Lucene search

K
oraclelinuxOracleLinuxELSA-2018-4088
HistoryMay 01, 2018 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2018-05-0100:00:00
linux.oracle.com
23

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

[2.6.39-400.298.6]

  • perf/hwbp: Simplify the perf-hwbp code, fix documentation (Linus Torvalds) [Orabug: 27947612] {CVE-2018-100199}
    [2.6.39-400.298.5]
  • xen-netfront: fix rx stall when req_prod_pvt goes back to more than zero again (Dongli Zhang) [Orabug: 25053376]
  • x86/IBRS: Remove support for IBRS_ENABLED_USER mode (Boris Ostrovsky) [Orabug: 27430615]
  • x86/microcode/intel: Disable late loading on model 79 (Borislav Petkov) [Orabug: 27343579]
    [2.6.39-400.298.4]
  • ALSA: usb-audio: Kill stray URB at exiting (Takashi Iwai) [Orabug: 27148283] {CVE-2017-16527}
  • uwb: properly check kthread_run return value (Andrey Konovalov) [Orabug: 27206900] {CVE-2017-16526}
  • HID: usbhid: fix out-of-bounds bug (Jaejoong Kim) [Orabug: 27207935] {CVE-2017-16533}
  • cx231xx-cards: fix NULL-deref on missing association descriptor (Johan Hovold) [Orabug: 27208080] {CVE-2017-16536}
  • net: cdc_ether: fix divide by 0 on bad descriptors (Bjorn Mork) [Orabug: 27215206] {CVE-2017-16649}
  • Bluetooth: bnep: bnep_add_connection() should verify that its dealing with l2cap socket (Al Viro) [Orabug: 27344787] {CVE-2017-15868}
  • Bluetooth: hidp: verify l2cap sockets (David Herrmann) [Orabug: 27344787] {CVE-2017-15868}
  • ALSA: pcm: prevent UAF in snd_pcm_info (Robb Glasser) [Orabug: 27344840] {CVE-2017-0861} {CVE-2017-0861}
  • Addendum: x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes (David Woodhouse) [Orabug: 27516441]
  • x86/cpufeature: Add X86_FEATURE_IA32_ARCH_CAPS and X86_FEATURE_IBRS_ATT (David Woodhouse) [Orabug: 27649498] {CVE-2017-5715}
  • x86/cpufeatures: Clean up Spectre v2 related CPUID flags (David Woodhouse) [Orabug: 27649510] {CVE-2017-5715}
  • x86/spectre: Now that we expose ‘stbibp’ make sure it is correct. (Konrad Rzeszutek Wilk) [Orabug: 27649631] {CVE-2017-5715}
  • x86/speculation: Add basic IBPB (Indirect Branch Prediction Barrier) support (KarimAllah Ahmed) [Orabug: 27649640] {CVE-2017-5715}
  • x86: Add STIBP feature enumeration (David Woodhouse) [Orabug: 27649693] {CVE-2017-5715}
  • x86/cpu/AMD: Add speculative control support for AMD (Tom Lendacky) [Orabug: 27649706] {CVE-2017-5715}
  • x86/spectre_v2: Dont spam the console with these: (Konrad Rzeszutek Wilk) [Orabug: 27649723] {CVE-2017-5715}
  • x86/spectre_v2: Remove 0xc2 from spectre_bad_microcodes (Darren Kenny) [Orabug: 27600848]
  • Revert ‘x86/spec_ctrl: Add ‘nolfence’ knob to disable fallback for spectre_v2 mitigation’ (Konrad Rzeszutek Wilk) [Orabug: 27601773]
  • x86/syscall: run syscall exit code with extra registers cleared (Alexandre Chartre) [Orabug: 27501176]
  • x86/syscall: run syscall-specific code with extra registers cleared (Alexandre Chartre) [Orabug: 27501176]
  • x86/syscall: run syscall entry code with extra registers cleared (Alexandre Chartre) [Orabug: 27501176]
  • x86/spectre: Drop the warning about ibrs being obsolete (Konrad Rzeszutek Wilk) [Orabug: 27518974]
  • x86: Include linux/device.h in bugs_64.c (Boris Ostrovsky) [Orabug: 27519044]
  • x86: fix mitigation details of UEK2 spectre v1 (Konrad Rzeszutek Wilk) [Orabug: 27509909]
  • x86/cpufeature: Blacklist SPEC_CTRL/PRED_CMD on early Spectre v2 microcodes (David Woodhouse) [Orabug: 27516441] {CVE-2017-5715}
  • x86, intel: Output microcode revision in /proc/cpuinfo (Andi Kleen) [Orabug: 27516441]
  • x86: intel-family.h: Add GEMINI_LAKE SOC (Len Brown) [Orabug: 27516441]
  • x86/cpu/intel: Introduce macros for Intel family numbers (Dave Hansen) [Orabug: 27516441]
  • x86/mitigation/spectre_v2: Add reporting of ‘lfence’ (Konrad Rzeszutek Wilk) [Orabug: 27525958]
  • x86/spec: Add ‘lfence_enabled’ in sysfs (Konrad Rzeszutek Wilk) [Orabug: 27525954]
  • x86/spec_ctrl: Add ‘nolfence’ knob to disable fallback for spectre_v2 mitigation (Konrad Rzeszutek Wilk) [Orabug: 27525923]
  • x86/spec: Also print IBRS if IBPB is disabled (Konrad Rzeszutek Wilk) [Orabug: 27519083]
  • x86: Use Indirect Branch Prediction Barrier in context switch (Tim Chen) [Orabug: 27516378]

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

Related for ELSA-2018-4088