kernel security and bug fix update

2019-09-04T00:00:00
ID ELSA-2019-2600
Type oraclelinux
Reporter Oracle
Modified 2019-09-04T00:00:00

Description

[3.10.0-1062.1.1] - Oracle Linux certificates (Alexey Petrenko) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com) - Update x509.genkey [Orabug: 24817676] [3.10.0-1062.1.1] - [fs] nfsv4.1: Avoid false retries when RPC calls are interrupted (Benjamin Coddington) [1739077 1732427] - [fs] NFS4.1 handle interrupted slot reuse from ERR_DELAY (Benjamin Coddington) [1739077 1732427] - [fs] nfsv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY (Benjamin Coddington) [1739077 1732427] - [fs] cifs: fix panic in smb2_reconnect (Leif Sahlberg) [1737382 1702264] - [scsi] sg: protect against races between mmap() and SG_SET_RESERVED_SIZE (Ewan Milne) [1737380 1710533] - [scsi] sg: recheck MMAP_IO request length with lock held (Ewan Milne) [1737380 1710533] - [scsi] sg: reset 'res_in_use' after unlinking reserved array (Ewan Milne) [1737380 1710533] - [scsi] sg: protect accesses to 'reserved' page array (Ewan Milne) [1737380 1710533] - [netdrv] mlx4/en_netdev: allow offloading VXLAN over VLAN (Paolo Abeni) [1734333 1733671] - [netdrv] brcmfmac: assure SSID length from firmware is limited (Stanislaw Gruszka) [1704879 1704880] {CVE-2019-9500} - [net] tcp: be more careful in tcp_fragment() (Marcelo Leitner) [1739130 1732106] - [documentation] Documentation: Add swapgs description to the Spectre v1 documentation (Waiman Long) [1729810 1724510] {CVE-2019-1125} - [documentation] Documentation: Add section about CPU vulnerabilities for Spectre (Waiman Long) [1729810 1724510] {CVE-2019-1125} - [x86] x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS (Waiman Long) [1729810 1724510] {CVE-2019-1125} - [x86] x86/speculation: Enable Spectre v1 swapgs mitigations (Waiman Long) [1729810 1724510] {CVE-2019-1125} - [x86] x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations (Waiman Long) [1729810 1724510] {CVE-2019-1125} - [x86] x86/feature: Relocate X86_FEATURE_INVPCID_SINGLE (Waiman Long) [1729810 1724510] {CVE-2019-1125}