[ELSA-2019-4708] Unbreakable Enterprise kernel security update

Severity Important

Affected Packages 11

CVEs 1

[4.14.35-1902.3.1]
- x86/platform/UV: Mark tsc_check_sync as an init function (mike.travis@hpe.com) [Orabug: 29701029]
- mm, page_alloc: check for max order in hot path (Michal Hocko) [Orabug: 29924411]
- net/mlx5: FW tracer, Enable tracing (Feras Daoud) [Orabug: 29717200]
- net/mlx5: FW tracer, parse traces and kernel tracing support (Feras Daoud) [Orabug: 29717200]
- net/mlx5: FW tracer, events handling (Feras Daoud) [Orabug: 29717200]
- net/mlx5: FW tracer, register log buffer memory key (Saeed Mahameed) [Orabug: 29717200]
- net/mlx5: FW tracer, create trace buffer and copy strings database (Feras Daoud) [Orabug: 29717200]
- net/mlx5: FW tracer, implement tracer logic (Feras Daoud) [Orabug: 29717200]
- net/mlx5: FW tracer, add hardware structures (Feras Daoud) [Orabug: 29717200]
- net/mlx5: Mkey creation command adjustments (Ariel Levkovich) [Orabug: 29717200]
- rds: Incorrect locking in rds_tcp_conn_path_shutdown() (Ka-Cheong Poon) [Orabug: 29814108]
- rds: Add per namespace RDS/TCP accept work queue (Ka-Cheong Poon) [Orabug: 29814108]
- rds: ib: Fix dereference of conn when NULL and cleanup thereof (Hakon Bugge) [Orabug: 29924845]
- AMD: Change CONFIG_EDAC_DECODE_MCE to built-in (George Kennedy) [Orabug: 29926109]
- watchdog: sp5100_tco: Add support for recent FCH versions (Guenter Roeck) [Orabug: 29933621]
- watchdog: sp5100-tco: Abort if watchdog is disabled by hardware (Guenter Roeck) [Orabug: 29933621]
- watchdog: sp5100_tco: Use bit operations (Guenter Roeck) [Orabug: 29933621]
- watchdog: sp5100_tco: Convert to use watchdog subsystem (Guenter Roeck) [Orabug: 29933621]
- watchdog: sp5100_tco: Clean up function and variable names (Guenter Roeck) [Orabug: 29933621]
- watchdog: sp5100_tco: Use dev_ print functions where possible (Guenter Roeck) [Orabug: 29933621]
- watchdog: sp5100_tco: Match PCI device early (Guenter Roeck) [Orabug: 29933621]
- watchdog: sp5100_tco: Clean up sp5100_tco_setupdevice (Guenter Roeck) [Orabug: 29933621]
- watchdog: sp5100_tco: Use standard error codes (Guenter Roeck) [Orabug: 29933621]
- watchdog: sp5100_tco: Use request_muxed_region where possible (Guenter Roeck) [Orabug: 29933621]
- watchdog: sp5100_tco: Always use SP5100_IO_PM_{INDEX_REG,DATA_REG} (Guenter Roeck) [Orabug: 29933621]
- i2c: piix4: Use request_muxed_region (Guenter Roeck) [Orabug: 29933621]
- i2c: piix4: Use usleep_range() (Guenter Roeck) [Orabug: 29933621]
- i2c: piix4: Fix port number check on release (Jean Delvare) [Orabug: 29933621]
- scsi: smartpqi: correct lun reset issues (Kevin Barnett) [Orabug: 29939095]

[4.14.35-1902.3.0]
- nvme.h: fixup ANA group descriptor format (Hannes Reinecke) [Orabug: 29750813]
- nvme: validate cntlid during controller initialisation (Christoph Hellwig) [Orabug: 29750813]
- nvme: change locking for the per-subsystem controller list (Christoph Hellwig) [Orabug: 29750813]
- net/mlx5e: Disable ODP capability advertizing and close kernel ODP flows (Qing Huang) [Orabug: 29786503]
- EDAC/amd64: Adjust printed chip select sizes when interleaved (Yazen Ghannam) [Orabug: 29861840]
- EDAC/amd64: Support more than two controllers for chip select handling (Yazen Ghannam) [Orabug: 29861840]
- EDAC/amd64: Recognize x16 symbol size (Yazen Ghannam) [Orabug: 29861840]
- EDAC/amd64: Set maximum channel layer size depending on family (Yazen Ghannam) [Orabug: 29861840]
- EDAC/amd64: Support more than two Unified Memory Controllers (Yazen Ghannam) [Orabug: 29861840]
- EDAC/amd64: Use a macro for iterating over Unified Memory Controllers (Yazen Ghannam) [Orabug: 29861840]
- EDAC/amd64: Add Family 17h Model 30h PCI IDs (Yazen Ghannam) [Orabug: 29861840]
- EDAC, amd64: Add Family 17h, models 10h-2fh support (Michael Jin) [Orabug: 29861840]
- libnvdimm/namespace: Fix label tracking error (Dan Williams) [Orabug: 29839902]
- fork: record start_time late (David Herrmann) [Orabug: 29850579] {CVE-2019-6133}
- IB/mlx5: Removed an empty file introduced by Mellanox backport (Qing Huang) [Orabug: 29891479]
- config: enable PSI (Tom Hromatka) [Orabug: 29896487]
- net/mlx5: Set FW pre-init timeout to 120k (Yuval Shaia) [Orabug: 29906258]

Package	Affected Version
pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7	< 4.14.35-1902.3.1.el7uek
pkg:rpm/oraclelinux/perf?distro=oraclelinux-7	< 4.14.35-1902.3.1.el7uek
pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7	< 4.14.35-1902.3.1.el7uek
pkg:rpm/oraclelinux/kernel-uek-tools?distro=oraclelinux-7	< 4.14.35-1902.3.1.el7uek
pkg:rpm/oraclelinux/kernel-uek-tools-libs?distro=oraclelinux-7	< 4.14.35-1902.3.1.el7uek
pkg:rpm/oraclelinux/kernel-uek-tools-libs-devel?distro=oraclelinux-7	< 4.14.35-1902.3.1.el7uek
pkg:rpm/oraclelinux/kernel-uek-headers?distro=oraclelinux-7	< 4.14.35-1902.3.1.el7uek
pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7	< 4.14.35-1902.3.1.el7uek
pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7	< 4.14.35-1902.3.1.el7uek
pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7	< 4.14.35-1902.3.1.el7uek
pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7	< 4.14.35-1902.3.1.el7uek

ID

ELSA-2019-4708

Severity

important

URL

https://linux.oracle.com/errata/ELSA-2019-4708.html

Published

2019-07-07T00:00:00
(5 years ago)

Modified

2019-07-07T00:00:00
(5 years ago)

Rights

Other Advisories

Source	# ID	Name	URL
elsa	ELSA-2019-4708		http://linux.oracle.com/errata/ELSA-2019-4708.html
CVE	CVE-2019-6133		http://linux.oracle.com/cve/CVE-2019-6133.html

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7	oraclelinux	python-perf	< 4.14.35-1902.3.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/perf?distro=oraclelinux-7	oraclelinux	perf	< 4.14.35-1902.3.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7	oraclelinux	kernel-uek	< 4.14.35-1902.3.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-tools?distro=oraclelinux-7	oraclelinux	kernel-uek-tools	< 4.14.35-1902.3.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-tools-libs?distro=oraclelinux-7	oraclelinux	kernel-uek-tools-libs	< 4.14.35-1902.3.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-tools-libs-devel?distro=oraclelinux-7	oraclelinux	kernel-uek-tools-libs-devel	< 4.14.35-1902.3.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-headers?distro=oraclelinux-7	oraclelinux	kernel-uek-headers	< 4.14.35-1902.3.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7	oraclelinux	kernel-uek-doc	< 4.14.35-1902.3.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7	oraclelinux	kernel-uek-devel	< 4.14.35-1902.3.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7	oraclelinux	kernel-uek-debug	< 4.14.35-1902.3.1.el7uek	oraclelinux-7
Affected	pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7	oraclelinux	kernel-uek-debug-devel	< 4.14.35-1902.3.1.el7uek	oraclelinux-7

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date