Описание
ELSA-2019-2473: kernel security and bug fix update (IMPORTANT)
[2.6.32-754.18.2.OL6]
- Update genkey [bug 25599697]
[2.6.32-754.18.2]
- [x86] x86/speculation: Enable Spectre v1 swapgs mitigations (Waiman Long) [1724512] {CVE-2019-1125}
- [x86] x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations (Waiman Long) [1724512] {CVE-2019-1125}
[2.6.32-754.18.1]
- [virt] xenbus: don't look up transaction IDs for ordinary writes (Vitaly Kuznetsov) [1663262]
- [virt] xenbus: don't BUG() on user mode induced condition (Vitaly Kuznetsov) [1663262]
- [virt] xenbus: Add proper handling of XS_ERROR from Xenbus for transactions (Vitaly Kuznetsov) [1663262]
- [fs] proc: restrict kernel stack dumps to root (Denys Vlasenko) [1638193] {CVE-2018-17972}
- [crypto] salsa20 - fix blkcipher_walk API usage (Bruno Eduardo de Oliveira Meneguele) [1543984]
- [mm] vmscan: do not loop on too_many_isolated for ever (Rafael Aquini) [1658254]
- [x86] spec_ctrl: Don't report the use of retpoline on Skylake as vulnerable (Waiman Long) [1666102]
- [mm] try harder to allocate vmemmap blocks (Rafael Aquini) [1591394]
- [v4l] dvb: revert spectre v1 mitigation (Josh Poimboeuf) [1647975]
- [fs] binfmt_misc.c: do not allow offset overflow (Bill O'Donnell) [1710149]
- [x86] pti: Don't use PCID and INVPCID in x86-32 (Waiman Long) [1702782]
- [mm] mincore.c: make mincore() more conservative (Rafael Aquini) [1664197] {CVE-2019-5489}
- [x86] spec: Move retp_compiler() inline function to bugs.c (Waiman Long) [1722185]
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
kernel
2.6.32-754.18.2.el6
kernel-abi-whitelists
2.6.32-754.18.2.el6
kernel-debug
2.6.32-754.18.2.el6
kernel-debug-devel
2.6.32-754.18.2.el6
kernel-devel
2.6.32-754.18.2.el6
kernel-doc
2.6.32-754.18.2.el6
kernel-firmware
2.6.32-754.18.2.el6
kernel-headers
2.6.32-754.18.2.el6
perf
2.6.32-754.18.2.el6
python-perf
2.6.32-754.18.2.el6
Oracle Linux i686
kernel
2.6.32-754.18.2.el6
kernel-abi-whitelists
2.6.32-754.18.2.el6
kernel-debug
2.6.32-754.18.2.el6
kernel-debug-devel
2.6.32-754.18.2.el6
kernel-devel
2.6.32-754.18.2.el6
kernel-doc
2.6.32-754.18.2.el6
kernel-firmware
2.6.32-754.18.2.el6
kernel-headers
2.6.32-754.18.2.el6
perf
2.6.32-754.18.2.el6
python-perf
2.6.32-754.18.2.el6
Связанные уязвимости
ELSA-2019-4541: Unbreakable Enterprise kernel security update (IMPORTANT)
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents.
An issue was discovered in the proc_pid_stack function in fs/proc/base ...