Oracle Linux 6154 Published by

Oracle has released an updated Kernel for both Oracle Linux 6 and 7:

ELSA-2018-4025 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update
ELSA-2018-4025 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update



ELSA-2018-4025 Important: Oracle Linux 6 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2018-4025

http://linux.oracle.com/errata/ELSA-2018-4025.html

The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-112.14.14.el6uek.noarch.rpm
kernel-uek-firmware-4.1.12-112.14.14.el6uek.noarch.rpm
kernel-uek-4.1.12-112.14.14.el6uek.x86_64.rpm
kernel-uek-devel-4.1.12-112.14.14.el6uek.x86_64.rpm
kernel-uek-debug-4.1.12-112.14.14.el6uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-112.14.14.el6uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/kernel-uek-4.1.12-112.14.14.el6uek.src.rpm



Description of changes:

[4.1.12-112.14.14.el6uek]
- drivers/char/mem.c: deny access in open operation when securelevel is
set (Ethan Zhao) [Orabug: 27234850] [Orabug: 27234850]
- hugetlb: fix nr_pmds accounting with shared page tables (Kirill A.
Shutemov) [Orabug: 26988581]
- x86/IBRS: Drop unnecessary WRITE_ONCE (Boris Ostrovsky) [Orabug:
27416198]
- x86/IBRS: Don't try to change IBRS mode if IBRS is not available
(Boris Ostrovsky) [Orabug: 27416198]
- x86/IBRS: Remove support for IBRS_ENABLED_USER mode (Boris Ostrovsky)
[Orabug: 27416198]
- x86: Include linux/device.h in bugs_64.c (Boris Ostrovsky) [Orabug:
27418896]
- x86/spectre: Drop the warning about ibrs being obsolete. (Konrad
Rzeszutek Wilk)
- x86/spec: Don't print the Missing arguments for option spectre_v2.
(Konrad Rzeszutek Wilk)
- x86/spec: Also print IBRS if IBPB is disabled. (Konrad Rzeszutek Wilk)
- x86/IBPB: Provide debugfs interface for changing IBPB mode (Boris
Ostrovsky) [Orabug: 27449065]
- xen: Make PV Dom0 Linux kernel NUMA aware (Elena Ufimtseva)
- net/rds: Fix incorrect error handling (HÃ¥kon Bugge) [Orabug: 26848729]
- net/rds: use multiple sge than buddy allocation in congestion code
(Wei Lin Guay) [Orabug: 26848729]
- Revert "RDS: fix the sg allocation based on actual message size" (Wei
Lin Guay) [Orabug: 26848729]
- Revert "RDS: avoid large pages for sg allocation for TCP transport"
(Wei Lin Guay) [Orabug: 26848729]
- Revert "net/rds: Reduce memory footprint in rds_sendmsg" (Wei Lin
