[ELSA-2018-3651] kernel security, bug fix, and enhancement update

Severity Moderate

Affected Packages 13

CVEs 2

[3.10.0-957.1.3.el7.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_
key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [bug 24817676]

[3.10.0-957.1.3.el7]
- [x86] Mark Intel Cascade Lake supported (Steve Best) [1650213 1639980]

[3.10.0-957.1.2.el7]
- [net] rtnetlink: give a user socket to get_target_net() (Jiri Benc) [1639635 1630694] {CVE-2018-14646}
- [net] Add variants of capable for use on on sockets (Jiri Benc) [1639635 1630694] {CVE-2018-14646}

[3.10.0-957.1.1.el7]
- [x86] boot: Fix kexec booting failure in the SEV bit detection code (Kairui Song) [1644990 1628828]
- [net] 8021q: create device with all possible features in wanted_features (Davide Caratti) [1644675 1640645]
- [mm] memcontrol: fix high scheduling latency source in mem_cgroup_reparent_charges (Andrea Arcangeli) [1644673 1632898]
- [kernel] cpuset: use trialcs->mems_allowed as a temp variable (Aristeu Rozanski) [1644236 1613248]
- [kernel] cpuset: fix a warning when clearing configured masks in old hierarchy (Aristeu Rozanski) [1644236 1613248]
- [kernel] cpuset: initialize effective masks when clone_children is enabled (Aristeu Rozanski) [1644236 1613248]
- [x86] efi: Only load initrd above 4g on second try (Lenny Szubowicz) [1643359 1608955]
- [x86] efi: Support initrd loaded above 4G (Lenny Szubowicz) [1643359 1608955]
- [x86] efi: Generalize handle_ramdisks() and rename to handle_cmdline_files() (Lenny Szubowicz) [1643359 1608955]
- [kernel] sched/fair: Fix throttle_list starvation with low CFS quota (Phil Auld) [1640675 1601153]
- [target] scsi: iscsi: Use bin2hex instead of a re-implementation (Maurizio Lombardi) [1634711 1627034] {CVE-2018-14633}
- [target] scsi: iscsi: Use hex2bin instead of a re-implementation (Maurizio Lombardi) [1634711 1627034] {CVE-2018-14633}

Package	Affected Version
pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7	< 3.10.0-957.1.3.el7
pkg:rpm/oraclelinux/perf?distro=oraclelinux-7	< 3.10.0-957.1.3.el7
pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7	< 3.10.0-957.1.3.el7
pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7	< 3.10.0-957.1.3.el7
pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7	< 3.10.0-957.1.3.el7
pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7	< 3.10.0-957.1.3.el7
pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7	< 3.10.0-957.1.3.el7
pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7	< 3.10.0-957.1.3.el7
pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7	< 3.10.0-957.1.3.el7
pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7	< 3.10.0-957.1.3.el7
pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7	< 3.10.0-957.1.3.el7
pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7	< 3.10.0-957.1.3.el7
pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-7	< 3.10.0-957.1.3.el7

ID

ELSA-2018-3651

Severity

moderate

URL

https://linux.oracle.com/errata/ELSA-2018-3651.html

Published

2018-11-27T00:00:00
(5 years ago)

Modified

2018-11-27T00:00:00
(5 years ago)

Rights

Other Advisories

Source	# ID	URL
elsa	ELSA-2018-3651	http://linux.oracle.com/errata/ELSA-2018-3651.html
CVE	CVE-2018-14633	http://linux.oracle.com/cve/CVE-2018-14633.html
CVE	CVE-2018-14646	http://linux.oracle.com/cve/CVE-2018-14646.html

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7	oraclelinux	python-perf	< 3.10.0-957.1.3.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/perf?distro=oraclelinux-7	oraclelinux	perf	< 3.10.0-957.1.3.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7	oraclelinux	kernel	< 3.10.0-957.1.3.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7	oraclelinux	kernel-tools	< 3.10.0-957.1.3.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7	oraclelinux	kernel-tools-libs	< 3.10.0-957.1.3.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7	oraclelinux	kernel-tools-libs-devel	< 3.10.0-957.1.3.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7	oraclelinux	kernel-headers	< 3.10.0-957.1.3.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7	oraclelinux	kernel-doc	< 3.10.0-957.1.3.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7	oraclelinux	kernel-devel	< 3.10.0-957.1.3.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7	oraclelinux	kernel-debug	< 3.10.0-957.1.3.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7	oraclelinux	kernel-debug-devel	< 3.10.0-957.1.3.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7	oraclelinux	kernel-abi-whitelists	< 3.10.0-957.1.3.el7	oraclelinux-7
Affected	pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-7	oraclelinux	bpftool	< 3.10.0-957.1.3.el7	oraclelinux-7

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date