Описание
ELSA-2022-9481: Unbreakable Enterprise kernel security update (IMPORTANT)
[5.4.17-2136.308.9]
- x86/speculation/mmio: Fix late microcode loading (Patrick Colp) [Orabug: 34276099]
[5.4.17-2136.308.8]
- Add debugfs for controlling MMIO state data (Kanth Ghatraju) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166}
- KVM: x86/speculation: Disable Fill buffer clear within guests (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166}
- x86/speculation/mmio: Reuse SRBDS mitigation for SBDS (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166}
- x86/speculation/srbds: Update SRBDS mitigation selection (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166}
- x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166}
- x86/speculation/mmio: Enable CPU Fill buffer clearing on idle (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166}
- x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166}
- x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166}
- x86/speculation: Add a common function for MD_CLEAR mitigation update (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166}
- x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166}
- Documentation: Add documentation for Processor MMIO Stale Data (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166}
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
kernel-uek
5.4.17-2136.308.9.el7uek
kernel-uek-debug
5.4.17-2136.308.9.el7uek
kernel-uek-debug-devel
5.4.17-2136.308.9.el7uek
kernel-uek-devel
5.4.17-2136.308.9.el7uek
kernel-uek-doc
5.4.17-2136.308.9.el7uek
kernel-uek-tools
5.4.17-2136.308.9.el7uek
kernel-uek-tools-libs
5.4.17-2136.308.9.el7uek
perf
5.4.17-2136.308.9.el7uek
python-perf
5.4.17-2136.308.9.el7uek
Oracle Linux x86_64
kernel-uek
5.4.17-2136.308.9.el7uek
kernel-uek-debug
5.4.17-2136.308.9.el7uek
kernel-uek-debug-devel
5.4.17-2136.308.9.el7uek
kernel-uek-devel
5.4.17-2136.308.9.el7uek
kernel-uek-doc
5.4.17-2136.308.9.el7uek
kernel-uek-tools
5.4.17-2136.308.9.el7uek
Oracle Linux 8
Oracle Linux aarch64
kernel-uek
5.4.17-2136.308.9.el8uek
kernel-uek-debug
5.4.17-2136.308.9.el8uek
kernel-uek-debug-devel
5.4.17-2136.308.9.el8uek
kernel-uek-devel
5.4.17-2136.308.9.el8uek
kernel-uek-doc
5.4.17-2136.308.9.el8uek
Oracle Linux x86_64
kernel-uek
5.4.17-2136.308.9.el8uek
kernel-uek-debug
5.4.17-2136.308.9.el8uek
kernel-uek-debug-devel
5.4.17-2136.308.9.el8uek
kernel-uek-devel
5.4.17-2136.308.9.el8uek
kernel-uek-doc
5.4.17-2136.308.9.el8uek
Связанные уязвимости
ELSA-2022-9670: microcode_ctl security update (IMPORTANT)
ELSA-2022-9508: microcode_ctl security update (IMPORTANT)
ELSA-2022-9507: microcode_ctl security update (IMPORTANT)
ELSA-2022-9486: Unbreakable Enterprise kernel-container security update (IMPORTANT)