Guay) [Orabug: 26848729]
- net/rds: reduce memory footprint during ib_post_recv in IB transport
(Wei Lin Guay) [Orabug: 26848729]
- net/rds: reduce memory footprint during rds_sendmsg with IB transport
(Wei Lin Guay) [Orabug: 26848729]
- net/rds: set the rds_ib_init_frag based on supported sge (Wei Lin
Guay) [Orabug: 26848729]
- bnxt_en: Fix possible corrupted NVRAM parameters from firmware
response. (Michael Chan) [Orabug: 27199588]
- x86, kasan: Fix build failure on KASAN=y && KMEMCHECK=y kernels
(Andrey Ryabinin) [Orabug: 27255122]
- x86, efi, kasan: Fix build failure on !KASAN && KMEMCHECK=y kernels
(Andrey Ryabinin) [Orabug: 27255122]
- x86, efi, kasan: #undef memset/memcpy/memmove per arch (Andrey
Ryabinin) [Orabug: 27255122]
- Revert "Makefile: Build with -Werror?te-time if the compiler
supports it" (Gayatri Vasudevan) [Orabug: 27255122]
- dccp: CVE-2017-8824: use-after-free in DCCP code (Mohamed Ghannam)
[Orabug: 27290300] {CVE-2017-8824}
- x86/efi: Initialize and display UEFI secure boot state a bit later
during init (Daniel Kiper) [Orabug: 27309477]
- x86/espfix: Init espfix on the boot CPU side (Zhu Guihua) [Orabug:
27344552]
- x86/espfix: Add 'cpu' parameter to init_espfix_ap() (Zhu Guihua)
[Orabug: 27344552]
- ALSA: pcm: prevent UAF in snd_pcm_info (Robb Glasser) [Orabug:
27344841] {CVE-2017-0861} {CVE-2017-0861}
- fs/ocfs2: remove page cache for converted direct write (Wengang Wang)
- Revert "ocfs2: code clean up for direct io" (Wengang Wang)
- assoc_array: Fix a buggy node-splitting case (David Howells) [Orabug:
27364592] {CVE-2017-12193} {CVE-2017-12193}
- Sanitize 'move_pages()' permission checks (Linus Torvalds) [Orabug:
27364690] {CVE-2017-14140}
- pti: compile fix for when PTI is disabled (Pavel Tatashin) [Orabug:
27383147] {CVE-2017-5754}
- sctp: do not peel off an assoc from one netns to another one (Xin
Long) [Orabug: 27386999] {CVE-2017-15115}
- net: ipv4: fix for a race condition in raw_sendmsg (Mohamed Ghannam)
[Orabug: 27390682] {CVE-2017-17712}
- mlx4: add mstflint secure boot access kernel support (Qing Huang)
[Orabug: 27404202]
- x86: Move STUFF_RSB in to the idt macro (Konrad Rzeszutek Wilk)
- x86/spec: STUFF_RSB _before_ ENABLE_IBRS (Konrad Rzeszutek Wilk)
- x86: Move ENABLE_IBRS in the interrupt macro. (Konrad Rzeszutek Wilk)
[Orabug: 27449045]

ELSA-2018-4025 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2018-4025

http://linux.oracle.com/errata/ELSA-2018-4025.html

The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:

x86_64:
kernel-uek-doc-4.1.12-112.14.14.el7uek.noarch.rpm
kernel-uek-firmware-4.1.12-112.14.14.el7uek.noarch.rpm
kernel-uek-4.1.12-112.14.14.el7uek.x86_64.rpm
kernel-uek-devel-4.1.12-112.14.14.el7uek.x86_64.rpm
kernel-uek-debug-4.1.12-112.14.14.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.1.12-112.14.14.el7uek.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.1.12-112.14.14.el7uek.src.rpm



Description of changes:

[4.1.12-112.14.14.el7uek]
- drivers/char/mem.c: deny access in open operation when securelevel is
set (Ethan Zhao) [Orabug: 27234850] [Orabug: 27234850]
- hugetlb: fix nr_pmds accounting with shared page tables (Kirill A.
Shutemov) [Orabug: 26988581]
- x86/IBRS: Drop unnecessary WRITE_ONCE (Boris Ostrovsky) [Orabug:
27416198]
- x86/IBRS: Don't try to change IBRS mode if IBRS is not available
(Boris Ostrovsky) [Orabug: 27416198]
- x86/IBRS: Remove support for IBRS_ENABLED_USER mode (Boris Ostrovsky)
[Orabug: 27416198]
- x86: Include linux/device.h in bugs_64.c (Boris Ostrovsky) [Orabug:
27418896]
- x86/spectre: Drop the warning about ibrs being obsolete. (Konrad
Rzeszutek Wilk)
- x86/spec: Don't print the Missing arguments for option spectre_v2.
(Konrad Rzeszutek Wilk)
- x86/spec: Also print IBRS if IBPB is disabled. (Konrad Rzeszutek Wilk)
- x86/IBPB: Provide debugfs interface for changing IBPB mode (Boris
Ostrovsky) [Orabug: 27449065]
- xen: Make PV Dom0 Linux kernel NUMA aware (Elena Ufimtseva)
- net/rds: Fix incorrect error handling (HÃ¥kon Bugge) [Orabug: 26848729]
- net/rds: use multiple sge than buddy allocation in congestion code
(Wei Lin Guay) [Orabug: 26848729]
- Revert "RDS: fix the sg allocation based on actual message size" (Wei
Lin Guay) [Orabug: 26848729]
- Revert "RDS: avoid large pages for sg allocation for TCP transport"
(Wei Lin Guay) [Orabug: 26848729]
- Revert "net/rds: Reduce memory footprint in rds_sendmsg" (Wei Lin
Guay) [Orabug: 26848729]
- net/rds: reduce memory footprint during ib_post_recv in IB transport
(Wei Lin Guay) [Orabug: 26848729]
- net/rds: reduce memory footprint during rds_sendmsg with IB transport
(Wei Lin Guay) [Orabug: 26848729]
- net/rds: set the rds_ib_init_frag based on supported sge (Wei Lin
Guay) [Orabug: 26848729]
- bnxt_en: Fix possible corrupted NVRAM parameters from firmware
response. (Michael Chan) [Orabug: 27199588]
- x86, kasan: Fix build failure on KASAN=y && KMEMCHECK=y kernels
(Andrey Ryabinin) [Orabug: 27255122]
- x86, efi, kasan: Fix build failure on !KASAN && KMEMCHECK=y kernels
(Andrey Ryabinin) [Orabug: 27255122]
- x86, efi, kasan: #undef memset/memcpy/memmove per arch (Andrey
Ryabinin) [Orabug: 27255122]
- Revert "Makefile: Build with -Werror?te-time if the compiler
supports it" (Gayatri Vasudevan) [Orabug: 27255122]
- dccp: CVE-2017-8824: use-after-free in DCCP code (Mohamed Ghannam)
[Orabug: 27290300] {CVE-2017-8824}
- x86/efi: Initialize and display UEFI secure boot state a bit later
during init (Daniel Kiper) [Orabug: 27309477]
- x86/espfix: Init espfix on the boot CPU side (Zhu Guihua) [Orabug:
27344552]
- x86/espfix: Add 'cpu' parameter to init_espfix_ap() (Zhu Guihua)
[Orabug: 27344552]
- ALSA: pcm: prevent UAF in snd_pcm_info (Robb Glasser) [Orabug:
27344841] {CVE-2017-0861} {CVE-2017-0861}
- fs/ocfs2: remove page cache for converted direct write (Wengang Wang)
- Revert "ocfs2: code clean up for direct io" (Wengang Wang)
- assoc_array: Fix a buggy node-splitting case (David Howells) [Orabug:
27364592] {CVE-2017-12193} {CVE-2017-12193}
- Sanitize 'move_pages()' permission checks (Linus Torvalds) [Orabug:
27364690] {CVE-2017-14140}
- pti: compile fix for when PTI is disabled (Pavel Tatashin) [Orabug:
27383147] {CVE-2017-5754}
- sctp: do not peel off an assoc from one netns to another one (Xin
Long) [Orabug: 27386999] {CVE-2017-15115}
- net: ipv4: fix for a race condition in raw_sendmsg (Mohamed Ghannam)
[Orabug: 27390682] {CVE-2017-17712}
- mlx4: add mstflint secure boot access kernel support (Qing Huang)
[Orabug: 27404202]
- x86: Move STUFF_RSB in to the idt macro (Konrad Rzeszutek Wilk)
- x86/spec: STUFF_RSB _before_ ENABLE_IBRS (Konrad Rzeszutek Wilk)
- x86: Move ENABLE_IBRS in the interrupt macro. (Konrad Rzeszutek Wilk)
[Orabug: 27449045]