Oracle alert ELSA-2019-4820 (kernel)
| From: | Errata Announcements for Oracle Linux <el-errata@oss.oracle.com> | |
| To: | el-errata@oss.oracle.com | |
| Subject: | [El-errata] ELSA-2019-4820 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update (aarch64) | |
| Date: | Fri, 11 Oct 2019 18:53:42 -0700 | |
| Message-ID: | <06f5d2f0-51d5-35ae-923e-dfb2cdb0ea34@oracle.com> |
Oracle Linux Security Advisory ELSA-2019-4820 http://linux.oracle.com/errata/ELSA-2019-4820.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: kernel-uek-4.14.35-1902.6.6.el7uek.aarch64.rpm kernel-uek-debug-4.14.35-1902.6.6.el7uek.aarch64.rpm kernel-uek-debug-devel-4.14.35-1902.6.6.el7uek.aarch64.rpm kernel-uek-devel-4.14.35-1902.6.6.el7uek.aarch64.rpm kernel-uek-tools-4.14.35-1902.6.6.el7uek.aarch64.rpm kernel-uek-tools-libs-4.14.35-1902.6.6.el7uek.aarch64.rpm kernel-uek-tools-libs-devel-4.14.35-1902.6.6.el7uek.aarch64.rpm perf-4.14.35-1902.6.6.el7uek.aarch64.rpm python-perf-4.14.35-1902.6.6.el7uek.aarch64.rpm kernel-uek-headers-4.14.35-1902.6.6.el7uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.14.3... Description of changes: [4.14.35-1902.6.6.el7uek] - RDMA/restrack: Protect from reentry to resource return path (Leon Romanovsky) [Orabug: 30388717] [4.14.35-1902.6.5.el7uek] - hv_netvsc: fix vf serial matching with pci slot info (Haiyang Zhang) [Orabug: 30373111] - rds: Use correct conn when dropping connections due to cancel (Håkon Bugge) [Orabug: 30293898] - scsi: megaraid_sas: Introduce module parameter for default queue depth (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Fix a compilation warning (Qian Cai) [Orabug: 30317396] - scsi: megaraid_sas: Make a bunch of functions static (YueHaibing) [Orabug: 30317396] - scsi: megaraid_sas: Update driver version to 07.710.50.00 (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Add module parameter for FW Async event logging (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Enable msix_load_balance for Invader and later controllers (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Fix calculation of target ID (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Make some symbols static (YueHaibing) [Orabug: 30317396] - scsi: megaraid_sas: Update driver version to 07.710.06.00-rc1 (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Introduce various Aero performance modes (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Use high IOPS queues based on IO workload (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Set affinity for high IOPS reply queues (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Enable coalescing for high IOPS queues (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Add support for High IOPS queues (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Add support for MPI toolbox commands (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Offload Aero RAID5/6 division calculations to driver (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: RAID1 PCI bandwidth limit algorithm is applicable for only Ventura (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: megaraid_sas: Add check for count returned by HOST_DEVICE_LIST DCMD (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Handle sequence JBOD map failure at driver level (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Don't send FPIO to RL Bypass queue (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: In probe context, retry IOC INIT once if firmware is in fault (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Release Mutex lock before OCR in case of DCMD timeout (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Call disable_irq from process IRQ poll (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Remove few debug counters from IO path (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Add support for Non-secure Aero PCI IDs (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Add 32 bit atomic descriptor support to AERO adapters (Chandrakanth Patil) [Orabug: 30317396] - scsi: megaraid_sas: Use struct_size() helper (Gustavo A. R. Silva) [Orabug: 30317396] (YueHaibing) [Orabug: 30317396] - scsi: megaraid_sas: use DEVICE_ATTR_{RO, RW} (Tomas Henzl) [Orabug: 30317396] - scsi: megaraid_sas: use octal permissions instead of constants (Tomas Henzl) [Orabug: 30317396] - scsi: megaraid_sas: make max_sectors visible in sys (Tomas Henzl) [Orabug: 30317396] - scsi: megaraid_sas: remove set but not used variables 'buff_addr' and 'ci_h' (YueHaibing) [Orabug: 30317396] - scsi: megaraid_sas: remove set but not used variable 'sge_sz' (YueHaibing) [Orabug: 30317396] - scsi: megaraid_sas: remove set but not used variables 'host' and 'wait_time' (YueHaibing) [Orabug: 30317396] - scsi: megaraid_sas: remove set but not used variable 'cur_state' (YueHaibing) [Orabug: 30317396] - scsi: megaraid_sas: Update driver version to 07.708.03.00 (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Export RAID map through debugfs (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Fix MSI-X vector print (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Add debug prints for device list (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Add prints in suspend and resume path (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Print firmware interrupt status (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Print FW fault information (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Export RAID map id through sysfs (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Print BAR information from driver (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Dump system registers for debugging (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Dump system interface regs from sysfs (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Add formatting option for megasas_dump (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Enhance internal DCMD timeout prints (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Enhance prints in OCR and TM path (Sumit Saxena) [Orabug: 30317396] - scsi: megaraid_sas: Load balance completions across all MSI-X (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: IRQ poll to avoid CPU hard lockups (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Block PCI config space access from userspace during OCR (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Rework code around controller reset (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: fw_reset_no_pci_access required for MFI adapters only (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Remove unused variable target_index (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: fix spelling mistake "oustanding" -> "outstanding" (Colin Ian King) [Orabug: 30317396] - scsi: megaraid_sas: Make megasas_host_device_list_query() static (YueHaibing) [Orabug: 30317396] - scsi: megaraid_sas: reduce module load time (Steve Sistare) [Orabug: 30317396] - scsi: megaraid_sas: Remove a bunch of set but not used variables (YueHaibing) [Orabug: 30317396] - scsi: megaraid_sas: driver version update (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Update structures for HOST_DEVICE_LIST DCMD (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Add support for DEVICE_LIST DCMD in driver (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Rework device add code in AEN path (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Rework code to get PD and LD list (Shivasharan S) [Orabug: 30317396] - scsi: megaraid_sas: Retry reads of outbound_intr_status reg (Shivasharan S) [Orabug: 30317396] - rds: ib: Optimize rds_ib_laddr_check (Håkon Bugge) [Orabug: 30327669] - x86,sched: Allow topologies where NUMA nodes share an LLC (Mridula Shastry) [Orabug: 30068079] [4.14.35-1902.6.4.el7uek] - net/rds: Use DMA memory pool allocation for rds_header (Ka-Cheong Poon) [Orabug: 30358057] - net/rds: Check laddr_check before calling it (Ka-Cheong Poon) [Orabug: 30319176] - x86/microcode/intel: Issue the revision updated message only on the BSP (Borislav Petkov) [Orabug: 30298021] - x86/microcode: Update late microcode in parallel (Ashok Raj) [Orabug: 30298021] - xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink (YueHaibing) [Orabug: 30322228] {CVE-2019-15666} - floppy: fix out-of-bounds read in copy_buffer (Denis Efremov) [Orabug: 30318218] {CVE-2019-14283} - ALSA: line6: Fix write on zero-sized buffer (Takashi Iwai) [Orabug: 30254322] {CVE-2019-15221} [4.14.35-1902.6.3.el7uek] - KVM: coalesced_mmio: add bounds checking (Matt Delco) [Orabug: 30328863] {CVE-2019-14821} {CVE-2019-14821} - net/rds: Incorrect work request accouting (Ka-Cheong Poon) [Orabug: 30288715] - vhost: make sure log_num < in_num (yongduan) [Orabug: 30313999] {CVE-2019-14835} - vhost: block speculation of translated descriptors (Michael S. Tsirkin) [Orabug: 30313999] {CVE-2019-14835} - vhost: Fix Spectre V1 vulnerability (Jason Wang) [Orabug: 30313999] - RDMA/restrack: Release task struct which was hold by CM_ID object (Leon Romanovsky) [Orabug: 30307611] - x86/speculation: Re-initialize x86_spec_ctrl_base/priv during late microcode update (Boris Ostrovsky) [Orabug: 30312533] - x86/speculation: Properly initialize percpu variables (Boris Ostrovsky) [Orabug: 30312533] - nfsd4: catch some false session retries (J. Bruce Fields) [Orabug: 30172625] - nfsd4: fix cached replies to solo SEQUENCE compounds (J. Bruce Fields) [Orabug: 30172625] - net/rds: Fix info leak in rds6_inc_info_copy() (Ka-Cheong Poon) [Orabug: 30260894] - A/A Bonding: Log ip_config details if it fails to find a failover port (Sudhakar Dindukurti) [Orabug: 30313262] - A/A Bonding: X8-8 RoCE network re-connect stalls after loss of switch (Sudhakar Dindukurti) [Orabug: 30313262] - KVM: svm: svm_set_msr(MSR_IA32_SPEC_CTRL) should allow SPEC_CTRL_SSBD bit (Liam Merwick) [Orabug: 30257820] - rds: RDS/TCP does not initiate a connection (Ka-Cheong Poon) [Orabug: 30255694] - xen-netfront: do not assume sk_buff_head list is empty in error handling (Dongli Zhang) [Orabug: 30313831] [4.14.35-1902.6.2.el7uek] - net/rds: An rds_sock is added too early to the hash table (Ka-Cheong Poon) [Orabug: 30304759] - route: set the deleted fnhe fnhe_daddr to 0 in ip_del_fnhe to fix a race (Xin Long) [Orabug: 30276919] - KVM: VMX: sync pending posted interrupts based on PIR (Luwei Kang) [Orabug: 30270374] - Revert "KVM: x86: Recompute PID.ON when clearing PID.SN" (Joao Martins) [Orabug: 30270374] - x86/tsc: Make calibration refinement more robust (Daniel Vacek) [Orabug: 30260381] - xen/swiotlb: remember having called xen_create_contiguous_region() (Juergen Gross) [Orabug: 30255523] - xen/swiotlb: simplify range_straddles_page_boundary() (Juergen Gross) [Orabug: 30255523] - xen/swiotlb: fix condition for calling xen_destroy_contiguous_region() (Juergen Gross) [Orabug: 30255523] - xen-swiotlb: use actually allocated size on check physical continuous (Joe Jin) [Orabug: 30255523] - Bluetooth: hci_uart: check for missing tty operations (Vladis Dronov) [Orabug: 30244614] {CVE-2019-10207} {CVE-2019-10207} - IB/mlx5: Fix leaking stack memory to userspace (Jason Gunthorpe) [Orabug: 30244589] {CVE-2018-20855} - mm: memcontrol: drain stocks on resize limit (Shakeel Butt) [Orabug: 30229285] - mm/memcontrol.c: try harder to decrease [memory,memsw].limit_in_bytes (Andrey Ryabinin) [Orabug: 30229285] - memcg: refactor mem_cgroup_resize_limit() (Yu Zhao) [Orabug: 30229285] - cgroup/pids: turn cgroup_subsys->free() into cgroup_subsys->release() to fix the accounting (Oleg Nesterov) [Orabug: 30229262] - drivers: net: Remove unnecessary semicolon (YueHaibing) [Orabug: 29320005] - net: cisco: enic: Replace GFP_ATOMIC with GFP_KERNEL (Jia-Ju Bai) [Orabug: 29320005] - enic: fix UDP rss bits (Govindarajulu Varadarajan) [Orabug: 29320005] - enic: drop IP proto check for vxlan tunnel delete (Govindarajulu Varadarajan) [Orabug: 29320005] - enic: fix boolreturn.cocci warnings (Fengguang Wu) [Orabug: 29320005] - enic: set IG desc cache flag in open (Govindarajulu Varadarajan) [Orabug: 29320005] - enic: set UDP rss flag (Govindarajulu Varadarajan) [Orabug: 29320005] - enic: Check if hw supports multi wq with vxlan offload (Govindarajulu Varadarajan) [Orabug: 29320005] - enic: Add vxlan offload support for IPv6 pkts (Govindarajulu Varadarajan) [Orabug: 29320005] - enic: Check inner ip proto for pseudo header csum (Govindarajulu Varadarajan) [Orabug: 29320005] - enic: add wq clean up budget (Govindarajulu Varadarajan) [Orabug: 29320005] - enic: add sw timestamp support (Govindarajulu Varadarajan) [Orabug: 29320005] - enic: Add support for 'ethtool -g/-G' (Parvi Kaustubhi) [Orabug: 29320005] - enic: reset fetch index (Parvi Kaustubhi) [Orabug: 29320005] - cgroup: make code and documentation consistent for cgroup cpuset v2 (chris hyser) [Orabug: 29447566] - x86: cpu: update blacklist spec features for late loading (Mihai Carabas) [Orabug: 29336757] - x86: cpu: bugs.c: update cpu_smt_disable to support late loading (Mihai Carabas) [Orabug: 29336757] - x86: cpu: bugs.c: create microcode late loading logic (Mihai Carabas) [Orabug: 29336757] - x86: cpu: bugs.c: remove init attribute from functions and variables (Mihai Carabas) [Orabug: 29336757] - x86: kernel: cpu: bugs.c: modify static_has to boot_bas (Mihai Carabas) [Orabug: 29336757] - x86: cpu: modify boot_command_line to saved_command_line (Mihai Carabas) [Orabug: 29336757] - x86: cpu: microcode: update flags for all cpus (Mihai Carabas) [Orabug: 29336757] [4.14.35-1902.6.1.el7uek] - rds: Bring loop-back peer down as well (Håkon Bugge) [Orabug: 30290065] - rds: ib: Avoid connect retry on loopback connections (Håkon Bugge) [Orabug: 30290065] - net/rds: Adding missing "dev_put" to __flush_eth_arp_entry() (Gerd Rausch) [Orabug: 30290073] _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata