[ELSA-2019-4837] Unbreakable Enterprise kernel security update
[4.1.12-124.32.3.2]
- x86/tsx: Add config options to set tsx=on|off|auto (Michal Hocko) [Orabug: 30419233] {CVE-2019-11135}
- x86/speculation/taa: Add documentation for TSX Async Abort (Pawan Gupta) [Orabug: 30419233] {CVE-2019-11135}
- x86/tsx: Add 'auto' option to the tsx= cmdline parameter (Pawan Gupta) [Orabug: 30419233] {CVE-2019-11135}
- kvm/x86: Export MDS_NO=0 to guests when TSX is enabled (Pawan Gupta) [Orabug: 30419233] {CVE-2019-11135}
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort (Pawan Gupta) [Orabug: 30419233] {CVE-2019-11135}
- x86/speculation/taa: Add mitigation for TSX Async Abort (Kanth Ghatraju) [Orabug: 30419233] {CVE-2019-11135}
- x86/cpu: Add a 'tsx=' cmdline option with TSX disabled by default (Pawan Gupta) [Orabug: 30419233] {CVE-2019-11135}
- x86/cpu: Add a helper function x86_read_arch_cap_msr() (Pawan Gupta) [Orabug: 30419233] {CVE-2019-11135}
- x86/msr: Add the IA32_TSX_CTRL MSR (Pawan Gupta) [Orabug: 30419233] {CVE-2019-11135}
[4.1.12-124.32.3.1]
- kvm: x86: mmu: Recovery of shattered NX large pages (Junaid Shahid) [Orabug: 29967631] {CVE-2018-12207}
- kvm: Add helper function for creating VM worker threads (Junaid Shahid) [Orabug: 29967631] {CVE-2018-12207}
- kvm: mmu: ITLB_MULTIHIT mitigation (Paolo Bonzini) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: remove now unneeded hugepage gfn adjustment (Paolo Bonzini) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: make FNAME(fetch) and __direct_map more similar (Paolo Bonzini) [Orabug: 29967631] {CVE-2018-12207}
- kvm: x86: Do not release the page inside mmu_set_spte() (Junaid Shahid) [Orabug: 29967631] {CVE-2018-12207}
- x86/cpu: Add Tremont to the cpu vulnerability whitelist (Pawan Gupta) [Orabug: 29967631] {CVE-2018-12207}
- x86: Add ITLB_MULTIHIT bug infrastructure (Pawan Gupta) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: MMU: Move mapping_level_dirty_bitmap() call in mapping_level() (Takuya Yoshikawa) [Orabug: 29967631] {CVE-2018-12207}
- Revert 'KVM: x86: use the fast way to invalidate all pages' (Sean Christopherson) [Orabug: 29967631] {CVE-2018-12207}
- kvm: Convert kvm_lock to a mutex (Junaid Shahid) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: MMU: Simplify force_pt_level calculation code in FNAME(page_fault)() (Takuya Yoshikawa) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: MMU: Make force_pt_level bool (Takuya Yoshikawa) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: MMU: Remove unused parameter parent_pte from kvm_mmu_get_page() (Takuya Yoshikawa) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: extend usage of RET_MMIO_PF_* constants (Paolo Bonzini) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: MMU: Make mmu_set_spte() return emulate value (Takuya Yoshikawa) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: MMU: Move parent_pte handling from kvm_mmu_get_page() to link_shadow_page() (Takuya Yoshikawa) [Orabug: 29967631] {CVE-2018-12207}
- KVM: x86: MMU: Move initialization of parent_ptes out from kvm_mmu_alloc_page() (Takuya Yoshikawa) [Orabug: 29967631] {CVE-2018-12207}
- ID
- ELSA-2019-4837
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2019-4837.html
- Published
-
2019-11-12T00:00:00
(4 years ago) - Modified
-
2019-11-12T00:00:00
(4 years ago) - Rights
- Copyright 2019 Oracle, Inc.
- Other Advisories
-
-
ALAS-2019-1318
-
ALAS-2019-1322
-
ALAS2-2019-1364
-
ALAS2-2019-1366
-
ALPINE:CVE-2018-12207
-
ALPINE:CVE-2019-11135
-
ALSA-2020:0279
-
ASA-201911-14
-
DSA-4564-1
-
DSA-4565-1
-
DSA-4602-1
-
ELSA-2019-3832
-
ELSA-2019-3834
-
ELSA-2019-3836
-
ELSA-2019-4836
-
ELSA-2019-4838
-
ELSA-2019-4839
-
ELSA-2019-4850
-
ELSA-2019-4854
-
ELSA-2019-4855
-
ELSA-2019-4867
-
ELSA-2019-4868
-
ELSA-2020-0279
-
ELSA-2020-0366
-
FEDORA-2019-021c968423
-
FEDORA-2019-124a241044
-
FEDORA-2019-1689d3fe07
-
FEDORA-2019-2e12bd3a9a
-
FEDORA-2019-34a75d7e61
-
FEDORA-2019-376ec5c107
-
FEDORA-2019-39e97683e8
-
FEDORA-2019-3d7105bd2a
-
FEDORA-2019-68d7f68507
-
FEDORA-2019-6aad703290
-
FEDORA-2019-7a3fc17778
-
FEDORA-2019-8846a1a5a2
-
FEDORA-2019-91f6e7bb71
-
FEDORA-2019-b737d03b83
-
FEDORA-2019-b86a7bdba0
-
FEDORA-2019-cbb732f760
-
FEDORA-2020-203ffedeb5
-
FEDORA-2020-227a4c0530
-
FEDORA-2020-2a5cdd665c
-
FEDORA-2020-2d9a75fadb
-
FEDORA-2020-3cd64d683c
-
FEDORA-2020-8490989850
-
FEDORA-2020-c2d89d14d0
-
FEDORA-2020-e328697628
-
FEDORA-2020-f884f9dd7d
-
FEDORA-2020-fe00e12580
-
FREEBSD:EDC0BF7E-05A1-11EA-9DFA-F8B156AC3FF9
-
FREEBSD:FBE10A8A-05A1-11EA-9DFA-F8B156AC3FF9
-
GLSA-202003-56
-
MS:CVE-2018-12207
-
MS:CVE-2019-11135
-
openSUSE-SU-2019:2503-1
-
openSUSE-SU-2019:2504-1
-
openSUSE-SU-2019:2505-1
-
openSUSE-SU-2019:2506-1
-
openSUSE-SU-2019:2507-1
-
openSUSE-SU-2019:2509-1
-
openSUSE-SU-2019:2510-1
-
openSUSE-SU-2019:2527-1
-
openSUSE-SU-2019:2528-1
-
openSUSE-SU-2019:2710-1
-
RHSA-2019:3832
-
RHSA-2019:3833
-
RHSA-2019:3834
-
RHSA-2019:3835
-
RHSA-2019:3836
-
RHSA-2019:3936
-
RHSA-2020:0028
-
RHSA-2020:0279
-
RHSA-2020:0366
-
RLSA-2020:0279
-
SSA:2019-320-01
-
SUSE-SU-2019:2946-1
-
SUSE-SU-2019:2947-1
-
SUSE-SU-2019:2948-1
-
SUSE-SU-2019:2949-1
-
SUSE-SU-2019:2950-1
-
SUSE-SU-2019:2951-1
-
SUSE-SU-2019:2952-1
-
SUSE-SU-2019:2953-1
-
SUSE-SU-2019:2954-1
-
SUSE-SU-2019:2955-1
-
SUSE-SU-2019:2956-1
-
SUSE-SU-2019:2957-1
-
SUSE-SU-2019:2958-1
-
SUSE-SU-2019:2959-1
-
SUSE-SU-2019:2960-1
-
SUSE-SU-2019:2961-1
-
SUSE-SU-2019:2962-1
-
SUSE-SU-2019:2984-1
-
SUSE-SU-2019:2986-1
-
SUSE-SU-2019:2987-1
-
SUSE-SU-2019:2988-1
-
SUSE-SU-2019:3091-1
-
SUSE-SU-2019:3200-1
-
SUSE-SU-2019:3294-1
-
SUSE-SU-2019:3295-1
-
SUSE-SU-2019:3297-1
-
SUSE-SU-2019:3340-1
-
SUSE-SU-2019:3348-1
-
SUSE-SU-2020:0093-1
-
SUSE-SU-2020:0334-1
-
SUSE-SU-2020:0388-1
-
USN-4182-1
-
USN-4182-2
-
USN-4183-1
-
USN-4184-1
-
USN-4185-1
-
USN-4185-2
-
USN-4186-1
-
USN-4186-2
-
USN-4187-1
-
USN-4188-1
-
VMSA-2019-0020
-
XSA-304
-
XSA-305
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2019-4837 |
|
|
| CVE | CVE-2018-12207 |
|
|
| CVE | CVE-2019-11135 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux |
 kernel-uek
|
< 4.1.12-124.32.3.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux |
kernel-uek
|
< 4.1.12-124.32.3.2.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-124.32.3.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-124.32.3.2.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-124.32.3.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-124.32.3.2.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-124.32.3.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-124.32.3.2.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-124.32.3.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-124.32.3.2.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-124.32.3.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-124.32.3.2.el6uek | oraclelinux-6 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |