Updated Linux kernels has been released for Oracle Linux 6, 7, and Oracle VM 3.4:

ELSA-2019-4733 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update (aarch64)
ELSA-2019-4735 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
ELSA-2019-4735 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
OVMSA-2019-0038 Important: Oracle VM 3.4 Unbreakable Enterprise kernel security update

ELSA-2019-4733 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update (aarch64)

Oracle Linux Security Advisory ELSA-2019-4733

http://linux.oracle.com/errata/ELSA-2019-4733.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

aarch64:
kernel-uek-4.14.35-1902.3.2.el7uek.aarch64.rpm
kernel-uek-debug-4.14.35-1902.3.2.el7uek.aarch64.rpm
kernel-uek-debug-devel-4.14.35-1902.3.2.el7uek.aarch64.rpm
kernel-uek-devel-4.14.35-1902.3.2.el7uek.aarch64.rpm
kernel-uek-tools-4.14.35-1902.3.2.el7uek.aarch64.rpm
kernel-uek-tools-libs-4.14.35-1902.3.2.el7uek.aarch64.rpm
kernel-uek-tools-libs-devel-4.14.35-1902.3.2.el7uek.aarch64.rpm
perf-4.14.35-1902.3.2.el7uek.aarch64.rpm
python-perf-4.14.35-1902.3.2.el7uek.aarch64.rpm
kernel-uek-headers-4.14.35-1902.3.2.el7uek.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.14.35-1902.3.2.el7uek.src.rpm



Description of changes:

[4.14.35-1902.3.2.el7uek]
- x86/speculation: Exclude ATOMs from speculation through SWAPGS (Thomas
Gleixner) [Orabug: 29967570] {CVE-2019-1125}
- x86/speculation: Enable Spectre v1 swapgs mitigations (Josh Poimboeuf)
[Orabug: 29967570] {CVE-2019-1125}
- x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
(Josh Poimboeuf) [Orabug: 29967570] {CVE-2019-1125}

ELSA-2019-4735 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2019-4735

http://linux.oracle.com/errata/ELSA-2019-4735.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.29.3.1.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.29.3.1.el6uek.noarch.rpm
kernel-uek-4.1.12-124.29.3.1.el6uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.29.3.1.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.29.3.1.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.29.3.1.el6uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-4.1.12-124.29.3.1.el6uek.src.rpm



Description of changes:

[4.1.12-124.29.3.1.el6uek]
- x86/speculation: Exclude ATOMs from speculation through SWAPGS (Thomas
Gleixner) [Orabug: 29967571] {CVE-2019-1125}
- x86/speculation: Enable Spectre v1 swapgs mitigations (Josh Poimboeuf)
[Orabug: 29967571] {CVE-2019-1125}
- x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
(Josh Poimboeuf) [Orabug: 29967571] {CVE-2019-1125}

ELSA-2019-4735 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2019-4735

http://linux.oracle.com/errata/ELSA-2019-4735.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-124.29.3.1.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-124.29.3.1.el7uek.noarch.rpm
kernel-uek-4.1.12-124.29.3.1.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-124.29.3.1.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-124.29.3.1.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-124.29.3.1.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-124.29.3.1.el7uek.src.rpm



Description of changes:

[4.1.12-124.29.3.1.el7uek]
- x86/speculation: Exclude ATOMs from speculation through SWAPGS (Thomas
Gleixner) [Orabug: 29967571] {CVE-2019-1125}
- x86/speculation: Enable Spectre v1 swapgs mitigations (Josh Poimboeuf)
[Orabug: 29967571] {CVE-2019-1125}
- x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
(Josh Poimboeuf) [Orabug: 29967571] {CVE-2019-1125}

OVMSA-2019-0038 Important: Oracle VM 3.4 Unbreakable Enterprise kernel security update

Oracle VM Security Advisory OVMSA-2019-0038

The following updated rpms for Oracle VM 3.4 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-4.1.12-124.29.3.1.el6uek.x86_64.rpm
kernel-uek-firmware-4.1.12-124.29.3.1.el6uek.noarch.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/kernel-uek-4.1.12-124.29.3.1.el6uek.src.rpm



Description of changes:

[4.1.12-124.29.3.1.el6uek]
- x86/speculation: Exclude ATOMs from speculation through SWAPGS (Thomas
Gleixner) [Orabug: 29967571] {CVE-2019-1125}
- x86/speculation: Enable Spectre v1 swapgs mitigations (Josh Poimboeuf)
[Orabug: 29967571] {CVE-2019-1125}
- x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations
(Josh Poimboeuf) [Orabug: 29967571] {CVE-2019-1125}

[4.1.12-124.29.3.el6uek]
- mlx4_core: change log_num_{qp,rdmarc} with scale_profile (Mukesh
Kacker) [Orabug: 30064080]

[4.1.12-124.29.2.el6uek]
- scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error
(Cathy Avery) [Orabug: 30052805]

[4.1.12-124.29.1.el6uek]
- USB: check usb_get_extra_descriptor for proper size (Mathias Payer)
[Orabug: 29755247] {CVE-2018-20169}
- rds: ib: Fix dereference of conn when NULL and cleanup thereof (Håkon
Bugge) [Orabug: 29924849] - ext4: zero out the unused memory region in
the extent tree block (Sriram Rajagopalan) [Orabug: 29925523]
{CVE-2019-11833} {CVE-2019-11833}
- ip_sockglue: Fix missing-check bug in ip_ra_control() (Gen Zhang)
[Orabug: 29926005] {CVE-2019-12381}
- ipv6_sockglue: Fix a missing-check bug in ip6_ra_control() (Gen Zhang)
[Orabug: 29926057] {CVE-2019-12378}
- x86/microcode: fix x86_spec_ctrl_mask on late loading. (Mihai Carabas)
[Orabug: 29941248] - net: rds: fix rds recv memory leak (Zhu Yanjun)
[Orabug: 30034815]