[ELSA-2019-3834] kernel security update
[3.10.0-1062.4.2.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
[3.10.0-1062.4.2]
- [drm] drm/i915: Lower RM timeout to avoid DSI hard hangs (Dave Airlie) [1756815 1756816] {CVE-2019-0154}
- [drm] drm/i915/gen8+: Add RC6 CTX corruption WA (Dave Airlie) [1756815 1756816] {CVE-2019-0154}
- [drm] drm/i915/cmdparser: Ignore Length operands during command matching (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915/cmdparser: Add support for backward jumps (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915/cmdparser: Use explicit goto for error paths (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915: Add gen9 BCS cmdparsing (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915: Allow parsing of unsized batches (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915: Add support for mandatory cmdparsing (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915: Remove Master tables from cmdparser (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915: Disable Secure Batches for gen6+ (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [drm] drm/i915: Rename gen7 cmdparser tables (Dave Airlie) [1756882 1756883] {CVE-2019-0155}
- [x86] tsx: Add config options to set tsx=on|off|auto (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [documentation] x86/speculation/taa: Add documentation for TSX Async Abort (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [x86] tsx: Add 'auto' option to the tsx= cmdline parameter (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [x86] speculation/taa: Add sysfs reporting for TSX Async Abort (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [x86] speculation/taa: Add mitigation for TSX Async Abort (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [x86] cpu: Add a 'tsx=' cmdline option with TSX disabled by default (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [x86] cpu: Add a helper function x86_read_arch_cap_msr() (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [x86] msr: Add the IA32_TSX_CTRL MSR (Waiman Long) [1766539 1766540] {CVE-2019-11135}
- [documentation] documentation: Add ITLB_MULTIHIT documentation (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: x86: mmu: Recovery of shattered NX large pages (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [virt] kvm: Add helper function for creating VM worker threads (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: mmu: ITLB_MULTIHIT mitigation (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [kernel] cpu/speculation: Uninline and export CPU mitigations helpers (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] cpu: Add Tremont to the cpu vulnerability whitelist (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] Add ITLB_MULTIHIT bug infrastructure (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: x86: add tracepoints around __direct_map and FNAME(fetch) (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: x86: remove now unneeded hugepage gfn adjustment (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: x86: make FNAME(fetch) and __direct_map more similar (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: mmu: Do not release the page inside mmu_set_spte() (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: x86: mmu: Remove unused parameter of __direct_map() (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [virt] kvm: Convert kvm_lock to a mutex (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [x86] kvm: mmu: drop vcpu param in gpte_access (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- [virt] kvm: x86, powerpc: do not allow clearing largepages debugfs entry (Paolo Bonzini) [1733009 1690343] {CVE-2018-12207}
- ID
- ELSA-2019-3834
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2019-3834.html
- Published
-
2019-11-14T00:00:00
(4 years ago) - Modified
-
2019-11-14T00:00:00
(4 years ago) - Rights
- Copyright 2019 Oracle, Inc.
- Other Advisories
-
- ALAS-2019-1318
- ALAS-2019-1322
- ALAS2-2019-1364
- ALAS2-2019-1366
- ALPINE:CVE-2018-12207
- ALPINE:CVE-2019-11135
- ALSA-2020:0279
- ASA-201911-14
- DSA-4564-1
- DSA-4565-1
- DSA-4602-1
- ELSA-2019-3832
- ELSA-2019-3836
- ELSA-2019-4836
- ELSA-2019-4837
- ELSA-2019-4838
- ELSA-2019-4839
- ELSA-2019-4850
- ELSA-2019-4854
- ELSA-2019-4855
- ELSA-2019-4867
- ELSA-2019-4868
- ELSA-2020-0279
- ELSA-2020-0366
- ELSA-2020-5533
- FEDORA-2019-021c968423
- FEDORA-2019-124a241044
- FEDORA-2019-1689d3fe07
- FEDORA-2019-2e12bd3a9a
- FEDORA-2019-34a75d7e61
- FEDORA-2019-376ec5c107
- FEDORA-2019-39e97683e8
- FEDORA-2019-3d7105bd2a
- FEDORA-2019-68d7f68507
- FEDORA-2019-6aad703290
- FEDORA-2019-7a3fc17778
- FEDORA-2019-8846a1a5a2
- FEDORA-2019-91f6e7bb71
- FEDORA-2019-b737d03b83
- FEDORA-2019-b86a7bdba0
- FEDORA-2019-cbb732f760
- FEDORA-2020-203ffedeb5
- FEDORA-2020-227a4c0530
- FEDORA-2020-2a5cdd665c
- FEDORA-2020-2d9a75fadb
- FEDORA-2020-3cd64d683c
- FEDORA-2020-8490989850
- FEDORA-2020-c2d89d14d0
- FEDORA-2020-e328697628
- FEDORA-2020-f884f9dd7d
- FEDORA-2020-fe00e12580
- FREEBSD:ECB7FDEC-0B82-11EA-874D-0C9D925BBBC0
- FREEBSD:EDC0BF7E-05A1-11EA-9DFA-F8B156AC3FF9
- FREEBSD:FBE10A8A-05A1-11EA-9DFA-F8B156AC3FF9
- GLSA-202003-56
- MS:CVE-2018-12207
- MS:CVE-2019-11135
- openSUSE-SU-2019:2503-1
- openSUSE-SU-2019:2504-1
- openSUSE-SU-2019:2505-1
- openSUSE-SU-2019:2506-1
- openSUSE-SU-2019:2507-1
- openSUSE-SU-2019:2509-1
- openSUSE-SU-2019:2510-1
- openSUSE-SU-2019:2527-1
- openSUSE-SU-2019:2528-1
- openSUSE-SU-2019:2710-1
- RHSA-2019:3832
- RHSA-2019:3833
- RHSA-2019:3834
- RHSA-2019:3835
- RHSA-2019:3836
- RHSA-2019:3936
- RHSA-2020:0028
- RHSA-2020:0279
- RHSA-2020:0366
- RLSA-2020:0279
- SSA:2019-320-01
- SUSE-SU-2019:2946-1
- SUSE-SU-2019:2947-1
- SUSE-SU-2019:2948-1
- SUSE-SU-2019:2949-1
- SUSE-SU-2019:2950-1
- SUSE-SU-2019:2951-1
- SUSE-SU-2019:2952-1
- SUSE-SU-2019:2953-1
- SUSE-SU-2019:2954-1
- SUSE-SU-2019:2955-1
- SUSE-SU-2019:2956-1
- SUSE-SU-2019:2957-1
- SUSE-SU-2019:2958-1
- SUSE-SU-2019:2959-1
- SUSE-SU-2019:2960-1
- SUSE-SU-2019:2961-1
- SUSE-SU-2019:2962-1
- SUSE-SU-2019:2984-1
- SUSE-SU-2019:2986-1
- SUSE-SU-2019:2987-1
- SUSE-SU-2019:2988-1
- SUSE-SU-2019:3091-1
- SUSE-SU-2019:3200-1
- SUSE-SU-2019:3289-1
- SUSE-SU-2019:3294-1
- SUSE-SU-2019:3295-1
- SUSE-SU-2019:3297-1
- SUSE-SU-2019:3316-1
- SUSE-SU-2019:3317-1
- SUSE-SU-2019:3340-1
- SUSE-SU-2019:3348-1
- SUSE-SU-2019:3372-1
- SUSE-SU-2020:0093-1
- SUSE-SU-2020:0334-1
- SUSE-SU-2020:0388-1
- USN-4182-1
- USN-4182-2
- USN-4183-1
- USN-4184-1
- USN-4185-1
- USN-4185-2
- USN-4186-1
- USN-4186-2
- USN-4187-1
- USN-4188-1
- VMSA-2019-0020
- XSA-304
- XSA-305
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2019-3834 | http://linux.oracle.com/errata/ELSA-2019-3834.html | |
CVE | CVE-2018-12207 | http://linux.oracle.com/cve/CVE-2018-12207.html | |
CVE | CVE-2019-11135 | http://linux.oracle.com/cve/CVE-2019-11135.html | |
CVE | CVE-2019-0154 | http://linux.oracle.com/cve/CVE-2019-0154.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux | python-perf | < 3.10.0-1062.4.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux | perf | < 3.10.0-1062.4.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 | oraclelinux | kernel | < 3.10.0-1062.4.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 | oraclelinux | kernel-tools | < 3.10.0-1062.4.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs | < 3.10.0-1062.4.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs-devel | < 3.10.0-1062.4.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 | oraclelinux | kernel-headers | < 3.10.0-1062.4.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 | oraclelinux | kernel-doc | < 3.10.0-1062.4.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 | oraclelinux | kernel-devel | < 3.10.0-1062.4.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 | oraclelinux | kernel-debug | < 3.10.0-1062.4.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-debug-devel | < 3.10.0-1062.4.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 | oraclelinux | kernel-abi-whitelists | < 3.10.0-1062.4.2.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-7 | oraclelinux | bpftool | < 3.10.0-1062.4.2.el7 | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |