OVMSA-2019-0023 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2019-05-31 |
Description
[4.1.12-124.27.2]
- x86/speculation/mds: Check for the right microcode before setting mitigation (Kanth Ghatraju) [Orabug: 29797118]
- vxlan: test dev->flags & IFF_UP before accessing vxlan->dev->dev_addr (Venkat Venkatsubra) [Orabug: 29710939]
- vxlan: test dev->flags & IFF_UP before calling gro_cells_receive() (Eric Dumazet) [Orabug: 29710939]
- nvme: allow timed-out ios to retry (James Smart) [Orabug: 29301607]
- rds: Introduce a pool of worker threads for connection management (Hakon Bugge) [Orabug: 29391909]
- rds: Use rds_conn_path cp_wq when applicable (Hakon Bugge) [Orabug: 29391909]
- rds: ib: Implement proper cm_id compare (Hakon Bugge) [Orabug: 29391909]
- Revert 'net/rds: prevent RDS connections using stale ARP entries' (Hakon Bugge) [Orabug: 29391909]
- rds: ib: Flush ARP cache when needed (Hakon Bugge) [Orabug: 29391909]
- rds: Add simple heuristics to determine connect delay (Hakon Bugge) [Orabug: 29391909]
- rds: Fix one-sided connect (Hakon Bugge) [Orabug: 29391909]
- rds: Consolidate and align ftrace related to connection management (Hakon Bugge) [Orabug: 29391909]
- rds: ib: Fix gratuitous ARP storm (Hakon Bugge) [Orabug: 29391909]
- IB/mlx4: Increase the timeout for CM cache (Hakon Bugge) [Orabug: 29391909]
- kvm/speculation: Allow KVM guests to use SSBD even if host does not (Alejandro Jimenez) [Orabug: 29423804]
- x86/speculation: Keep enhanced IBRS on when spec_store_bypass_disable=on is used (Alejandro Jimenez) [Orabug: 29423804]
- x86/speculation: Clean up enhanced IBRS checks in bugs_64.c (Alejandro Jimenez) [Orabug: 29423804]
- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (Andrea Arcangeli) [Orabug: 29510356]
- bnxt_en: Reset device on RX buffer errors. (Michael Chan) [Orabug: 29651238]
- x86/mitigations: Fix the test for Xen PV guest (Boris Ostrovsky) [Orabug: 29774291]
- x86/speculation/mds: Fix verw usage to use memory operand (Kanth Ghatraju) [Orabug: 29791036] {CVE-2018-12127} {CVE-2018-12130}
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle VM 3.4 (x86_64) | kernel-uek-4.1.12-124.27.2.el6uek.src.rpm | 22608acf6c879e55f98b241f52ceb68d | OVMSA-2021-0016 |
| kernel-uek-4.1.12-124.27.2.el6uek.x86_64.rpm | 2dbe65afdec70eef9cc6f1d87ea8039e | OVMSA-2021-0016 |
| kernel-uek-firmware-4.1.12-124.27.2.el6uek.noarch.rpm | 4b0f109acf68c7c499619c1dbc2a21f6 | OVMSA-2021-0016 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
