Описание
ELSA-2018-4265: Unbreakable Enterprise kernel security update (IMPORTANT)
[4.1.12-124.21.1]
- hugetlbfs: fix kernel BUG at fs/hugetlbfs/inode.c:447! (Mike Kravetz) [Orabug: 28839992]
- scsi: libsas: fix memory leak in sas_smp_get_phy_events() (Jason Yan) [Orabug: 27927687] {CVE-2018-7757}
- KVM: vmx: shadow more fields that are read/written on every vmexits (Paolo Bonzini) [Orabug: 28581045]
- vhost/scsi: Use common handling code in request queue handler (Bijan Mottahedeh) [Orabug: 28775573]
- vhost/scsi: Extract common handling code from control queue handler (Bijan Mottahedeh) [Orabug: 28775573]
- vhost/scsi: Respond to control queue operations (Bijan Mottahedeh) [Orabug: 28775573]
[4.1.12-124.20.8]
- scsi: lpfc: devloss timeout race condition caused null pointer reference (James Smart) [Orabug: 27994179]
- scsi: qla2xxx: Fix race condition between iocb timeout and initialisation (Ben Hutchings) [Orabug: 28013813]
- i40e: Add programming descriptors to cleaned_count (Alexander Duyck) [Orabug: 28228724]
- i40e: Fix memory leak related filter programming status (Alexander Duyck) [Orabug: 28228724]
- xen-swiotlb: use actually allocated size on check physical continuous (Joe Jin) [Orabug: 28258102]
- Revert 'Revert 'xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent'' (Dongli Zhang) [Orabug: 28258102]
- net/mlx4_en: fix potential use-after-free with dma_unmap_page (Sarah Newman) [Orabug: 28376051]
- ocfs2: fix ocfs2 read block panic (Junxiao Bi) [Orabug: 28580543]
- block: fix bdi vs gendisk lifetime mismatch (Dan Williams) [Orabug: 28645416]
- e1000e: Fix link check race condition (Benjamin Poirier) [Orabug: 28716958]
- Revert 'e1000e: Separate signaling for link check/link up' (Benjamin Poirier) [Orabug: 28716958]
- e1000e: Avoid missed interrupts following ICR read (Benjamin Poirier) [Orabug: 28716958]
- e1000e: Fix queue interrupt re-raising in Other interrupt (Benjamin Poirier) [Orabug: 28716958]
- Partial revert 'e1000e: Avoid receiver overrun interrupt bursts' (Benjamin Poirier) [Orabug: 28716958]
- e1000e: Remove Other from EIAC (Benjamin Poirier) [Orabug: 28716958]
- Fix error code in nfs_lookup_verify_inode() (Lance Shelton) [Orabug: 28789030]
- workqueue: Allow modifying low level unbound workqueue cpumask (Lai Jiangshan) [Orabug: 28813166]
- workqueue: Create low-level unbound workqueues cpumask (Frederic Weisbecker) [Orabug: 28813166]
- scsi: sg: mitigate read/write abuse (Jann Horn) [Orabug: 28824718] {CVE-2017-13168}
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
4.1.12-124.21.1.el6uek
kernel-uek-debug
4.1.12-124.21.1.el6uek
kernel-uek-debug-devel
4.1.12-124.21.1.el6uek
kernel-uek-devel
4.1.12-124.21.1.el6uek
kernel-uek-doc
4.1.12-124.21.1.el6uek
kernel-uek-firmware
4.1.12-124.21.1.el6uek
Oracle Linux 7
Oracle Linux x86_64
kernel-uek
4.1.12-124.21.1.el7uek
kernel-uek-debug
4.1.12-124.21.1.el7uek
kernel-uek-debug-devel
4.1.12-124.21.1.el7uek
kernel-uek-devel
4.1.12-124.21.1.el7uek
kernel-uek-doc
4.1.12-124.21.1.el7uek
kernel-uek-firmware
4.1.12-124.21.1.el7uek
Связанные CVE
Связанные уязвимости
An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233.
An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233.
An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233.
An elevation of privilege vulnerability in the kernel scsi driver. Pro ...
Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.