Lucene search

K
oraclelinuxOracleLinuxELSA-2019-2600
HistorySep 04, 2019 - 12:00 a.m.

kernel security and bug fix update

2019-09-0400:00:00
linux.oracle.com
83

8.3 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

7.9 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

[3.10.0-1062.1.1]

  • Oracle Linux certificates (Alexey Petrenko)
  • Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)([email protected])
  • Update x509.genkey [Orabug: 24817676]
    [3.10.0-1062.1.1]
  • [fs] nfsv4.1: Avoid false retries when RPC calls are interrupted (Benjamin Coddington) [1739077 1732427]
  • [fs] NFS4.1 handle interrupted slot reuse from ERR_DELAY (Benjamin Coddington) [1739077 1732427]
  • [fs] nfsv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY (Benjamin Coddington) [1739077 1732427]
  • [fs] cifs: fix panic in smb2_reconnect (Leif Sahlberg) [1737382 1702264]
  • [scsi] sg: protect against races between mmap() and SG_SET_RESERVED_SIZE (Ewan Milne) [1737380 1710533]
  • [scsi] sg: recheck MMAP_IO request length with lock held (Ewan Milne) [1737380 1710533]
  • [scsi] sg: reset ‘res_in_use’ after unlinking reserved array (Ewan Milne) [1737380 1710533]
  • [scsi] sg: protect accesses to ‘reserved’ page array (Ewan Milne) [1737380 1710533]
  • [netdrv] mlx4/en_netdev: allow offloading VXLAN over VLAN (Paolo Abeni) [1734333 1733671]
  • [netdrv] brcmfmac: assure SSID length from firmware is limited (Stanislaw Gruszka) [1704879 1704880] {CVE-2019-9500}
  • [net] tcp: be more careful in tcp_fragment() (Marcelo Leitner) [1739130 1732106]
  • [documentation] Documentation: Add swapgs description to the Spectre v1 documentation (Waiman Long) [1729810 1724510] {CVE-2019-1125}
  • [documentation] Documentation: Add section about CPU vulnerabilities for Spectre (Waiman Long) [1729810 1724510] {CVE-2019-1125}
  • [x86] x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS (Waiman Long) [1729810 1724510] {CVE-2019-1125}
  • [x86] x86/speculation: Enable Spectre v1 swapgs mitigations (Waiman Long) [1729810 1724510] {CVE-2019-1125}
  • [x86] x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations (Waiman Long) [1729810 1724510] {CVE-2019-1125}
  • [x86] x86/feature: Relocate X86_FEATURE_INVPCID_SINGLE (Waiman Long) [1729810 1724510] {CVE-2019-1125}

8.3 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

7.9 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C