[ELSA-2018-2846] kernel security and bug fix update
[2.6.32-754.6.3.OL6]
- Update genkey [bug 25599697]
[2.6.32-754.6.3]
- [kvm] VMX: fixes for vmentry_l1d_flush module parameter (Marcelo Tosatti) [1628796]
- [x86] speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (Marcelo Tosatti) [1628796]
- [x86] KVM: VMX: skip L1TF flush on VM-entry if EPT is disabled (Marcelo Tosatti) [1616397]
[2.6.32-754.6.2]
- [fs] exec: Limit arg stack to at most 75 of _STK_LIM (Yauheni Kaliuta) [1625976] {CVE-2018-14634}
- [fs] exec.c: account for argv/envp pointers (Yauheni Kaliuta) [1625976] {CVE-2018-14634}
[2.6.32-754.6.1]
- [x86] set __max_smt_threads for 1 core systems (Prarit Bhargava) [1623255]
- [md] dm rq: fix a race condition in rq_completed() (Ming Lei) [1574568]
- [scsi] scsi_transport_fc: Hold queue lock while calling blk_run_queue_async() (Ming Lei) [1574568]
- [block] Avoid scheduling delayed work on a dead queue (Ming Lei) [1574568]
- [block] Avoid that request_fn is invoked on a dead queue (Ming Lei) [1574568]
- [block] Let blk_drain_queue() caller obtain the queue lock (Ming Lei) [1574568]
- [block] Rename queue dead flag (Ming Lei) [1574568]
[2.6.32-754.5.1]
- [s390] dasd: fix IO error for newly defined devices (Hendrik Brueckner) [1574448]
- [s390] dasd: fix failing path verification (Hendrik Brueckner) [1581684]
- [s390] qeth: on channel error, reject further cmd requests (Hendrik Brueckner) [1562009]
- [s390] qdio: fix access to uninitialized qdio_q fields (Hendrik Brueckner) [1581685]
- [powerpc] stf-barrier: update (rfi_)enabled_flush_types as in upstream (Gustavo Duarte) [1585299]
- [powerpc] stf-barrier: update debugfs as in upstream (Gustavo Duarte) [1585299]
- [powerpc] stf-barrier: update handle_ssbd() as in upstream (Gustavo Duarte) [1585299]
- [powerpc] stf-barrier: update stf_barrier_enable() as in upstream (Gustavo Duarte) [1585299]
- [powerpc] stf-barrier: add cpu_show_spec_store_bypass() as in upstream (Gustavo Duarte) [1585299]
- [powerpc] stf-barrier: add comment as in upstream (Gustavo Duarte) [1585299]
- [powerpc] stf-barrier: move code from setup_64.c to security.c as in upstream (Gustavo Duarte) [1585299]
- [powerpc] stf-barrier: move code from setup.h to security_features.h as in upstream (Gustavo Duarte) [1585299]
- [powerpc] stf-barrier: update fallback routine as in upstream (Gustavo Duarte) [1585299]
- [powerpc] stf-barrier: update entry barrier slot as in upstream (Gustavo Duarte) [1585299]
- [x86] Add host_initiated check in reading MSR_AMD64_VIRT_SPEC_CTRL (Wei Huang) [1608576]
- [x86] KVM: pass host_initiated to functions that read MSRs (Wei Huang) [1608576]
- [fs] gfs2: Special-case rindex for gfs2_grow (Robert S Peterson) [1384184]
- [fs] Revert '[fs] gfs2: Special case the rindex in gfs2_write_alloc_required()' (Robert S Peterson) [1384184]
- [net] ip: process in-order fragments efficiently (Stefano Brivio) [1613925] {CVE-2018-5391}
- [net] ip: add helpers to process in-order fragments faster. (Stefano Brivio) [1613925] {CVE-2018-5391}
- [net] ipv6: defrag: drop non-last frags smaller than min mtu (Stefano Brivio) [1613925] {CVE-2018-5391}
- [net] ip: use rb trees for IP frag queue. (Stefano Brivio) [1613925] {CVE-2018-5391}
- [net] ip: discard IPv4 datagrams with overlapping segments. (Stefano Brivio) [1613925] {CVE-2018-5391}
- [net] net: modify skb_rbtree_purge to return the truesize of all purged skbs. (Stefano Brivio) [1613925] {CVE-2018-5391}
- [net] net: speed up skb_rbtree_purge() (Stefano Brivio) [1613925] {CVE-2018-5391}
- [net] skbuff: Rename RHEL6 version of skb_tree_purge() to skb_tree_purge_sk() (Stefano Brivio) [1613925] {CVE-2018-5391}
[2.6.32-754.4.1]
- [kernel] cpu/hotplug: Enable 'nosmt' as late as possible (Frantisek Hrbata) [1593376] {CVE-2018-3620}
- [x86] x86/mm: Simplify p[g4um]d_page() macros (Josh Poimboeuf) [1593376] {CVE-2018-3620}
- [x86] x86/mm: Fix regression with huge pages on PAE (Josh Poimboeuf) [1593376] {CVE-2018-3620}
- [x86] x86/asm: Fix pud/pmd interfaces to handle large PAT bit (Josh Poimboeuf) [1593376] {CVE-2018-3620}
- [x86] x86/asm: Add pud/pmd mask interfaces to handle large PAT bit (Josh Poimboeuf) [1593376] {CVE-2018-3620}
- [x86] x86/asm: Move PUD_PAGE macros to page_types.h (Josh Poimboeuf) [1593376] {CVE-2018-3620}
- [net] tcp: detect malicious patterns in tcp_collapse_ofo_queue() (Florian Westphal) [1611376] {CVE-2018-5390}
- [net] tcp: avoid collapses in tcp_prune_queue() if possible (Florian Westphal) [1611376] {CVE-2018-5390}
- [net] tcp: free batches of packets in tcp_prune_ofo_queue() (Florian Westphal) [1611376] {CVE-2018-5390}
- [net] add rb_to_skb() and other rb tree helpers (Florian Westphal) [1611376] {CVE-2018-5390}
- [net] tcp: fix a stale ooo_last_skb after a replace (Florian Westphal) [1611376] {CVE-2018-5390}
- [net] tcp: use an RB tree for ooo receive queue (Florian Westphal) [1611376] {CVE-2018-5390}
- [net] add rbnode to struct sk_buff (Florian Westphal) [1611376] {CVE-2018-5390}
- [net] tcp: refine tcp_prune_ofo_queue() to not drop all packets (Florian Westphal) [1611376] {CVE-2018-5390}
- [x86] syscall: Fix regression when using the last syscall (process_vm_writev) (Lauro Ramos Venancio) [1589032] {CVE-2018-3693}
- [x86] syscall: Fix regression on strace and stap (Lauro Ramos Venancio) [1589032] {CVE-2018-3693}
- [kvm] VMX: Fix host GDT.LIMIT corruption (CVE-2018-10301) (Paolo Bonzini) [1601851] {CVE-2018-10901}
- [x86] Initialize __max_smt_threads to 1 (Waiman Long) [1593376] {CVE-2018-3620}
- [kernel] cpu/hotplug: detect SMT disabled by BIOS (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] topology: Add topology_max_smt_threads() (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] speculation/l1tf: Fix incorrect error return code in vm_insert_pfn() (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] KVM/VMX: Initialize the vmx_l1d_flush_pages' content (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] kvm: Don't flush L1D cache if VMENTER_L1D_FLUSH_NEVER (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] kvm: Take out the unused nosmt module parameter (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] mm/dump_pagetables: Add a check_l1tf debugfs file (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] l1tf: protect _PAGE_FILE PTEs against speculation for 32-bit PAE (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] speculation/l1tf: Protect swap entries aganst L1TF for 32-bit PAE (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] cpu: Make flush_l1d visible in /proc/cpuinfo (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] l1tf: protect _PAGE_FILE PTEs against speculation (Waiman Long) [1593376] {CVE-2018-3620}
- [Documentation] Add section about CPU vulnerabilities (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] bugs, kvm: Introduce boot-time control of L1TF mitigations (Waiman Long) [1593376] {CVE-2018-3620}
- [kernel] cpu/hotplug: Set CPU_SMT_NOT_SUPPORTED early (Waiman Long) [1593376] {CVE-2018-3620}
- [kernel] cpu/hotplug: Expose SMT control init function (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] kvm: Allow runtime control of L1D flush (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] kvm: Serialize L1D flush parameter setter (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] kvm: Move l1tf setup function (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] l1tf: Handle EPT disabled state proper (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] kvm: Drop L1TF MSR list approach (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] litf: Introduce vmx status variable (Waiman Long) [1593376] {CVE-2018-3620}
- [kernel] cpu/hotplug: Online siblings when SMT control is turned on (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] KVM/VMX: Use MSR save list for IA32_FLUSH_CMD if required (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] KVM/VMX: Extend add_atomic_switch_msr() to allow VMENTER only MSRs (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] KVM/VMX: Separate the VMX AUTOLOAD guest/host number accounting (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] KVM/VMX: Add find_msr() helper function (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] KVM/VMX: Split the VMX MSR LOAD structures to have an host/guest numbers (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] KVM/VMX: Add L1D flush logic (Waiman Long) [1593376] {CVE-2018-3620}
- [kvm] VMX: Make indirect call speculation safe (Waiman Long) [1593376] {CVE-2018-3620}
- [kvm] VMX: Enable acknowledge interupt on vmexit (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] KVM/VMX: Add L1D MSR based flush (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] KVM/VMX: Add L1D flush algorithm (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] KVM/VMX: Add module argument for L1TF mitigation (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] KVM: Warn user if KVM is loaded SMT and L1TF CPU bug being present (Waiman Long) [1593376] {CVE-2018-3620}
- [kvm] x86: Introducing kvm_x86_ops VM init/destroy hooks (Waiman Long) [1593376] {CVE-2018-3620}
- [kernel] cpu/hotplug: Boot HT siblings at least once (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] Revert 'x86/apic: Ignore secondary threads if nosmt=force' (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] speculation/l1tf: Fix up pte->pfn conversion for PAE (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] CPU/AMD: Move TOPOEXT reenablement before reading smp_num_siblings (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] cpufeatures: Add detection of L1D cache flush support. (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] speculation/l1tf: Extend 64bit swap file size limit (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] apic: Ignore secondary threads if nosmt=force (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] cpu/AMD: Evaluate smp_num_siblings early (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] CPU/AMD: Do not check CPUID max ext level before parsing SMP info (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] cpu/intel: Evaluate smp_num_siblings early (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] cpu/topology: Provide detect_extended_topology_early() (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] cpu/common: Provide detect_ht_early() (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] cpu/AMD: Remove the pointless detect_ht() call (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] cpu: Remove the pointless CPU printout (Waiman Long) [1593376] {CVE-2018-3620}
- [kernel] cpu/hotplug: Provide knobs to control SMT (Waiman Long) [1593376] {CVE-2018-3620}
- [kernel] cpu/hotplug: Split do_cpu_down() (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] topology: Provide topology_smt_supported() (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] smp: Provide topology_is_primary_thread() (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] bugs: Move the l1tf function and define pr_fmt properly (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] speculation/l1tf: Limit swap file size to MAX_PA/2 (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] speculation/l1tf: Disallow non privileged high MMIO PROT_NONE mappings (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] speculation/l1tf: Add sysfs reporting for l1tf (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] speculation/l1tf: Protect PROT_NONE PTEs against speculation (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] speculation/l1tf: Protect swap entries against L1TF (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] speculation/l1tf: Change order of offset/type in swap entry (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] speculation/l1tf: Increase 32bit PAE __PHYSICAL_PAGE_SHIFT (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] cpu: Fix incorrect vulnerabilities files function prototypes (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] bugs: Export the internal __cpu_bugs variable (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] spec_ctrl: sync with upstream cpu_set_bug_bits() (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] intel-family.h: Add GEMINI_LAKE SOC (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] mm: Fix swap entry comment and macro (Waiman Long) [1593376] {CVE-2018-3620}
- [x86] mm: Move swap offset/type up in PTE to work around erratum (Waiman Long) [1593376] {CVE-2018-3620}
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-6 | < 2.6.32-754.6.3.el6 |
pkg:rpm/oraclelinux/perf?distro=oraclelinux-6 | < 2.6.32-754.6.3.el6 |
pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6 | < 2.6.32-754.6.3.el6 |
pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6 | < 2.6.32-754.6.3.el6 |
pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6 | < 2.6.32-754.6.3.el6 |
pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6 | < 2.6.32-754.6.3.el6 |
pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6 | < 2.6.32-754.6.3.el6 |
pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6 | < 2.6.32-754.6.3.el6 |
pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6 | < 2.6.32-754.6.3.el6 |
pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-6 | < 2.6.32-754.6.3.el6 |
- ID
- ELSA-2018-2846
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2018-2846.html
- Published
-
2018-10-09T00:00:00
(6 years ago) - Modified
-
2018-10-09T00:00:00
(6 years ago) - Rights
- Copyright 2018 Oracle, Inc.
- Other Advisories
-
- ALAS-2018-1058
- ALAS-2018-1087
- ALAS2-2018-1058
- ALAS2-2018-1087
- CISCO-SA-20180824-LINUX-IP-FRAGMENT
- DSA-4272-1
- ELSA-2018-2748
- ELSA-2018-3083
- ELSA-2018-4195
- ELSA-2018-4196
- ELSA-2018-4230
- ELSA-2018-4233
- ELSA-2018-4234
- FEDORA-2018-0edb45d9db
- FEDORA-2018-1621b2204a
- FEDORA-2018-2ee3411cb8
- FEDORA-2018-3857a8b41a
- FEDORA-2018-6e8c330d50
- FEDORA-2018-94315e9a6b
- FEDORA-2018-9f4381d8c4
- FEDORA-2018-a0914af224
- FEDORA-2018-b68776e5b0
- FEDORA-2018-c0a1284064
- FEDORA-2018-d77cc41f35
- FEDORA-2018-ddbaca855e
- FEDORA-2018-e820fccd83
- FEDORA-2019-16de0047d4
- FEDORA-2019-196ab64d65
- FEDORA-2019-1b986880ea
- FEDORA-2019-20a89ca9af
- FEDORA-2019-337484d88b
- FEDORA-2019-3da64f3e61
- FEDORA-2019-4002b91800
- FEDORA-2019-509c133845
- FEDORA-2019-65c6d11eba
- FEDORA-2019-7d3500d712
- FEDORA-2019-a6cd583a8d
- FEDORA-2019-c36afa818c
- FEDORA-2019-ce2933b003
- RHSA-2018:2748
- RHSA-2018:2763
- RHSA-2018:2846
- RHSA-2018:3083
- RHSA-2018:3096
- SSA:2019-169-01
- SUSE-SU-2018:2344-1
- SUSE-SU-2018:2344-2
- SUSE-SU-2018:2374-1
- SUSE-SU-2018:2380-1
- SUSE-SU-2018:2381-1
- SUSE-SU-2018:2450-1
- SUSE-SU-2018:2596-1
- SUSE-SU-2018:2879-1
- SUSE-SU-2018:2907-1
- SUSE-SU-2018:2908-1
- SUSE-SU-2018:2908-2
- SUSE-SU-2018:3083-1
- SUSE-SU-2018:3088-1
- SUSE-SU-2018:3171-1
- SUSE-SU-2018:3238-1
- SUSE-SU-2018:3787-1
- SUSE-SU-2018:3792-1
- SUSE-SU-2018:3860-1
- SUSE-SU-2018:3865-1
- SUSE-SU-2018:3880-1
- SUSE-SU-2018:3881-1
- SUSE-SU-2019:0541-1
- SUSE-SU-2019:0645-1
- SUSE-SU-2019:0672-1
- SUSE-SU-2019:1289-1
- USN-3740-1
- USN-3740-2
- USN-3741-1
- USN-3741-2
- USN-3742-1
- USN-3742-2
- USN-3775-1
- USN-3775-2
- USN-3779-1
- VU:641765
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2018-2846 | http://linux.oracle.com/errata/ELSA-2018-2846.html | |
CVE | CVE-2018-5391 | http://linux.oracle.com/cve/CVE-2018-5391.html | |
CVE | CVE-2018-14634 | http://linux.oracle.com/cve/CVE-2018-14634.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-6 | oraclelinux | python-perf | < 2.6.32-754.6.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-6 | oraclelinux | perf | < 2.6.32-754.6.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6 | oraclelinux | kernel | < 2.6.32-754.6.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6 | oraclelinux | kernel-headers | < 2.6.32-754.6.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6 | oraclelinux | kernel-firmware | < 2.6.32-754.6.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6 | oraclelinux | kernel-doc | < 2.6.32-754.6.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6 | oraclelinux | kernel-devel | < 2.6.32-754.6.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6 | oraclelinux | kernel-debug | < 2.6.32-754.6.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6 | oraclelinux | kernel-debug-devel | < 2.6.32-754.6.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-6 | oraclelinux | kernel-abi-whitelists | < 2.6.32-754.6.3.el6 | oraclelinux-6 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |