ol7_aarch64_u7_patch
Oracle Linux 7 (x86_64) kernel-uek-4.14.35-1902.8.4.el7uek.src.rpmf9d4b30ceda94db3cc1c5e6c40903d33052b52020af98f767cc24e25cdfefad5ELSA-2025-20190ol7_x86_64_UEKR5_archive
kernel-uek-4.14.35-1902.8.4.el7uek.x86_64.rpma3ad40e31abaf6600cc52604ad5c28487c0cc8f1efabfb82080fdf3623dee1f4ELSA-2025-20190ol7_x86_64_UEKR5_archive
kernel-uek-debug-4.14.35-1902.8.4.el7uek.x86_64.rpm59db3bbbf62a00bf3ab7c1c5619770b1ac4e0cac4cf0d3f3cd7604440b4dc706ELSA-2025-20190ol7_x86_64_UEKR5_archive
kernel-uek-debug-devel-4.14.35-1902.8.4.el7uek.x86_64.rpma38fb8ed646d0b26bb9ee2d5792285232c644a47a668435188cb95be80844ffdELSA-2025-20190ol7_x86_64_UEKR5_archive
kernel-uek-devel-4.14.35-1902.8.4.el7uek.x86_64.rpme2c9392f1eb6ab68dc82370ccbe978bbda069f902654515aac2baa2a1ac8b2e6ELSA-2025-20190ol7_x86_64_UEKR5_archive
kernel-uek-doc-4.14.35-1902.8.4.el7uek.noarch.rpmc5c54d7ab30b451307390fec431480f38621f5cf0746a24da652254a6b0eef6fELSA-2025-20190ol7_x86_64_UEKR5_archive
kernel-uek-tools-4.14.35-1902.8.4.el7uek.x86_64.rpmec9cc031e1e61fb8a17ac41ff3a4626c1af06f7f8c5f592d4e50620b2a3f7551ELSA-2025-20190ol7_x86_64_UEKR5_archive



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights