Описание
ELSA-2020-5535: Unbreakable Enterprise kernel security update (IMPORTANT)
[4.1.12-124.36.1]
- iscsi-target: graceful disconnect on invalid mapping to iovec (Imran Haider) [Orabug: 30459537]
- x86/microcode: Issue update message only once (Borislav Petkov) [Orabug: 30528904]
- x86/microcode/intel: Issue the revision updated message only on the BSP (Borislav Petkov) [Orabug: 30528904]
- KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) (Paolo Bonzini) [Orabug: 30658695] {CVE-2019-19332}
- rtlwifi: Fix potential overflow on P2P code (Laura Abbott) [Orabug: 30807748] {CVE-2019-17666}
[4.1.12-124.35.5]
- x86: microcode: propagate return value to siblings (Mihai Carabas) [Orabug: 30557086]
- x86/bugs: TSX not disabled at late loading (Mihai Carabas) [Orabug: 30557086]
- mlx5: lock mlx5_core to prevent module unload (Brian Maly) [Orabug: 30566775]
- rds: RDS/TCP does not initiate a connection (Ka-Cheong Poon) [Orabug: 30576433]
- x86: bugs: replace static_ with boot_ for CPU bugs mitigations (Mihai Carabas) [Orabug: 30649400]
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
4.1.12-124.36.1.el6uek
kernel-uek-debug
4.1.12-124.36.1.el6uek
kernel-uek-debug-devel
4.1.12-124.36.1.el6uek
kernel-uek-devel
4.1.12-124.36.1.el6uek
kernel-uek-doc
4.1.12-124.36.1.el6uek
kernel-uek-firmware
4.1.12-124.36.1.el6uek
Oracle Linux 7
Oracle Linux x86_64
kernel-uek
4.1.12-124.36.1.el7uek
kernel-uek-debug
4.1.12-124.36.1.el7uek
kernel-uek-debug-devel
4.1.12-124.36.1.el7uek
kernel-uek-devel
4.1.12-124.36.1.el7uek
kernel-uek-doc
4.1.12-124.36.1.el7uek
kernel-uek-firmware
4.1.12-124.36.1.el7uek
Связанные CVE
Связанные уязвимости
ELSA-2020-5533: Unbreakable Enterprise kernel security update (IMPORTANT)
An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.
An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.
An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.
An out-of-bounds memory write issue was found in the Linux Kernel, ver ...