Stay Connected:

ELSA-2022-9483

ELSA-2022-9483 - Unbreakable Enterprise kernel security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2022-06-14

Description


[4.14.35-2047.514.5]
- x86/speculation/mmio: Fix late microcode loading (Patrick Colp) [Orabug: 34275786]

[4.14.35-2047.514.4]
- Add debugfs for controlling MMIO state data (Kanth Ghatraju) [Orabug: 34202260] {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166}
- KVM: x86/speculation: Disable Fill buffer clear within guests (Pawan Gupta) [Orabug: 34202260] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/mmio: Reuse SRBDS mitigation for SBDS (Pawan Gupta) [Orabug: 34202260] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/srbds: Update SRBDS mitigation selection (Pawan Gupta) [Orabug: 34202260] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data (Pawan Gupta) [Orabug: 34202260] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/mmio: Enable CPU Fill buffer clearing on idle (Pawan Gupta) [Orabug: 34202260] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations (Pawan Gupta) [Orabug: 34202260] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data (Pawan Gupta) [Orabug: 34202260] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation: Add a common function for MD_CLEAR mitigation update (Pawan Gupta) [Orabug: 34202260] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug (Pawan Gupta) [Orabug: 34202260] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- Documentation: Add documentation for Processor MMIO Stale Data (Pawan Gupta) [Orabug: 34202260] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation: Fix redundant MDS mitigation message (Waiman Long) [Orabug: 34202260] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}


Related CVEs


CVE-2022-21123
CVE-2022-21125
CVE-2022-21166
CVE-2022-21127

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) kernel-uek-4.14.35-2047.514.5.el7uek.src.rpmde9f640edaec2e6bc619fcf82b3c8e04-
kernel-uek-4.14.35-2047.514.5.el7uek.aarch64.rpm7f57143deed7f829488f4e628ef3076c-
kernel-uek-debug-4.14.35-2047.514.5.el7uek.aarch64.rpm453b04317a21b657a354518c60be3475-
kernel-uek-debug-devel-4.14.35-2047.514.5.el7uek.aarch64.rpm6a1a87837327d4a80873393fbe925537-
kernel-uek-devel-4.14.35-2047.514.5.el7uek.aarch64.rpm47f757e7b359483d65fa4f8963245525-
kernel-uek-headers-4.14.35-2047.514.5.el7uek.aarch64.rpm13e032eaee5abfd9907f30bde9e21a03-
kernel-uek-tools-4.14.35-2047.514.5.el7uek.aarch64.rpm8b57165153b8774cd00629d74c5e6854-
kernel-uek-tools-libs-4.14.35-2047.514.5.el7uek.aarch64.rpmb610df8db9754d0ef95e69a1469c14b9-
kernel-uek-tools-libs-devel-4.14.35-2047.514.5.el7uek.aarch64.rpm08442e1ab045d5231cfb5d3967b49e27-
perf-4.14.35-2047.514.5.el7uek.aarch64.rpm24f12e4c7bb0843705f556091c3e62cd-
python-perf-4.14.35-2047.514.5.el7uek.aarch64.rpmfc5e67402213316a03dab2249b1ee4ce-
Oracle Linux 7 (x86_64) kernel-uek-4.14.35-2047.514.5.el7uek.src.rpmde9f640edaec2e6bc619fcf82b3c8e04-
kernel-uek-4.14.35-2047.514.5.el7uek.x86_64.rpm28ffad3700834569a56a95e8d9cd9d7f-
kernel-uek-debug-4.14.35-2047.514.5.el7uek.x86_64.rpm4e65a8e3be58dbe1f76584c353dc5efa-
kernel-uek-debug-devel-4.14.35-2047.514.5.el7uek.x86_64.rpm9feb5f61cd6e2b060613cbf6fe4e4520-
kernel-uek-devel-4.14.35-2047.514.5.el7uek.x86_64.rpm6cc8f6fad9e0b249ab5597f1c0a9a848-
kernel-uek-doc-4.14.35-2047.514.5.el7uek.noarch.rpm16c679b228f19f1acea798c514204a1c-
kernel-uek-tools-4.14.35-2047.514.5.el7uek.x86_64.rpm02f5ceb0ac7cf368fd42492580183515-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights