Описание
ELSA-2020-5526: Unbreakable Enterprise kernel security update (IMPORTANT)
[4.14.35-1902.10.4.el7uek]
- kvm: Don't reference vcpu->arch.st in arch-independent code (Boris Ostrovsky) [Orabug: 30489861]
- kvm: fix compile on s390 part 2 (Christian Borntraeger) [Orabug: 30489861]
- kvm: fix compilation on s390 (Paolo Bonzini) [Orabug: 30489861]
- kvm: fix compilation on aarch64 (Paolo Bonzini) [Orabug: 30489861]
[4.14.35-1902.10.3.el7uek]
- x86/KVM: Clean up host's steal time structure (Boris Ostrovsky) [Orabug: 30489861] {CVE-2019-3016} {CVE-2019-3016}
- x86/KVM: Make sure KVM_VCPU_FLUSH_TLB flag is not missed (Boris Ostrovsky) [Orabug: 30489861] {CVE-2019-3016} {CVE-2019-3016}
- x86/kvm: Cache gfn to pfn translation (Boris Ostrovsky) [Orabug: 30489861] {CVE-2019-3016} {CVE-2019-3016}
- x86/kvm: Introduce kvm_(un)map_gfn() (Boris Ostrovsky) [Orabug: 30489861] {CVE-2019-3016} {CVE-2019-3016}
- x86/kvm: Be careful not to clear KVM_VCPU_FLUSH_TLB bit (Boris Ostrovsky) [Orabug: 30489861] {CVE-2019-3016} {CVE-2019-3016}
- KVM: Properly check if page is valid in kvm_vcpu_unmap (KarimAllah Ahmed) [Orabug: 30489861]
- KVM: Introduce a new guest mapping API (KarimAllah Ahmed) [Orabug: 30489861]
- KVM: x86: svm: make sure NMI is injected after nmi_singlestep (Vitaly Kuznetsov) [Orabug: 30714532]
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
kernel-uek
4.14.35-1902.10.4.el7uek
kernel-uek-debug
4.14.35-1902.10.4.el7uek
kernel-uek-debug-devel
4.14.35-1902.10.4.el7uek
kernel-uek-devel
4.14.35-1902.10.4.el7uek
kernel-uek-headers
4.14.35-1902.10.4.el7uek
kernel-uek-tools
4.14.35-1902.10.4.el7uek
kernel-uek-tools-libs
4.14.35-1902.10.4.el7uek
kernel-uek-tools-libs-devel
4.14.35-1902.10.4.el7uek
perf
4.14.35-1902.10.4.el7uek
python-perf
4.14.35-1902.10.4.el7uek
Oracle Linux x86_64
kernel-uek
4.14.35-1902.10.4.el7uek
kernel-uek-debug
4.14.35-1902.10.4.el7uek
kernel-uek-debug-devel
4.14.35-1902.10.4.el7uek
kernel-uek-devel
4.14.35-1902.10.4.el7uek
kernel-uek-doc
4.14.35-1902.10.4.el7uek
kernel-uek-tools
4.14.35-1902.10.4.el7uek
Связанные CVE
Связанные уязвимости
ELSA-2020-5528: Unbreakable Enterprise kernel security update (IMPORTANT)
ELSA-2020-5533: Unbreakable Enterprise kernel security update (IMPORTANT)
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out.
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out.
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out.