[ELSA-2019-0512] kernel security, bug fix, and enhancement update
[3.10.0-957.10.1.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [bug 24817676]
[3.10.0-957.10.1]
- [fs] revert '[fs] nfs: Don't write back further requests if there is a pending write error' (Benjamin Coddington) [1672510 1656674]
- [fs] cifs: connect to servername instead of IP for IPC$ share (Leif Sahlberg) [1672448 1647844]
- [acpi] nfit: Fix command-supported detection (Charles Rose) [1671743 1665811]
- [acpi] nfit: Block function zero DSMs (Charles Rose) [1671743 1665811]
- [x86] efi-bgrt: Replace early_memremap() with memremap() (Lenny Szubowicz) [1671745 1481667]
- [x86] efi-bgrt: Replace ioremap() with early_memremap() (Lenny Szubowicz) [1671745 1481667]
- [scsi] libiscsi: Allow sd_shutdown on bad transport (Chris Leech) [1670680 1630979]
- [block] blk-mq: punt failed direct issue to dispatch list (Ming Lei) [1670511 1656654]
- [block] blk-mq: fix corruption with direct issue (Ming Lei) [1670511 1656654]
- [powerpc] rtas: Fix a potential race between CPU-Offline & Migration (Steve Best) [1669044 1650249]
- [powerpc] pseries: Disable CPU hotplug across migrations (Steve Best) [1669044 1650249]
- [md] Add split counter for raid1 write request in the right place (Xiao Ni) [1668208 1659951]
- [lib] string_helpers.c: fix infinite loop in string_get_size() (Ewan Milne) [1667989 1660565]
- [kernel] stop_machine: Atomically queue and wake stopper threads (Phil Auld) [1667328 1557061]
- [kernel] stop_machine: Disable preemption after queueing stopper threads (Phil Auld) [1667328 1557061]
- [kernel] stop_machine: Disable preemption when waking two stopper threads (Phil Auld) [1667328 1557061]
- [kernel] stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock (Phil Auld) [1667328 1557061]
- [kernel] stop_machine: Make cpu_stop_queue_work() and stop_one_cpu_nowait() return bool (Phil Auld) [1667328 1557061]
- [fs] proc: restrict kernel stack dumps to root (Joe Lawrence) [1642401 1638194] {CVE-2018-17972}
- [fs] proc: use 'unsigned int' for /proc/*/stack (Joe Lawrence) [1642401 1638194] {CVE-2018-17972}
- [fs] libceph: fall back to sendmsg for slab pages (Ilya Dryomov) [1665814 1647460]
- [scsi] csiostor: remove flush_scheduled_work() (Arjun Vynipadath) [1665370 1660882]
- [pci] shpchp: Separate existence of SHPC and permission to use it (Myron Stowe) [1663241 1633873]
- [pci] shpchp: Manage SHPC unconditionally on non-ACPI systems (Myron Stowe) [1663241 1633873]
- [pci] shpchp: Fix AMD POGO identification (Myron Stowe) [1663241 1633873]
- [mm] memcontrol: factor out reclaim iterator loading and updating (Aristeu Rozanski) [1663114 1595932]
- [net] xfrm: policy: init locks early (Herbert Xu) [1660887 1641866]
- [kernel] mm: clear __GFP_FS when PF_MEMALLOC_NOIO is set (Rafael Aquini) [1660392 1657714]
- [nvme] flush namespace scanning work just before removing namespaces (Ewan Milne) [1659937 1622487]
- [fs] fuse: don't need GETATTR after every READ (Miklos Szeredi) [1657921 1648781]
- [fs] fuse: don't invalidate attrs when not using atime (Miklos Szeredi) [1657921 1648781]
- [net] Set sk_prot_creator when cloning sockets to the right proto (Andrea Claudi) [1657351 1657352] {CVE-2018-9568}
- [kernel] bpf: 32-bit RSH verification must truncate input before the ALU op (Jiri Olsa) [1641387 1641388] {CVE-2018-18445}
[3.10.0-957.9.1]
- [input] psmouse: fix button reporting for basic protocols (Benjamin Tissoires) [1662848 1658669]
- [input] psmouse: add support for 2nd wheel on A4Tech Dual-Scroll wheel mice (Benjamin Tissoires) [1662848 1658669]
[3.10.0-957.8.1]
- [tty] add rwsem to close race between copy_from_read_buf calls and reset_buffer_flags (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Fix stall at n_tty_receive_char_special() (Christoph von Recklinghausen) [1660815 1649343]
- [tty] audit: Fix audit source (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Fix auditing support for cannonical mode (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Fix 4096-byte canonical reads (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Remove read_cnt (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Don't wrap input buffer indices at buffer size (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Get read_cnt through accessor (Christoph von Recklinghausen) [1660815 1649343]
- [tty] Deprecate ldisc .chars_in_buffer() method (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Split n_tty_chars_in_buffer() for reader-only interface (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Line copy to user buffer in canonical mode (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Factor canonical mode copy from n_tty_read() (Christoph von Recklinghausen) [1660815 1649343]
- [tty] Make ldisc input flow control concurrency-friendly (Christoph von Recklinghausen) [1660815 1649343]
- [tty] Simplify tty buffer/ldisc interface with helper function (Christoph von Recklinghausen) [1660815 1649343]
[3.10.0-957.7.1]
- [scsi] lpfc: do not set queue->page_count to 0 if pc_sli4_params.wqpcnt is invalid (Ewan Milne) [1664067 1657981]
- [scsi] qla2xxx: Delete session for nport id change (Himanshu Madhani) [1663508 1628301]
[3.10.0-957.6.1]
- [nvme] nvme-pci: move nvme_kill_queues to nvme_remove_dead_ctrl (David Milburn) [1661947 1632440]
- ID
- ELSA-2019-0512
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2019-0512.html
- Published
-
2019-03-13T00:00:00
(5 years ago) - Modified
-
2019-03-13T00:00:00
(5 years ago) - Rights
- Copyright 2019 Oracle, Inc.
- Other Advisories
-
-
ALAS-2018-1100
-
ALAS2-2018-1100
-
ASA-201811-1
-
ASA-201811-2
-
ELSA-2019-2473
-
ELSA-2019-2736
-
ELSA-2019-4531
-
ELSA-2019-4532
-
ELSA-2019-4541
-
ELSA-2019-4575
-
ELSA-2019-4576
-
ELSA-2019-4577
-
FEDORA-2018-2ee3411cb8
-
FEDORA-2018-9f4381d8c4
-
FEDORA-2018-ec3bf1b228
-
openSUSE-SU-2019:0065-1
-
RHSA-2019:0512
-
RHSA-2019:0514
-
RHSA-2019:2473
-
RHSA-2019:2736
-
SSA:2019-030-01
-
SUSE-SU-2018:3589-1
-
SUSE-SU-2018:3593-1
-
SUSE-SU-2018:3934-1
-
SUSE-SU-2018:3961-1
-
SUSE-SU-2018:4069-1
-
SUSE-SU-2018:4072-1
-
SUSE-SU-2018:4153-1
-
SUSE-SU-2018:4154-1
-
SUSE-SU-2018:4157-1
-
SUSE-SU-2018:4158-1
-
SUSE-SU-2018:4195-1
-
SUSE-SU-2018:4196-1
-
SUSE-SU-2018:4238-1
-
SUSE-SU-2019:0148-1
-
SUSE-SU-2019:0150-1
-
SUSE-SU-2019:0196-1
-
SUSE-SU-2019:0222-1
-
SUSE-SU-2019:0224-1
-
SUSE-SU-2019:0320-1
-
SUSE-SU-2019:0439-1
-
SUSE-SU-2019:0541-1
-
SUSE-SU-2019:1289-1
-
SUSE-SU-2019:1527-1
-
SUSE-SU-2019:1532-1
-
SUSE-SU-2019:1533-1
-
SUSE-SU-2019:1534-1
-
SUSE-SU-2019:1692-1
-
USN-3821-1
-
USN-3821-2
-
USN-3832-1
-
USN-3835-1
-
USN-3847-1
-
USN-3847-2
-
USN-3847-3
-
USN-3871-1
-
USN-3871-3
-
USN-3871-4
-
USN-3871-5
-
USN-3880-1
-
USN-3880-2
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2019-0512 |
|
|
| CVE | CVE-2018-17972 |
|
|
| CVE | CVE-2018-9568 |
|
|
| CVE | CVE-2018-18445 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux |
 python-perf
|
< 3.10.0-957.10.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux |
perf
|
< 3.10.0-957.10.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 | oraclelinux |
kernel
|
< 3.10.0-957.10.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 | oraclelinux |
kernel-tools
|
< 3.10.0-957.10.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 | oraclelinux |
kernel-tools-libs
|
< 3.10.0-957.10.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 | oraclelinux |
kernel-tools-libs-devel
|
< 3.10.0-957.10.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 | oraclelinux |
kernel-headers
|
< 3.10.0-957.10.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 | oraclelinux |
kernel-doc
|
< 3.10.0-957.10.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 | oraclelinux |
kernel-devel
|
< 3.10.0-957.10.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 | oraclelinux |
kernel-debug
|
< 3.10.0-957.10.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 | oraclelinux |
kernel-debug-devel
|
< 3.10.0-957.10.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 | oraclelinux |
kernel-abi-whitelists
|
< 3.10.0-957.10.1.el7 | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-7 | oraclelinux |
bpftool
|
< 3.10.0-957.10.1.el7 | oraclelinux-7 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |