[ELSA-2019-1488] kernel security and bug fix update
[2.6.32-754.15.3.OL6]
- Update genkey [bug 25599697]
[2.6.32-754.15.3]
- [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719614] {CVE-2019-11479}
- [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719614] {CVE-2019-11479}
- [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719840] {CVE-2019-11478}
- [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719585] {CVE-2019-11477}
- [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719585] {CVE-2019-11477}
[2.6.32-754.15.2]
- [lib] idr: free the top layer if idr tree has the maximum height (Denys Vlasenko) [1698139] {CVE-2019-3896}
- [lib] idr: fix top layer handling (Denys Vlasenko) [1698139] {CVE-2019-3896}
- [lib] idr: fix backtrack logic in idr_remove_all (Denys Vlasenko) [1698139] {CVE-2019-3896}
[2.6.32-754.15.1]
- [x86] x86/speculation: Don't print MDS_MSG_SMT message if mds_nosmt specified (Waiman Long) [1710081 1710517]
- [x86] x86/spec_ctrl: Fix incorrect MDS handling in late microcode loading (Waiman Long) [1710081 1710517]
- [x86] x86/speculation: Fix misuse of boot_cpu_has() with bug bits (Waiman Long) [1710121]
- [x86] x86/speculation/mds: Fix documentation typo (Waiman Long) [1710517]
- [documentation] Documentation: Correct the possible MDS sysfs values (Waiman Long) [1710517]
- [x86] x86/mds: Add MDSUM variant to the MDS documentation (Waiman Long) [1710517]
- [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1710517]
- [x86] x86/speculation/mds: Fix comment (Waiman Long) [1710517]
- [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mds=full, nosmt cmdline option (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kernel] sched/smt: Provide sched_smt_active() (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Provide arch_smt_update() (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/mm: Fix compilation warning in pgtable_types.h (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
| Package | Affected Version |
|---|---|
 pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-6
|
< 2.6.32-754.15.3.el6 |
|
pkg:rpm/oraclelinux/perf?distro=oraclelinux-6
|
< 2.6.32-754.15.3.el6 |
|
pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6
|
< 2.6.32-754.15.3.el6 |
|
pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6
|
< 2.6.32-754.15.3.el6 |
|
pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6
|
< 2.6.32-754.15.3.el6 |
|
pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6
|
< 2.6.32-754.15.3.el6 |
|
pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6
|
< 2.6.32-754.15.3.el6 |
|
pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6
|
< 2.6.32-754.15.3.el6 |
|
pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6
|
< 2.6.32-754.15.3.el6 |
|
pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-6
|
< 2.6.32-754.15.3.el6 |
- ID
- ELSA-2019-1488
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2019-1488.html
- Published
-
2019-06-18T00:00:00
(5 years ago) - Modified
-
2019-06-18T00:00:00
(5 years ago) - Rights
- Copyright 2019 Oracle, Inc.
- Other Advisories
-
-
ALAS-2019-1222
-
ALAS2-2019-1222
-
ASA-201906-12
-
ASA-201906-13
-
ASA-201906-14
-
ASA-201906-15
-
DSA-4465-1
-
ELSA-2019-1479
-
ELSA-2019-1481
-
ELSA-2019-4684
-
ELSA-2019-4685
-
ELSA-2019-4686
-
ELSA-2019-4689
-
ELSA-2019-4850
-
FEDORA-2019-021c968423
-
FEDORA-2019-057d691fd4
-
FEDORA-2019-124a241044
-
FEDORA-2019-15e141c6a7
-
FEDORA-2019-1689d3fe07
-
FEDORA-2019-41e28660ae
-
FEDORA-2019-4c91a2f76e
-
FEDORA-2019-6817686c4d
-
FEDORA-2019-69c132b061
-
FEDORA-2019-6bda4c81f4
-
FEDORA-2019-6c3d89b3d0
-
FEDORA-2019-7a3fc17778
-
FEDORA-2019-7aecfe1c4b
-
FEDORA-2019-8846a1a5a2
-
FEDORA-2019-914542e05c
-
FEDORA-2019-97380355ae
-
FEDORA-2019-9d3fe6fd5b
-
FEDORA-2019-a570a92d5a
-
FEDORA-2019-a95015e60f
-
FEDORA-2019-e3010166bd
-
FEDORA-2019-e37c348348
-
FEDORA-2020-2a5cdd665c
-
FEDORA-2020-c2d89d14d0
-
FEDORA-2020-fe00e12580
-
openSUSE-SU-2019:1571-1
-
openSUSE-SU-2019:1579-1
-
RHSA-2019:1479
-
RHSA-2019:1480
-
RHSA-2019:1481
-
RHSA-2019:1486
-
RHSA-2019:1488
-
SSA:2019-169-01
-
SUSE-SU-2019:1527-1
-
SUSE-SU-2019:1529-1
-
SUSE-SU-2019:1530-1
-
SUSE-SU-2019:1532-1
-
SUSE-SU-2019:1533-1
-
SUSE-SU-2019:1534-1
-
SUSE-SU-2019:1535-1
-
SUSE-SU-2019:1536-1
-
SUSE-SU-2019:1550-1
-
SUSE-SU-2019:1581-1
-
SUSE-SU-2019:1588-1
-
SUSE-SU-2019:1668-1
-
SUSE-SU-2019:1671-1
-
SUSE-SU-2019:1674-1
-
SUSE-SU-2019:1692-1
-
SUSE-SU-2019:1851-1
-
SUSE-SU-2019:1855-1
-
SUSE-SU-2019:1882-1
-
SUSE-SU-2019:1888-1
-
SUSE-SU-2019:1889-1
-
SUSE-SU-2019:1924-1
-
SUSE-SU-2019:1935-1
-
SUSE-SU-2019:1948-1
-
SUSE-SU-2019:2069-1
-
SUSE-SU-2019:2430-1
-
SUSE-SU-2019:2450-1
-
SUSE-SU-2019:2658-1
-
SUSE-SU-2019:2756-1
-
SUSE-SU-2019:2821-1
-
SUSE-SU-2019:2950-1
-
USN-4017-1
-
USN-4017-2
-
USN-4041-1
-
USN-4041-2
-
VMSA-2019-0010.3
-
VU:905115
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2019-1488 |
|
|
| CVE | CVE-2019-11477 |
|
|
| CVE | CVE-2019-11479 |
|
|
| CVE | CVE-2019-3896 |
|
|
| CVE | CVE-2019-11478 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-6 | oraclelinux |
python-perf
|
< 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-6 | oraclelinux |
perf
|
< 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6 | oraclelinux |
kernel
|
< 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6 | oraclelinux |
kernel-headers
|
< 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6 | oraclelinux |
kernel-firmware
|
< 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6 | oraclelinux |
kernel-doc
|
< 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6 | oraclelinux |
kernel-devel
|
< 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6 | oraclelinux |
kernel-debug
|
< 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6 | oraclelinux |
kernel-debug-devel
|
< 2.6.32-754.15.3.el6 | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-6 | oraclelinux |
kernel-abi-whitelists
|
< 2.6.32-754.15.3.el6 | oraclelinux-6 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |