[ELSA-2018-4265] Unbreakable Enterprise kernel security update
[4.1.12-124.21.1]
- hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:447! (Mike Kravetz) [Orabug: 28839992]
- scsi: libsas: fix memory leak in sas_smp_get_phy_events() (Jason Yan) [Orabug: 27927687] {CVE-2018-7757}
- KVM: vmx: shadow more fields that are read/written on every vmexits (Paolo Bonzini) [Orabug: 28581045]
- vhost/scsi: Use common handling code in request queue handler (Bijan Mottahedeh) [Orabug: 28775573]
- vhost/scsi: Extract common handling code from control queue handler (Bijan Mottahedeh) [Orabug: 28775573]
- vhost/scsi: Respond to control queue operations (Bijan Mottahedeh) [Orabug: 28775573]
[4.1.12-124.20.8]
- scsi: lpfc: devloss timeout race condition caused null pointer reference (James Smart) [Orabug: 27994179]
- scsi: qla2xxx: Fix race condition between iocb timeout and initialisation (Ben Hutchings) [Orabug: 28013813]
- i40e: Add programming descriptors to cleaned_count (Alexander Duyck) [Orabug: 28228724]
- i40e: Fix memory leak related filter programming status (Alexander Duyck) [Orabug: 28228724]
- xen-swiotlb: use actually allocated size on check physical continuous (Joe Jin) [Orabug: 28258102]
- Revert 'Revert 'xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent'' (Dongli Zhang) [Orabug: 28258102]
- net/mlx4_en: fix potential use-after-free with dma_unmap_page (Sarah Newman) [Orabug: 28376051]
- ocfs2: fix ocfs2 read block panic (Junxiao Bi) [Orabug: 28580543]
- block: fix bdi vs gendisk lifetime mismatch (Dan Williams) [Orabug: 28645416]
- e1000e: Fix link check race condition (Benjamin Poirier) [Orabug: 28716958]
- Revert 'e1000e: Separate signaling for link check/link up' (Benjamin Poirier) [Orabug: 28716958]
- e1000e: Avoid missed interrupts following ICR read (Benjamin Poirier) [Orabug: 28716958]
- e1000e: Fix queue interrupt re-raising in Other interrupt (Benjamin Poirier) [Orabug: 28716958]
- Partial revert 'e1000e: Avoid receiver overrun interrupt bursts' (Benjamin Poirier) [Orabug: 28716958]
- e1000e: Remove Other from EIAC (Benjamin Poirier) [Orabug: 28716958]
- Fix error code in nfs_lookup_verify_inode() (Lance Shelton) [Orabug: 28789030]
- workqueue: Allow modifying low level unbound workqueue cpumask (Lai Jiangshan) [Orabug: 28813166]
- workqueue: Create low-level unbound workqueues cpumask (Frederic Weisbecker) [Orabug: 28813166]
- scsi: sg: mitigate read/write abuse (Jann Horn) [Orabug: 28824718] {CVE-2017-13168}
- ID
- ELSA-2018-4265
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2018-4265.html
- Published
-
2018-11-06T00:00:00
(5 years ago) - Modified
-
2018-11-06T00:00:00
(5 years ago) - Rights
- Copyright 2018 Oracle, Inc.
- Other Advisories
-
- ALPINE:CVE-2018-7757
- DSA-4187-1
- DSA-4188-1
- ELSA-2018-3083
- ELSA-2018-4268
- ELSA-2018-4269
- ELSA-2018-4270
- ELSA-2018-4300
- ELSA-2019-4316
- FEDORA-2018-1c80fea1cd
- FEDORA-2018-1e033dc308
- FEDORA-2018-2a0f8b2c9d
- FEDORA-2018-2bce10900e
- FEDORA-2018-2ee3411cb8
- FEDORA-2018-2f6df9abfb
- FEDORA-2018-49bda79bd5
- FEDORA-2018-4ca01704a2
- FEDORA-2018-6367a17aa3
- FEDORA-2018-79d7c3d2df
- FEDORA-2018-8484550fff
- FEDORA-2018-884a105c04
- FEDORA-2018-93c2e74446
- FEDORA-2018-94315e9a6b
- FEDORA-2018-9d0e4e40b5
- FEDORA-2018-b57db4753c
- FEDORA-2018-b68776e5b0
- FEDORA-2018-b997780dca
- FEDORA-2018-c0a1284064
- FEDORA-2018-c449dc1c9c
- FEDORA-2018-d77cc41f35
- FEDORA-2018-e71875c4aa
- FEDORA-2018-e8f793bbfc
- RHSA-2018:3083
- RHSA-2018:3096
- SUSE-SU-2018:1080-1
- SUSE-SU-2018:1172-1
- SUSE-SU-2018:1220-1
- SUSE-SU-2018:1221-1
- SUSE-SU-2018:1309-1
- SUSE-SU-2018:3003-1
- SUSE-SU-2018:3004-1
- SUSE-SU-2018:3084-1
- SUSE-SU-2018:3659-1
- SUSE-SU-2019:0095-1
- USN-3654-1
- USN-3654-2
- USN-3656-1
- USN-3697-1
- USN-3697-2
- USN-3698-1
- USN-3698-2
- USN-3753-1
- USN-3753-2
- USN-3820-1
- USN-3820-2
- USN-3820-3
- USN-3822-1
- USN-3822-2
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2018-4265 | http://linux.oracle.com/errata/ELSA-2018-4265.html | |
CVE | CVE-2018-7757 | http://linux.oracle.com/cve/CVE-2018-7757.html | |
CVE | CVE-2017-13168 | http://linux.oracle.com/cve/CVE-2017-13168.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux | kernel-uek | < 4.1.12-124.21.1.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux | kernel-uek | < 4.1.12-124.21.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux | kernel-uek-firmware | < 4.1.12-124.21.1.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux | kernel-uek-firmware | < 4.1.12-124.21.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux | kernel-uek-doc | < 4.1.12-124.21.1.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux | kernel-uek-doc | < 4.1.12-124.21.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-devel | < 4.1.12-124.21.1.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-devel | < 4.1.12-124.21.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug | < 4.1.12-124.21.1.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug | < 4.1.12-124.21.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug-devel | < 4.1.12-124.21.1.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug-devel | < 4.1.12-124.21.1.el6uek | oraclelinux-6 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |