Oracle Linux 6149 Published by

The following updates has been released for Oracle Linux:

ELBA-2018-2198-1 Oracle Linux 7 kernel bug fix update
ELBA-2018-4174 Oracle Linux 7 python-configshell bug fix update
ELSA-2018-4172 Important: Oracle Linux 5 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update
ELSA-2018-4172 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
New Ksplice updates for OL 6, RHEL 6, CentOS 6, and Scientific Linux 6 (RHSA-2018:2164)
New Ksplice updates for RHCK 6 (RHSA-2018:2164)
New Ksplice updates for RHCK 7 (ELBA-2018-2198-1)
New Ksplice updates for RHEL 6 (RHSA-2018:2164)



ELBA-2018-2198-1 Oracle Linux 7 kernel bug fix update

Oracle Linux Bug Fix Advisory ELBA-2018-2198-1

http://linux.oracle.com/errata/ELBA-2018-2198-1.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-3.10.0-862.9.1.0.1.el7.x86_64.rpm
kernel-abi-whitelists-3.10.0-862.9.1.0.1.el7.noarch.rpm
kernel-debug-3.10.0-862.9.1.0.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-862.9.1.0.1.el7.x86_64.rpm
kernel-devel-3.10.0-862.9.1.0.1.el7.x86_64.rpm
kernel-doc-3.10.0-862.9.1.0.1.el7.noarch.rpm
kernel-headers-3.10.0-862.9.1.0.1.el7.x86_64.rpm
kernel-tools-3.10.0-862.9.1.0.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-862.9.1.0.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-862.9.1.0.1.el7.x86_64.rpm
perf-3.10.0-862.9.1.0.1.el7.x86_64.rpm
python-perf-3.10.0-862.9.1.0.1.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-3.10.0-862.9.1.0.1.el7.src.rpm



Description of changes:

[3.10.0-862.9.1.0.1.el7.OL7]
- [ipc] ipc/sem.c: bugfix for semctl(,,GETZCNT) (Manfred Spraul) [orabug
22552377]

ELBA-2018-4174 Oracle Linux 7 python-configshell bug fix update

Oracle Linux Bug Fix Advisory ELBA-2018-4174

http://linux.oracle.com/errata/ELBA-2018-4174.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
python-configshell-1.1.fb23-4.0.1.el7_5.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/python-configshell-1.1.fb23-4.0.1.el7_5.src.rpm



Description of changes:

[1:1.1.fb23-4.0.1]
- Add 0005-Allow-plus-in-pathnames to fix [Orabug: 28035235]

ELSA-2018-4172 Important: Oracle Linux 5 Extended Lifecycle Support (ELS) Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2018-4172

http://linux.oracle.com/errata/ELSA-2018-4172.html

The following updated rpms for Oracle Linux 5 Extended Lifecycle Support
(ELS) have been uploaded to the Unbreakable Linux Network:

i386:
kernel-uek-2.6.39-400.300.2.el5uek.i686.rpm
kernel-uek-debug-2.6.39-400.300.2.el5uek.i686.rpm
kernel-uek-debug-devel-2.6.39-400.300.2.el5uek.i686.rpm
kernel-uek-devel-2.6.39-400.300.2.el5uek.i686.rpm
kernel-uek-doc-2.6.39-400.300.2.el5uek.noarch.rpm
kernel-uek-firmware-2.6.39-400.300.2.el5uek.noarch.rpm

x86_64:
kernel-uek-firmware-2.6.39-400.300.2.el5uek.noarch.rpm
kernel-uek-doc-2.6.39-400.300.2.el5uek.noarch.rpm
kernel-uek-2.6.39-400.300.2.el5uek.x86_64.rpm
kernel-uek-devel-2.6.39-400.300.2.el5uek.x86_64.rpm
kernel-uek-debug-devel-2.6.39-400.300.2.el5uek.x86_64.rpm
kernel-uek-debug-2.6.39-400.300.2.el5uek.x86_64.rpm


Description of changes:

[2.6.39-400.300.2.el5uek]
- Revert "RDS: don't commit to queue till transport connection is up"
(Santosh Shilimkar) [Orabug: 27619034] - KVM: Fix stack-out-of-bounds
read in write_mmio (Wanpeng Li) [Orabug: 27951293] {CVE-2017-17741}
{CVE-2017-17741}
- kernel/exit.c: avoid undefined behaviour when calling wait4()
wait4(-2147483648, 0x20, 0, 0xdd0000) triggers: UBSAN: Undefined
behaviour in kernel/exit.c:1651:9 (mridula shastry) [Orabug: 28049790]
{CVE-2018-10087}
- kernel/signal.c: avoid undefined behaviour in kill_something_info When
running kill(72057458746458112, 0) in userspace I hit the following
issue. (mridula shastry) [Orabug: 28082989] {CVE-2018-10124}
- bluetooth: Validate socket address length in sco_sock_bind().
(mlevatic) [Orabug: 28130291] {CVE-2015-8575}
- x86/bug: Fix typo's from commit b2d2b5b2 (x86/fpu: Make eager FPU
default) (Mihai Carabas) [Orabug: 28194606] - dccp: check sk for closed
state in dccp_sendmsg() (Alexey Kodanev) [Orabug: 28220512]
{CVE-2017-8824} {CVE-2018-1130}
- mm/mempolicy.c: fix error handling in set_mempolicy and mbind. (Chris
Salls) [Orabug: 28242479] {CVE-2017-7616}
- xfrm: policy: check policy direction value (Vladis Dronov) [Orabug:
28264531] {CVE-2017-11600} {CVE-2017-11600}

ELSA-2018-4172 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2018-4172

http://linux.oracle.com/errata/ELSA-2018-4172.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

i386:
kernel-uek-2.6.39-400.300.2.el6uek.i686.rpm
kernel-uek-debug-2.6.39-400.300.2.el6uek.i686.rpm
kernel-uek-debug-devel-2.6.39-400.300.2.el6uek.i686.rpm
kernel-uek-devel-2.6.39-400.300.2.el6uek.i686.rpm
kernel-uek-doc-2.6.39-400.300.2.el6uek.noarch.rpm
kernel-uek-firmware-2.6.39-400.300.2.el6uek.noarch.rpm

x86_64:
kernel-uek-firmware-2.6.39-400.300.2.el6uek.noarch.rpm
kernel-uek-doc-2.6.39-400.300.2.el6uek.noarch.rpm
kernel-uek-2.6.39-400.300.2.el6uek.x86_64.rpm
kernel-uek-devel-2.6.39-400.300.2.el6uek.x86_64.rpm
kernel-uek-debug-devel-2.6.39-400.300.2.el6uek.x86_64.rpm
kernel-uek-debug-2.6.39-400.300.2.el6uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-2.6.39-400.300.2.el6uek.src.rpm



Description of changes:

[2.6.39-400.300.2.el6uek]
- Revert "RDS: don't commit to queue till transport connection is up"
(Santosh Shilimkar) [Orabug: 27619034] - KVM: Fix stack-out-of-bounds
read in write_mmio (Wanpeng Li) [Orabug: 27951293] {CVE-2017-17741}
{CVE-2017-17741}
- kernel/exit.c: avoid undefined behaviour when calling wait4()
wait4(-2147483648, 0x20, 0, 0xdd0000) triggers: UBSAN: Undefined
behaviour in kernel/exit.c:1651:9 (mridula shastry) [Orabug: 28049790]
{CVE-2018-10087}
- kernel/signal.c: avoid undefined behaviour in kill_something_info When
running kill(72057458746458112, 0) in userspace I hit the following
issue. (mridula shastry) [Orabug: 28082989] {CVE-2018-10124}
- bluetooth: Validate socket address length in sco_sock_bind().
(mlevatic) [Orabug: 28130291] {CVE-2015-8575}
- x86/bug: Fix typo's from commit b2d2b5b2 (x86/fpu: Make eager FPU
default) (Mihai Carabas) [Orabug: 28194606] - dccp: check sk for closed
state in dccp_sendmsg() (Alexey Kodanev) [Orabug: 28220512]
{CVE-2017-8824} {CVE-2018-1130}
- mm/mempolicy.c: fix error handling in set_mempolicy and mbind. (Chris
Salls) [Orabug: 28242479] {CVE-2017-7616}
- xfrm: policy: check policy direction value (Vladis Dronov) [Orabug:
28264531] {CVE-2017-11600} {CVE-2017-11600}

New Ksplice updates for OL 6, RHEL 6, CentOS 6, and Scientific Linux 6 (RHSA-2018:2164)

Synopsis: RHSA-2018:2164 can now be patched using Ksplice
CVEs: CVE-2018-10675 CVE-2018-10872 CVE-2018-3639 CVE-2018-3665 CVE-2018-8897

Systems running RHCK on Oracle Linux 6, Red Hat Enterprise Linux 6,
CentOS 6, and Scientific Linux 6 can now use Ksplice to patch against
the latest Red Hat Security Advisory, RHSA-2018:2164.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running OL 6, RHEL 6,
CentOS 6, and Scientific Linux 6 install these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Improved AMD fix to CVE-2018-3639: Speculative Store Bypass information leak.

The original vendor fix for CVE-2018-3639 did not expose the mitigation
to KVM guests on AMD or correctly handle symmetric multithreading (SMT)
systems.

This update enables the speculative store bypass mitigation full time to
protect guests and SMT systems by default on AMD systems and can be
manually enabled/disable by writing 1/0 to
/proc/sys/vm/ksplice_ssbd_control. The /proc/sys/vm/ksplice_ssbd_status
file reports the current mitigation status.


* CVE-2018-10675: Use-after-free in get_mempolicy due to incorrect reference counting.

A reference count error in the get_mempolicy ioctl implementation can
result in a use-after-free. A local user could use this flaw to
escalate privileges.


* CVE-2018-10872 (CVE-2018-8897): Denial-of-service in KVM breakpoint handling.

Incorrect stack management of data watchpoints and breakpoints could
allow an unprivileged user to crash the system.

OraBug: 27895351


* CVE-2018-3665: Information leak in floating point registers.

An information leak from floating point registers when lazy FPU context
switching was performed could allow a malicious local user to gain
access to sensitive information across process boundaries.

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.

New Ksplice updates for RHCK 6 (RHSA-2018:2164)

Synopsis: RHSA-2018:2164 can now be patched using Ksplice
CVEs: CVE-2018-10675 CVE-2018-10872 CVE-2018-3639 CVE-2018-3665 CVE-2018-8897

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle kernel update, RHSA-2018:2164.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running RHCK 6 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Improved AMD fix to CVE-2018-3639: Speculative Store Bypass information leak.

The original vendor fix for CVE-2018-3639 did not expose the mitigation
to KVM guests on AMD or correctly handle symmetric multithreading (SMT)
systems.

This update enables the speculative store bypass mitigation full time to
protect guests and SMT systems by default on AMD systems and can be
manually enabled/disable by writing 1/0 to
/proc/sys/vm/ksplice_ssbd_control. The /proc/sys/vm/ksplice_ssbd_status
file reports the current mitigation status.


* CVE-2018-10675: Use-after-free in get_mempolicy due to incorrect reference counting.

A reference count error in the get_mempolicy ioctl implementation can
result in a use-after-free. A local user could use this flaw to
escalate privileges.


* CVE-2018-10872 (CVE-2018-8897): Denial-of-service in KVM breakpoint handling.

Incorrect stack management of data watchpoints and breakpoints could
allow an unprivileged user to crash the system.

OraBug: 27895351


* CVE-2018-3665: Information leak in floating point registers.

An information leak from floating point registers when lazy FPU context
switching was performed could allow a malicious local user to gain
access to sensitive information across process boundaries.

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.


New Ksplice updates for RHCK 7 (ELBA-2018-2198-1)

Synopsis: ELBA-2018-2198-1 can now be patched using Ksplice

Users with Oracle Linux Premier Support can now use Ksplice to patch
against the latest Oracle kernel update, ELBA-2018-2198-1.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running RHCK 7 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Connection loss when forwarding between network namespaces.

Incorrect handling of packets marked NOTRACK could result in packets
being dropped when routing between network namespaces.

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.


New Ksplice updates for RHEL 6 (RHSA-2018:2164)

Synopsis: RHSA-2018:2164 can now be patched using Ksplice
CVEs: CVE-2018-10675 CVE-2018-10872 CVE-2018-3639 CVE-2018-3665 CVE-2018-8897

Systems running Red Hat Enterprise Linux 6 can now use Ksplice to
patch against the latest Red Hat Security Advisory, RHSA-2018:2164.

INSTALLING THE UPDATES

We recommend that all users of Ksplice Uptrack running RHEL 6 install
these updates.

On systems that have "autoinstall = yes" in /etc/uptrack/uptrack.conf,
these updates will be installed automatically and you do not need to
take any action.

Alternatively, you can install these updates by running:

# /usr/sbin/uptrack-upgrade -y


DESCRIPTION

* Improved AMD fix to CVE-2018-3639: Speculative Store Bypass information leak.

The original vendor fix for CVE-2018-3639 did not expose the mitigation
to KVM guests on AMD or correctly handle symmetric multithreading (SMT)
systems.

This update enables the speculative store bypass mitigation full time to
protect guests and SMT systems by default on AMD systems and can be
manually enabled/disable by writing 1/0 to
/proc/sys/vm/ksplice_ssbd_control. The /proc/sys/vm/ksplice_ssbd_status
file reports the current mitigation status.


* CVE-2018-10675: Use-after-free in get_mempolicy due to incorrect reference counting.

A reference count error in the get_mempolicy ioctl implementation can
result in a use-after-free. A local user could use this flaw to
escalate privileges.


* CVE-2018-10872 (CVE-2018-8897): Denial-of-service in KVM breakpoint handling.

Incorrect stack management of data watchpoints and breakpoints could
allow an unprivileged user to crash the system.

OraBug: 27895351


* CVE-2018-3665: Information leak in floating point registers.

An information leak from floating point registers when lazy FPU context
switching was performed could allow a malicious local user to gain
access to sensitive information across process boundaries.

SUPPORT

Ksplice support is available at ksplice-support_ww@oracle.com.