1. Home
  2. Security Advisories
  3. Oracle Linux
  4. ELSA-2019-3836

[ELSA-2019-3836] kernel security and bug fix update

Severity Important
Affected Packages 10
CVEs 4
Info Packages References Vulnerabilities

[2.6.32-754.24.2.OL6]
- Update genkey [bug 25599697]

[2.6.32-754.24.2]
- [documentation] Documentation: Add ITLB_MULTIHIT documentation (Paolo Bonzini) [1692385] {CVE-2018-12207}
- [kvm] KVM: introduce no_huge_pages module parameter (Paolo Bonzini) [1692385] {CVE-2018-12207}
- [x86] x86: Add ITLB_MULTIHIT bug infrastructure (Paolo Bonzini) [1692385] {CVE-2018-12207}
- [x86] x86/spec_ctrl/taa: Enable TAA status change after late microcode (Waiman Long) [1766531] {CVE-2019-11135}
- [documentation] x86/speculation/taa: Add documentation for TSX Async Abort (Waiman Long) [1766531] {CVE-2019-11135}
- [base] x86/speculation/taa: Add sysfs reporting for TSX Async Abort (Waiman Long) [1766531] {CVE-2019-11135}
- [x86] x86/speculation/taa: Add mitigation for TSX Async Abort (Waiman Long) [1766531] {CVE-2019-11135}
- [x86] x86/cpu: Add a helper function x86_read_arch_cap_msr() (Waiman Long) [1766531] {CVE-2019-11135}
- [x86] x86/msr: Add the IA32_TSX_CTRL MSR (Waiman Long) [1766531] {CVE-2019-11135}
- [drm] drm/i915: Lower RM timeout to avoid DSI hard hangs (Dave Airlie) [1756824] {CVE-2019-0154}
- [drm] drm/i915/gen8+: Add RC6 CTX corruption WA (Dave Airlie) [1756824] {CVE-2019-0154}
- [drm] drm/i915/cmdparser: Ignore Length operands during command matching (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915/cmdparser: Add support for backward jumps (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Add gen9 BCS cmdparsing (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Allow parsing of unsized batches (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Add support for mandatory cmdparsing (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Remove Master tables from cmdparser (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Disable Secure Batches for gen6+ (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Rename gen7 cmdparser tables (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915/gtt: Disable read-only support under GVT (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] erm/i915/gtt: Read-only pages for insert_entries on bdw+ (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915/gtt: Add read only pages to gen8_pte_encode (Dave Airlie) [1756891] {CVE-2019-0155}

[2.6.32-754.24.1]
- [net] ip: Don't leak head fragment on queue timeout (Stefano Brivio) [1752536]
- [vhost] vhost_net: fix possible infinite loop (Eugenio Perez) [1702941]
- [vhost] vhost: introduce vhost_exceeds_weight() (Eugenio Perez) [1702941]
- [vhost] vhost_net: introduce vhost_exceeds_weight() (Eugenio Perez) [1702941]
- [vhost] vhost_net: use packet weight for rx handler, too (Eugenio Perez) [1702941]
- [vhost] vhost-net: set packet weight of tx polling to 2 * vq size (Eugenio Perez) [1702941]
- [x86] x86/pti: Fix incorrect global bit setting with PTI on (Waiman Long) [1645724]
- [x86] spec_ctrl: disable IBRS in idle, part 2 (Rafael Aquini) [1560787]

Package Affected Version
pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-6 < 2.6.32-754.24.2.el6
pkg:rpm/oraclelinux/perf?distro=oraclelinux-6 < 2.6.32-754.24.2.el6
pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6 < 2.6.32-754.24.2.el6
pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6 < 2.6.32-754.24.2.el6
pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6 < 2.6.32-754.24.2.el6
pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6 < 2.6.32-754.24.2.el6
pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6 < 2.6.32-754.24.2.el6
pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6 < 2.6.32-754.24.2.el6
pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6 < 2.6.32-754.24.2.el6
pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-6 < 2.6.32-754.24.2.el6
ID
ELSA-2019-3836
Severity
important
URL
https://linux.oracle.com/errata/ELSA-2019-3836.html
Published
2019-11-13T00:00:00
(4 years ago)
Modified
2019-11-13T00:00:00
(4 years ago)
Rights
Copyright 2019 Oracle, Inc.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-6 oraclelinux python-perf < 2.6.32-754.24.2.el6 oraclelinux-6
Affected pkg:rpm/oraclelinux/perf?distro=oraclelinux-6 oraclelinux perf < 2.6.32-754.24.2.el6 oraclelinux-6
Affected pkg:rpm/oraclelinux/kernel?distro=oraclelinux-6 oraclelinux kernel < 2.6.32-754.24.2.el6 oraclelinux-6
Affected pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-6 oraclelinux kernel-headers < 2.6.32-754.24.2.el6 oraclelinux-6
Affected pkg:rpm/oraclelinux/kernel-firmware?distro=oraclelinux-6 oraclelinux kernel-firmware < 2.6.32-754.24.2.el6 oraclelinux-6
Affected pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-6 oraclelinux kernel-doc < 2.6.32-754.24.2.el6 oraclelinux-6
Affected pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-6 oraclelinux kernel-devel < 2.6.32-754.24.2.el6 oraclelinux-6
Affected pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-6 oraclelinux kernel-debug < 2.6.32-754.24.2.el6 oraclelinux-6
Affected pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-6 oraclelinux kernel-debug-devel < 2.6.32-754.24.2.el6 oraclelinux-6
Affected pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-6 oraclelinux kernel-abi-whitelists < 2.6.32-754.24.2.el6 oraclelinux-6
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date