Lucene search

K
oraclelinuxOracleLinuxELSA-2019-4575
HistoryMar 12, 2019 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2019-03-1200:00:00
linux.oracle.com
152

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.013 Low

EPSS

Percentile

84.1%

[4.1.12-124.26.1]

  • NFS: commit direct writes even if they fail partially (J. Bruce Fields) [Orabug: 28212440]
  • rds: update correct congestion map for loopback transport (Mukesh Kacker) [Orabug: 29175685]
  • ext4: only look at the bg_flags field if it is valid (Theodore Tso) [Orabug: 29316684] {CVE-2018-10876} {CVE-2018-10876}
  • uek-rpm: Add kernel-uek version to kernel-ueknano provides (Somasundaram Krishnasamy) [Orabug: 29357643]
  • net: Set sk_prot_creator when cloning sockets to the right proto (Christoph Paasch) [Orabug: 29422739] {CVE-2018-9568}
  • ext4: always check block group bounds in ext4_init_block_bitmap() (Theodore Tso) [Orabug: 29428607] {CVE-2018-10878}
  • ext4: make sure bitmaps and the inode table dont overlap with bg descriptors (Theodore Tso) [Orabug: 29428607] {CVE-2018-10878}
  • vfs: Add sb_rdonly(sb) to query the MS_RDONLY flag on s_flags (David Howells) [Orabug: 29428607] {CVE-2018-10878}
  • iscsi: Capture iscsi debug messages using tracepoints (Fred Herard) [Orabug: 29429855]
    [4.1.12-124.25.4]
  • KEYS: add missing permission check for request_key() destination (Eric Biggers) [Orabug: 29304551] {CVE-2017-17807}
  • KEYS: Dont permit request_key() to construct a new keyring (David Howells) [Orabug: 29304551] {CVE-2017-17807}
  • mlx4_ib: Distribute completion vectors when zero is supplied (Hakon Bugge) [Orabug: 29318191]
  • bnxt_en: Fix TX timeout during netpoll. (Michael Chan) [Orabug: 29357977]
  • bnxt_en: Fix for system hang if request_irq fails (Vikas Gupta) [Orabug: 29357977]
  • bnxt_en: Fix firmware message delay loop regression. (Michael Chan) [Orabug: 29357977]
  • bnxt_en: reduce timeout on initial HWRM calls (Andy Gospodarek) [Orabug: 29357977]
  • bnxt_en: Fix NULL pointer dereference at bnxt_free_irq(). (Michael Chan) [Orabug: 29357977]
  • bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa(). (Michael Chan) [Orabug: 29357977]
  • bnxt_en: Do not modify max IRQ count after RDMA driver requests/frees IRQs. (Michael Chan) [Orabug: 29357977]
  • mm: cleancache: fix corruption on missed inode invalidation (Pavel Tikhomirov) [Orabug: 29364670] {CVE-2018-16862}
  • l2tp: fix reading optional fields of L2TPv3 (Jacob Wen) [Orabug: 29368048]
  • net/packet: fix a race in packet_bind() and packet_notifier() (Eric Dumazet) [Orabug: 29385593] {CVE-2018-18559}
  • ext4: verify the depth of extent tree in ext4_find_extent() (Theodore Tso) [Orabug: 29396712] {CVE-2018-10877} {CVE-2018-10877}
    [4.1.12-124.25.3]
  • blk-mq: Do not invoke .queue_rq() for a stopped queue (Bart Van Assche) [Orabug: 28766011]
  • uek-rpm: use multi-threaded xz compression for rpms (Alexander Burmashev) [Orabug: 29323635]
  • uek-rpm: optimize find-requires usage (Alexander Burmashev) [Orabug: 29323635]
  • find-debuginfo.sh: backport parallel files procession (Alexander Burmashev) [Orabug: 29323635]
  • KVM: SVM: Add MSR-based feature support for serializing LFENCE (Tom Lendacky) [Orabug: 29335274]
    [4.1.12-124.25.2]
  • Enable RANDOMIZE_BASE (John Haxby) [Orabug: 29305587]
  • slub: make ->cpu_partial unsigned (Alexey Dobriyan) [Orabug: 28620592]
  • dtrace: support kernels built with RANDOMIZE_BASE (Kris Van Hees) [Orabug: 29204005]

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.013 Low

EPSS

Percentile

84.1%