Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2022-9201

Опубликовано: 08 мар. 2022
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2022-9201: Unbreakable Enterprise kernel-container security update (IMPORTANT)

  • 4.14.35-2047.511.5.4.el7
  • x86/speculation: Add knob for eibrs_retpoline_enabled (Patrick Colp) [Orabug: 33922122] {CVE-2021-26341}
  • x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline (Patrick Colp) [Orabug: 33922122] {CVE-2021-26341}
  • x86/speculation: Update link to AMD speculation whitepaper (Kim Phillips) [Orabug: 33922122] {CVE-2021-26341}
  • x86/speculation: Use generic retpoline by default on AMD (Kim Phillips) [Orabug: 33922122] {CVE-2021-26341}
  • x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting (Josh Poimboeuf) [Orabug: 33922122] {CVE-2021-26341}
  • Documentation/hw-vuln: Update spectre doc (Peter Zijlstra) [Orabug: 33922122] {CVE-2021-26341}
  • x86/speculation: Add eIBRS + Retpoline options (Peter Zijlstra) [Orabug: 33922122] {CVE-2021-26341}
  • x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE (Peter Zijlstra (Intel)) [Orabug: 33922122] {CVE-2021-26341}
  • x86/speculation: Merge one test in spectre_v2_user_select_mitigation() (Borislav Petkov) [Orabug: 33922122] {CVE-2021-26341}
  • x86/speculation: Update ALTERNATIVEs to (more closely) match upstream (Patrick Colp) [Orabug: 33922122] {CVE-2021-26341}
  • x86/speculation: Fix bug in retpoline mode on AMD with (Patrick Colp) [Orabug: 33922122] {CVE-2021-26341}
  • bpf: Add kconfig knob for disabling unpriv bpf by default (Daniel Borkmann) [Orabug: 33926438]

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

kernel-uek-container

4.14.35-2047.511.5.4.el7

Связанные CVE

CVE-2021-26341

Ссылки на источники

Связанные уязвимости

redhat логотип

CVE-2021-26341

CVSS3: 4.7
redhat
больше 3 лет назад

Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.

nvd логотип

CVE-2021-26341

CVSS3: 6.5
nvd
больше 3 лет назад

Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.

github логотип

GHSA-r3q4-4jhx-x4c9

CVSS3: 6.5
github
больше 3 лет назад

Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.

oracle-oval логотип

ELSA-2022-9200

oracle-oval
больше 3 лет назад

ELSA-2022-9200: Unbreakable Enterprise kernel-container security update (IMPORTANT)

oracle-oval логотип

ELSA-2022-9199

oracle-oval
больше 3 лет назад

ELSA-2022-9199: Unbreakable Enterprise kernel security update (IMPORTANT)