[Oraclevm-errata] OVMSA-2019-0038 Important: Oracle VM 3.4 Unbreakable Enterprise kernel security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Thu Aug 8 17:32:58 PDT 2019
Oracle VM Security Advisory OVMSA-2019-0038
The following updated rpms for Oracle VM 3.4 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-4.1.12-124.29.3.1.el6uek.x86_64.rpm
kernel-uek-firmware-4.1.12-124.29.3.1.el6uek.noarch.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/kernel-uek-4.1.12-124.29.3.1.el6uek.src.rpm
Description of changes:
[4.1.12-124.29.3.1.el6uek]
- x86/speculation: Exclude ATOMs from speculation through SWAPGS (Thomas Gleixner) [Orabug: 29967571] {CVE-2019-1125}
- x86/speculation: Enable Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 29967571] {CVE-2019-1125}
- x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations (Josh Poimboeuf) [Orabug: 29967571] {CVE-2019-1125}
[4.1.12-124.29.3.el6uek]
- mlx4_core: change log_num_{qp,rdmarc} with scale_profile (Mukesh Kacker) [Orabug: 30064080]
[4.1.12-124.29.2.el6uek]
- scsi: storvsc: Fix scsi_cmd error assignments in storvsc_handle_error (Cathy Avery) [Orabug: 30052805]
[4.1.12-124.29.1.el6uek]
- USB: check usb_get_extra_descriptor for proper size (Mathias Payer) [Orabug: 29755247] {CVE-2018-20169}
- rds: ib: Fix dereference of conn when NULL and cleanup thereof (Håkon Bugge) [Orabug: 29924849]
- ext4: zero out the unused memory region in the extent tree block (Sriram Rajagopalan) [Orabug: 29925523] {CVE-2019-11833} {CVE-2019-11833}
- ip_sockglue: Fix missing-check bug in ip_ra_control() (Gen Zhang) [Orabug: 29926005] {CVE-2019-12381}
- ipv6_sockglue: Fix a missing-check bug in ip6_ra_control() (Gen Zhang) [Orabug: 29926057] {CVE-2019-12378}
- x86/microcode: fix x86_spec_ctrl_mask on late loading. (Mihai Carabas) [Orabug: 29941248]
- net: rds: fix rds recv memory leak (Zhu Yanjun) [Orabug: 30034815]
More information about the Oraclevm-errata
mailing list