OVMSA-2019-0023 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2019-05-31 |
Description
[4.1.12-124.27.2]
- x86/speculation/mds: Check for the right microcode before setting mitigation (Kanth Ghatraju) [Orabug: 29797118]
- vxlan: test dev->flags & IFF_UP before accessing vxlan->dev->dev_addr (Venkat Venkatsubra) [Orabug: 29710939]
- vxlan: test dev->flags & IFF_UP before calling gro_cells_receive() (Eric Dumazet) [Orabug: 29710939]
- nvme: allow timed-out ios to retry (James Smart) [Orabug: 29301607]
- rds: Introduce a pool of worker threads for connection management (Hakon Bugge) [Orabug: 29391909]
- rds: Use rds_conn_path cp_wq when applicable (Hakon Bugge) [Orabug: 29391909]
- rds: ib: Implement proper cm_id compare (Hakon Bugge) [Orabug: 29391909]
- Revert 'net/rds: prevent RDS connections using stale ARP entries' (Hakon Bugge) [Orabug: 29391909]
- rds: ib: Flush ARP cache when needed (Hakon Bugge) [Orabug: 29391909]
- rds: Add simple heuristics to determine connect delay (Hakon Bugge) [Orabug: 29391909]
- rds: Fix one-sided connect (Hakon Bugge) [Orabug: 29391909]
- rds: Consolidate and align ftrace related to connection management (Hakon Bugge) [Orabug: 29391909]
- rds: ib: Fix gratuitous ARP storm (Hakon Bugge) [Orabug: 29391909]
- IB/mlx4: Increase the timeout for CM cache (Hakon Bugge) [Orabug: 29391909]
- kvm/speculation: Allow KVM guests to use SSBD even if host does not (Alejandro Jimenez) [Orabug: 29423804]
- x86/speculation: Keep enhanced IBRS on when spec_store_bypass_disable=on is used (Alejandro Jimenez) [Orabug: 29423804]
- x86/speculation: Clean up enhanced IBRS checks in bugs_64.c (Alejandro Jimenez) [Orabug: 29423804]
- mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (Andrea Arcangeli) [Orabug: 29510356]
- bnxt_en: Reset device on RX buffer errors. (Michael Chan) [Orabug: 29651238]
- x86/mitigations: Fix the test for Xen PV guest (Boris Ostrovsky) [Orabug: 29774291]
- x86/speculation/mds: Fix verw usage to use memory operand (Kanth Ghatraju) [Orabug: 29791036] {CVE-2018-12127} {CVE-2018-12130}
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3.4 (x86_64) | kernel-uek-4.1.12-124.27.2.el6uek.src.rpm | f5e039f1ef9db44332876f0f006d17307ec33e000f395a1826aba8de46f6ed89 | OVMSA-2025-0001 | ovm34_x86_64_latest |
| kernel-uek-4.1.12-124.27.2.el6uek.x86_64.rpm | 155cd72254808aca8c291a30a34f42e7d03a20a1c705ec9d785a6acd10beaf58 | OVMSA-2025-0001 | ovm34_x86_64_latest |
| kernel-uek-firmware-4.1.12-124.27.2.el6uek.noarch.rpm | fadb5d92a57368af600194155c6c321b6f87c05ef0e5f8f36b190830675e66e8 | OVMSA-2025-0001 | ovm34_x86_64_latest |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
