OVMSA-2019-0002 - Unbreakable Enterprise kernel security update

Release Date:2019-02-04


- rds: congestion updates can be missed when kernel low on memory (Mukesh Kacker) [Orabug: 28425811]
- net/rds: ib: Fix endless RNR Retries caused by memory allocation failures (Venkat Venkatsubra) [Orabug: 28127993]
- net: rds: fix excess initialization of the recv SGEs (Zhu Yanjun) [Orabug: 29004503]
- xhci: fix usb2 resume timing and races. (Mathias Nyman) [Orabug: 29028940]
- xhci: Fix a race in usb2 LPM resume, blocking U3 for usb2 devices (Mathias Nyman) [Orabug: 29028940]
- userfaultfd: check VM_MAYWRITE was set after verifying the uffd is registered (Andrea Arcangeli) [Orabug: 29163750] {CVE-2018-18397}
- userfaultfd: shmem/hugetlbfs: only allow to register VM_MAYWRITE vmas (Andrea Arcangeli) [Orabug: 29163750] {CVE-2018-18397}
- x86/apic/x2apic: set affinity of a single interrupt to one cpu (Jianchao Wang) [Orabug: 29196396]
- xen/blkback: rework validate_io_op() (Dongli Zhang) [Orabug: 29199843]
- xen/blkback: optimize validate_io_op() to filter BLKIF_OP_RESERVED_1 operation (Dongli Zhang) [Orabug: 29199843]
- xen/blkback: do not BUG() for invalid blkif_request from frontend (Dongli Zhang) [Orabug: 29199843]
- net/rds: WARNING: at net/rds/recv.c:222 rds_recv_hs_exthdrs+0xf8/0x1e0 (Venkat Venkatsubra) [Orabug: 29201779]
- xen-netback: wake up xenvif_dealloc_kthread when it should stop (Dongli Zhang) [Orabug: 29217927]
- Revert 'xfs: remove nonblocking mode from xfs_vm_writepage' (Wengang Wang) [Orabug: 29279692]
- Revert 'xfs: remove xfs_cancel_ioend' (Wengang Wang) [Orabug: 29279692]
- Revert 'xfs: Introduce writeback context for writepages' (Wengang Wang) [Orabug: 29279692]
- Revert 'xfs: xfs_cluster_write is redundant' (Wengang Wang) [Orabug: 29279692]
- Revert 'xfs: factor mapping out of xfs_do_writepage' (Wengang Wang) [Orabug: 29279692]
- Revert 'xfs: dont chain ioends during writepage submission' (Wengang Wang) [Orabug: 29279692]

- mstflint: Fix coding style issues - left with LINUX_VERSION_CODE (Idan Mehalel) [Orabug: 28878697]
- mstflint: Fix coding-style issues (Idan Mehalel) [Orabug: 28878697]
- mstflint: Fix errors found with checkpatch script (Idan Mehalel) [Orabug: 28878697]
- Added support for 5th Gen devices in Secure Boot module and mtcr (Adham Masarwah) [Orabug: 28878697]
- Fix typos in mst_kernel (Adham Masarwah) [Orabug: 28878697]
- bnxt_en: Report PCIe link properties with pcie_print_link_status() (Brian Maly) [Orabug: 28942099]
- selinux: Perform both commoncap and selinux xattr checks (Eric W. Biederman) [Orabug: 28951521]
- Introduce v3 namespaced file capabilities (Serge E. Hallyn) [Orabug: 28951521]
- rds: ib: Use a delay when reconnecting to the very same IP address (Hakon Bugge) [Orabug: 29138813]
- Change mincore() to count 'mapped' pages rather than 'cached' pages (Linus Torvalds) [Orabug: 29187415] {CVE-2019-5489}
- NFSD: Set the attributes used to store the verifier for EXCLUSIVE4_1 (Kinglong Mee) [Orabug: 29204157]

- ext4: update i_disksize when new eof exceeds it (Shan Hai) [Orabug: 28940828]
- ext4: update i_disksize if direct write past ondisk size (Eryu Guan) [Orabug: 28940828]
- ext4: protect i_disksize update by i_data_sem in direct write path (Eryu Guan) [Orabug: 28940828]
- ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c (Hui Peng) [Orabug: 29042981] {CVE-2018-19824}
- ALSA: usb-audio: Replace probing flag with active refcount (Takashi Iwai) [Orabug: 29042981] {CVE-2018-19824}
- ALSA: usb-audio: Avoid nested autoresume calls (Takashi Iwai) [Orabug: 29042981] {CVE-2018-19824}
- ext4: validate that metadata blocks do not overlap superblock (Theodore Tso) [Orabug: 29114440] {CVE-2018-1094}
- ext4: update inline int ext4_has_metadata_csum(struct super_block *sb) (John Donnelly) [Orabug: 29114440] {CVE-2018-1094}
- ext4: always initialize the crc32c checksum driver (Theodore Tso) [Orabug: 29114440] {CVE-2018-1094} {CVE-2018-1094}
- Revert 'bnxt_en: Reduce default rings on multi-port cards.' (Brian Maly) [Orabug: 28687746]
- mlx4_core: Disable P_Key Violation Traps (Hakon Bugge) [Orabug: 27693633]
- rds: RDS connection does not reconnect after CQ access violation error (Venkat Venkatsubra) [Orabug: 28733324]

- KVM/SVM: Allow direct access to MSR_IA32_SPEC_CTRL (KarimAllah Ahmed) [Orabug: 28069548]
- KVM/VMX: Allow direct access to MSR_IA32_SPEC_CTRL - reloaded (Mihai Carabas) [Orabug: 28069548]
- KVM/x86: Add IBPB support (Ashok Raj) [Orabug: 28069548]
- KVM: x86: pass host_initiated to functions that read MSRs (Paolo Bonzini) [Orabug: 28069548]
- KVM: VMX: make MSR bitmaps per-VCPU (Paolo Bonzini) [Orabug: 28069548]
- KVM: VMX: introduce alloc_loaded_vmcs (Paolo Bonzini) [Orabug: 28069548]
- KVM: nVMX: Eliminate vmcs02 pool (Jim Mattson) [Orabug: 28069548]
- KVM: nVMX: fix msr bitmaps to prevent L2 from accessing L0 x2APIC (Radim Krcmar) [Orabug: 28069548]
- ocfs2: dont clear bh uptodate for block read (Junxiao Bi) [Orabug: 28762940]
- ocfs2: clear journal dirty flag after shutdown journal (Junxiao Bi) [Orabug: 28924775]
- ocfs2: fix panic due to unrecovered local alloc (Junxiao Bi) [Orabug: 28924775]
- net: rds: fix rds_ib_sysctl_max_recv_allocation error (Zhu Yanjun) [Orabug: 28947481]
- x86/speculation: Always disable IBRS in disable_ibrs_and_friends() (Alejandro Jimenez) [Orabug: 29139710]

- pinctrl: amd: Use devm_pinctrl_register() for pinctrl registration (Laxman Dewangan) [Orabug: 27539246] {CVE-2017-18174}
- mlock: fix mlock count can not decrease in race condition (Yisheng Xie) [Orabug: 27677611] {CVE-2017-18221}
- perf/core: Fix the perf_cpu_time_max_percent check (Tan Xiaojun) [Orabug: 27823815] {CVE-2017-18255}
- x86/microcode/intel: Fix a wrong assignment of revision in _save_mc (Zhenzhong Duan) [Orabug: 28190263]
- mm: cma: fix incorrect type conversion for size during dma allocation (Rohit Vaswani) [Orabug: 28407826] {CVE-2017-9725}
- x86/speculation: Make enhanced IBRS the default spectre v2 mitigation (Alejandro Jimenez) [Orabug: 28474851]
- x86/speculation: Enable enhanced IBRS usage (Alejandro Jimenez) [Orabug: 28474851]
- x86/speculation: functions for supporting enhanced IBRS (Alejandro Jimenez) [Orabug: 28474851]
- xen/blkback: fix disconnect while I/Os in flight (Juergen Gross) [Orabug: 28744234]
- mlx4_vnic: use the mlid while calling ib_detach_mcast (aru kolappan) [Orabug: 29029705]
- ext4: fail ext4_iget for root directory if unallocated (Theodore Tso) [Orabug: 29048557] {CVE-2018-1092} {CVE-2018-1092}
- Bluetooth: hidp: buffer overflow in hidp_process_report (Mark Salyzyn) [Orabug: 29121215] {CVE-2018-9363} {CVE-2018-9363}
- HID: debug: check length before copy_to_user() (Daniel Rosenberg) [Orabug: 29128165] {CVE-2018-9516}
- x86/MCE: Serialize sysfs changes (Seunghun Han) [Orabug: 29149888] {CVE-2018-7995}
- Input: i8042 - fix crash at boot time (Chen Hong) [Orabug: 29152328] {CVE-2017-18079}

- base/memory, hotplug: fix a kernel oops in show_valid_zones() (Toshi Kani) [Orabug: 29050538]
- mm/memory_hotplug.c: check start_pfn in test_pages_in_a_zone() (Toshi Kani) [Orabug: 29050538]
- drivers/base/memory.c: prohibit offlining of memory blocks with missing sections (Seth Jennings) [Orabug: 29050538]
- mm: Check if section present during memory block (un)registering (Yinghai Lu) [Orabug: 29050538]
- hugetlb: take PMD sharing into account when flushing tlb/caches (Mike Kravetz) [Orabug: 28951854]
- mm: migration: fix migration of huge PMD shared pages (Mike Kravetz) [Orabug: 28951854]
- hugetlbfs: use truncate mutex to prevent pmd sharing race (Mike Kravetz) [Orabug: 28896255]

- rds: ib: Improve tracing during failover/back (Hakon Bugge) [Orabug: 28860366]
- rds: ib: Remove superfluous add of address on fail-back device (Hakon Bugge) [Orabug: 28860366]
- libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset (Fred Herard) [Orabug: 28946207]
- wil6210: missing length check in wmi_set_ie (Lior David) [Orabug: 28951265] {CVE-2018-5848}
- netfilter: xt_osf: Add missing permission checks (Kevin Cernekee) [Orabug: 29037831] {CVE-2017-17450}
- x86/speculation: Fix bad argument to rdmsrl() in cpu_set_bug_bits() (Alejandro Jimenez) [Orabug: 29044805]

Related CVEs


Updated Packages

Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle VM 3.4 (x86_64) kernel-uek-4.1.12-124.24.5.el6uek.src.rpm7be9e779b462687baa3eb7e9a63375faOVMSA-2021-0016

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team