Описание
ELSA-2019-4531: Unbreakable Enterprise kernel security update (IMPORTANT)
[4.1.12-124.25.1]
- x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (Tom Lendacky) [Orabug: 28870524] {CVE-2018-3639}
- x86/bugs: Add AMD's SPEC_CTRL MSR usage (Konrad Rzeszutek Wilk) [Orabug: 28870524] {CVE-2018-3639}
- x86/cpufeatures: rename X86_FEATURE_AMD_SSBD to X86_FEATURE_LS_CFG_SSBD (Mihai Carabas) [Orabug: 28870524] {CVE-2018-3639}
- Make file credentials available to the seqfile interfaces (Linus Torvalds) [Orabug: 29114879] {CVE-2018-17972}
- proc: restrict kernel stack dumps to root (Jann Horn) [Orabug: 29114879] {CVE-2018-17972}
- x86/speculation: Clean up retpoline code in bugs.c (Alejandro Jimenez) [Orabug: 29211617]
- x86, modpost: Replace last remnants of RETPOLINE with CONFIG_RETPOLINE (WANG Chao) [Orabug: 29211617]
- x86/build: Fix compiler support check for CONFIG_RETPOLINE (Masahiro Yamada) [Orabug: 29211617]
- x86/retpoline: Remove minimal retpoline support (Zhenzhong Duan) [Orabug: 29211617]
- x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support (Zhenzhong Duan) [Orabug: 29211617]
- nl80211: check for the required netlink attributes presence (Vladis Dronov) [Orabug: 29245533] {CVE-2017-12153} {CVE-2017-12153}
- scsi: lpfc: Fix PT2PT PRLI reject (reapply patch) (James Smart) [Orabug: 29281346]
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
4.1.12-124.25.1.el6uek
kernel-uek-debug
4.1.12-124.25.1.el6uek
kernel-uek-debug-devel
4.1.12-124.25.1.el6uek
kernel-uek-devel
4.1.12-124.25.1.el6uek
kernel-uek-doc
4.1.12-124.25.1.el6uek
kernel-uek-firmware
4.1.12-124.25.1.el6uek
Oracle Linux 7
Oracle Linux x86_64
kernel-uek
4.1.12-124.25.1.el7uek
kernel-uek-debug
4.1.12-124.25.1.el7uek
kernel-uek-debug-devel
4.1.12-124.25.1.el7uek
kernel-uek-devel
4.1.12-124.25.1.el7uek
kernel-uek-doc
4.1.12-124.25.1.el7uek
kernel-uek-firmware
4.1.12-124.25.1.el7uek
Связанные CVE
Связанные уязвимости
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
Systems with microprocessors utilizing speculative execution and specu ...
A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.