[ELSA-2019-1488] kernel security and bug fix update
[2.6.32-754.15.3.OL6]
- Update genkey [bug 25599697]
[2.6.32-754.15.3]
- [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719614] {CVE-2019-11479}
- [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719614] {CVE-2019-11479}
- [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719840] {CVE-2019-11478}
- [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719585] {CVE-2019-11477}
- [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719585] {CVE-2019-11477}
[2.6.32-754.15.2]
- [lib] idr: free the top layer if idr tree has the maximum height (Denys Vlasenko) [1698139] {CVE-2019-3896}
- [lib] idr: fix top layer handling (Denys Vlasenko) [1698139] {CVE-2019-3896}
- [lib] idr: fix backtrack logic in idr_remove_all (Denys Vlasenko) [1698139] {CVE-2019-3896}
[2.6.32-754.15.1]
- [x86] x86/speculation: Don't print MDS_MSG_SMT message if mds_nosmt specified (Waiman Long) [1710081 1710517]
- [x86] x86/spec_ctrl: Fix incorrect MDS handling in late microcode loading (Waiman Long) [1710081 1710517]
- [x86] x86/speculation: Fix misuse of boot_cpu_has() with bug bits (Waiman Long) [1710121]
- [x86] x86/speculation/mds: Fix documentation typo (Waiman Long) [1710517]
- [documentation] Documentation: Correct the possible MDS sysfs values (Waiman Long) [1710517]
- [x86] x86/mds: Add MDSUM variant to the MDS documentation (Waiman Long) [1710517]
- [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1710517]
- [x86] x86/speculation/mds: Fix comment (Waiman Long) [1710517]
- [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mds=full, nosmt cmdline option (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kernel] sched/smt: Provide sched_smt_active() (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Provide arch_smt_update() (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/mm: Fix compilation warning in pgtable_types.h (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-6 | < 2.6.32-754.15.3.el6 |
pkg:rpm/oraclelinux/perf?distro=oraclelinux-6 | < 2.6.32-754.15.3.el6 |
pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6 | < 2.6.32-754.15.3.el6 |
pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6 | < 2.6.32-754.15.3.el6 |
pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6 | < 2.6.32-754.15.3.el6 |
pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6 | < 2.6.32-754.15.3.el6 |
pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6 | < 2.6.32-754.15.3.el6 |
pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6 | < 2.6.32-754.15.3.el6 |
pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6 | < 2.6.32-754.15.3.el6 |
pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-6 | < 2.6.32-754.15.3.el6 |
- ID
- ELSA-2019-1488
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2019-1488.html
- Published
-
2019-06-18T00:00:00
(5 years ago) - Modified
-
2019-06-18T00:00:00
(5 years ago) - Rights
- Copyright 2019 Oracle, Inc.
- Other Advisories
-
- ALAS-2019-1222
- ALAS2-2019-1222
- ASA-201906-12
- ASA-201906-13
- ASA-201906-14
- ASA-201906-15
- DSA-4465-1
- ELSA-2019-1479
- ELSA-2019-1481
- ELSA-2019-4684
- ELSA-2019-4685
- ELSA-2019-4686
- ELSA-2019-4689
- ELSA-2019-4850
- FEDORA-2019-021c968423
- FEDORA-2019-057d691fd4
- FEDORA-2019-124a241044
- FEDORA-2019-15e141c6a7
- FEDORA-2019-1689d3fe07
- FEDORA-2019-41e28660ae
- FEDORA-2019-4c91a2f76e
- FEDORA-2019-6817686c4d
- FEDORA-2019-69c132b061
- FEDORA-2019-6bda4c81f4
- FEDORA-2019-6c3d89b3d0
- FEDORA-2019-7a3fc17778
- FEDORA-2019-7aecfe1c4b
- FEDORA-2019-8846a1a5a2
- FEDORA-2019-914542e05c
- FEDORA-2019-97380355ae
- FEDORA-2019-9d3fe6fd5b
- FEDORA-2019-a570a92d5a
- FEDORA-2019-a95015e60f
- FEDORA-2019-e3010166bd
- FEDORA-2019-e37c348348
- FEDORA-2020-2a5cdd665c
- FEDORA-2020-c2d89d14d0
- FEDORA-2020-fe00e12580
- openSUSE-SU-2019:1571-1
- openSUSE-SU-2019:1579-1
- RHSA-2019:1479
- RHSA-2019:1480
- RHSA-2019:1481
- RHSA-2019:1486
- RHSA-2019:1488
- SSA:2019-169-01
- SUSE-SU-2019:1527-1
- SUSE-SU-2019:1529-1
- SUSE-SU-2019:1530-1
- SUSE-SU-2019:1532-1
- SUSE-SU-2019:1533-1
- SUSE-SU-2019:1534-1
- SUSE-SU-2019:1535-1
- SUSE-SU-2019:1536-1
- SUSE-SU-2019:1550-1
- SUSE-SU-2019:1581-1
- SUSE-SU-2019:1588-1
- SUSE-SU-2019:1668-1
- SUSE-SU-2019:1671-1
- SUSE-SU-2019:1674-1
- SUSE-SU-2019:1692-1
- SUSE-SU-2019:1851-1
- SUSE-SU-2019:1855-1
- SUSE-SU-2019:1882-1
- SUSE-SU-2019:1888-1
- SUSE-SU-2019:1889-1
- SUSE-SU-2019:1924-1
- SUSE-SU-2019:1935-1
- SUSE-SU-2019:1948-1
- SUSE-SU-2019:2069-1
- SUSE-SU-2019:2430-1
- SUSE-SU-2019:2450-1
- SUSE-SU-2019:2658-1
- SUSE-SU-2019:2756-1
- SUSE-SU-2019:2821-1
- SUSE-SU-2019:2950-1
- USN-4017-1
- USN-4017-2
- USN-4041-1
- USN-4041-2
- VMSA-2019-0010.3
- VU:905115
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2019-1488 | http://linux.oracle.com/errata/ELSA-2019-1488.html | |
CVE | CVE-2019-11477 | http://linux.oracle.com/cve/CVE-2019-11477.html | |
CVE | CVE-2019-11479 | http://linux.oracle.com/cve/CVE-2019-11479.html | |
CVE | CVE-2019-3896 | http://linux.oracle.com/cve/CVE-2019-3896.html | |
CVE | CVE-2019-11478 | http://linux.oracle.com/cve/CVE-2019-11478.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-6 | oraclelinux | python-perf | < 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-6 | oraclelinux | perf | < 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6 | oraclelinux | kernel | < 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6 | oraclelinux | kernel-headers | < 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6 | oraclelinux | kernel-firmware | < 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6 | oraclelinux | kernel-doc | < 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6 | oraclelinux | kernel-devel | < 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6 | oraclelinux | kernel-debug | < 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6 | oraclelinux | kernel-debug-devel | < 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-6 | oraclelinux | kernel-abi-whitelists | < 2.6.32-754.15.3.el6 | oraclelinux-6 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |