ELSA-2019-4878

ELSA-2019-4878 - Unbreakable Enterprise kernel security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2019-12-13

Description


[4.14.35-1902.8.4]
- Revert 'oled: give panic handler chance to run before kexec' (John Donnelly) [Orabug: 30594702]
- Revert 'oled: export symbols' (John Donnelly) [Orabug: 30594702]
- net/rds: Recycle RDS headers to speed up connection fail over (Ka-Cheong Poon) [Orabug: 30628735]
- net/rds: Reduce RDS headers de-allocation time (Ka-Cheong Poon) [Orabug: 30628735]
- net/rds: Should use rds_rtd_ptr() to trace pointer value (Ka-Cheong Poon) [Orabug: 30628735]

[4.14.35-1902.8.3]
- rds: Disable heartbeat by default (Hakon Bugge) [Orabug: 30580080]

[4.14.35-1902.8.2]
- rds:ib: Set RoCE ACK timeout before resolving route (Dag Moxnes) [Orabug: 30581176]
- RDMA/cma: Use ACK timeout for RoCE packetLifeTime (Dag Moxnes) [Orabug: 30581176]
- x86/hyperv: Make vapic support x2apic mode (Roman Kagan) [Orabug: 30571044]
- PCI: hv: Refactor hv_irq_unmask() to use cpumask_to_vpset() (Maya Nakamura) [Orabug: 30571044]
- PCI: hv: Replace hv_vp_set with hv_vpset (Maya Nakamura) [Orabug: 30571044]
- PCI: hv: Add __aligned(8) to struct retarget_msi_interrupt (Maya Nakamura) [Orabug: 30571044]
- MAINTAINERS: Add Hyper-V IOMMU driver into Hyper-V CORE AND DRIVERS scope (Lan Tianyu) [Orabug: 30571044]
- iommu/hyper-v: Add Hyper-V stub IOMMU driver (Lan Tianyu) [Orabug: 30571044]
- x86/Hyper-V: Set x2apic destination mode to physical when x2apic is available (Lan Tianyu) [Orabug: 30571044]
- x86/apic: Provide apic_ack_irq() (Thomas Gleixner) [Orabug: 30571044]
- rds: ib: update WR sizes when bringing up connection (Dag Moxnes) [Orabug: 30572790]
- USB: sisusbvga: fix oops in error path of sisusb_probe (Oliver Neukum) [Orabug: 30548564] {CVE-2019-15219}
- block-mq: fix hung due to too much warning log (Junxiao Bi) [Orabug: 30544816]
- oled: export symbols (Wengang Wang) [Orabug: 30550387]
- oled: give panic handler chance to run before kexec (Wengang Wang) [Orabug: 30550387]

[4.14.35-1902.8.1]
- ocfs2: protect extent tree in ocfs2_prepare_inode_for_write() (Shuning Zhang) [Orabug: 30545335]
- kvm: mmu: ITLB_MULTIHIT mitigation selection (Kanth Ghatraju) [Orabug: 30539764]
- x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs (Josh Poimboeuf) [Orabug: 30539764]
- cpu/speculation: Uninline and export CPU mitigations helpers (Tyler Hicks) [Orabug: 30539764]
- x86/speculation/taa: Fix for mitigation for TSX Async Abort (Kanth Ghatraju) [Orabug: 30533711]
- media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap (Vandana BN) [Orabug: 30532773] {CVE-2019-15217}
- x86: cpu: bugs.c: Fix compile error when CONFIG_XEN=n (Aaron Young) [Orabug: 30516915]
- SUNRPC: Remove xprt_connect_status() (Trond Myklebust) [Orabug: 30513391]
- SUNRPC: Handle ENETDOWN errors (Trond Myklebust) [Orabug: 30513391]
- x86/platform/uv: Account for UV Hubless in is_uvX_hub Ops (Mike Travis) [Orabug: 30518602]
- x86/platform/uv: Check EFI Boot to set reboot type (Mike Travis) [Orabug: 30518602]
- x86/platform/uv: Decode UVsystab Info (Mike Travis) [Orabug: 30518602]
- x86/platform/uv: Add UV Hubbed/Hubless Proc FS Files (Mike Travis) [Orabug: 30518602]
- x86/platform/uv: Setup UV functions for Hubless UV Systems (Mike Travis) [Orabug: 30518602]
- x86/platform/uv: Add return code to UV BIOS Init function (Mike Travis) [Orabug: 30518602]
- x86/platform/uv: Return UV Hubless System Type (Mike Travis) [Orabug: 30518602]
- x86/platform/uv: Save OEM_ID from ACPI MADT probe (Mike Travis) [Orabug: 30518602]

[4.14.35-1902.8.0.1.sn]
- rds: ib: Improve neighbor cache flush throttling (Dag Moxnes) [Orabug: 30472626]
- KVM: VMX: Do not change PID.NDST when loading a blocked vCPU (Joao Martins) [Orabug: 30512558]
- KVM: x86: Recompute PID.ON when clearing PID.SN (Joao Martins) [Orabug: 30512558]
- Revert 'KVM: VMX: sync pending posted interrupts based on PIR' (Joao Martins) [Orabug: 30512558]
- cpuidle: haltpoll: Take 'idle=' override into account (Zhenzhong Duan) [Orabug: 30519673]
- media: cpia2_usb: first wake up, then free in disconnect (Oliver Neukum) [Orabug: 30511740] {CVE-2019-15215}
- rds: ib: __flush_neigh_conn error messages in syslog during failover/failback (Dag Moxnes) [Orabug: 30499609]
- kdump: decouple trace_extern_vmcoreinfo_setup from CONFIG_TRACING (Dave Kleikamp) [Orabug: 30493478]
- media: dvb: usb: fix use after free in dvb_usb_device_exit (Oliver Neukum) [Orabug: 30490490] {CVE-2019-15213}
- net: sit: fix memory leak in sit_init_net() (Mao Wenan) [Orabug: 30445304] {CVE-2019-16994}
- mISDN: enforce CAP_NET_RAW for raw sockets (Ori Nimron) [Orabug: 30445156] {CVE-2019-17055}
- ieee802154: enforce CAP_NET_RAW for raw sockets (Ori Nimron) [Orabug: 30444945] {CVE-2019-17053}
- net: hsr: fix memory leak in hsr_dev_finalize() (Mao Wenan) [Orabug: 30444852] {CVE-2019-16995}
- vhost/vsock: fix uninitialized vhost_vsock->guest_cid (Stefan Hajnoczi) [Orabug: 30339795]
- fm10k: Fix a potential NULL pointer dereference (Yue Haibing) [Orabug: 30322694] {CVE-2019-15924}
- x86/apic: Get rid of multi CPU affinity (Thomas Gleixner) [Orabug: 29645216]
- rds: ib: need to flush neighbor cache for local peer connections on failover (Dag Moxnes) [Orabug: 30472629]


Related CVEs


CVE-2019-15217
CVE-2019-15219

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) kernel-uek-4.14.35-1902.8.4.el7uek.src.rpm2ca25f3f8f60b8f54457791819298cd5ELSA-2021-9220
kernel-uek-4.14.35-1902.8.4.el7uek.aarch64.rpm8d7b5fc13cc303083216c8e0fcd28e8aELSA-2021-9220
kernel-uek-debug-4.14.35-1902.8.4.el7uek.aarch64.rpm6e3617d6683621f7a216423c9486dd40ELSA-2021-9220
kernel-uek-debug-devel-4.14.35-1902.8.4.el7uek.aarch64.rpm2a660546f35fafb899edb09d8ffbc968ELSA-2021-9220
kernel-uek-devel-4.14.35-1902.8.4.el7uek.aarch64.rpm4a2fa180f94faf839ef61f8ebf11c9e8ELSA-2021-9220
kernel-uek-headers-4.14.35-1902.8.4.el7uek.aarch64.rpm55b78a1fb6fe62e68e449b9a2c141602ELSA-2021-9222
kernel-uek-tools-4.14.35-1902.8.4.el7uek.aarch64.rpm62dfaf606ab9c3dc74f15f27e0887d46ELSA-2021-9220
kernel-uek-tools-libs-4.14.35-1902.8.4.el7uek.aarch64.rpmc47570fadbdfa65df198cf356bdc18d4ELSA-2021-9220
kernel-uek-tools-libs-devel-4.14.35-1902.8.4.el7uek.aarch64.rpm8bc8c3fecc62bf1a22ac6fa35ab4a8d6ELSA-2021-9222
perf-4.14.35-1902.8.4.el7uek.aarch64.rpm79209933fe7d9e74df71a7adf9b6a05dELSA-2021-9220
python-perf-4.14.35-1902.8.4.el7uek.aarch64.rpm6c5efa557065b12537fed56b94567600ELSA-2021-9220
Oracle Linux 7 (x86_64) kernel-uek-4.14.35-1902.8.4.el7uek.src.rpm2ca25f3f8f60b8f54457791819298cd5ELSA-2021-9220
kernel-uek-4.14.35-1902.8.4.el7uek.x86_64.rpm030d6032f734bcf7ce0041c7b6e1575aELSA-2021-9220
kernel-uek-debug-4.14.35-1902.8.4.el7uek.x86_64.rpm3797f0f24dd7bd0848f5f91c84c73ed5ELSA-2021-9220
kernel-uek-debug-devel-4.14.35-1902.8.4.el7uek.x86_64.rpm044ff66cb1dabfe248112b12fa0be8b2ELSA-2021-9220
kernel-uek-devel-4.14.35-1902.8.4.el7uek.x86_64.rpm3e7bdef9234e7f25977b0c6a83a637eaELSA-2021-9220
kernel-uek-doc-4.14.35-1902.8.4.el7uek.noarch.rpm40507ceb28f68daa2fb41463fb76572fELSA-2021-9220
kernel-uek-tools-4.14.35-1902.8.4.el7uek.x86_64.rpm2f64b8cd85dab940ed9aa9694b35d936ELSA-2021-9220



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete