Lucene search

K
oraclelinuxOracleLinuxELSA-2019-4670
HistoryJun 04, 2019 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2019-06-0400:00:00
linux.oracle.com
198

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

86.4%

[4.1.12-124.28.1]

  • hugetlbfs: don’t retry when pool page allocations start to fail (Mike Kravetz) [Orabug: 29324267]
  • x86/speculation: RSB stuffing with retpoline on Skylake+ cpus (William Roche) [Orabug: 29660924]
  • x86/speculation: reformatting RSB overwrite macro (William Roche) [Orabug: 29660924]
  • x86/speculation: Dynamic enable and disable of RSB stuffing with IBRS&!SMEP (William Roche) [Orabug: 29660924]
  • x86/speculation: STUFF_RSB dynamic enable (William Roche) [Orabug: 29660924]
  • int3 handler better address space detection on interrupts (William Roche) [Orabug: 29660924]
  • repairing out-of-tree build functionality (Mark Nicholson) [Orabug: 29755100]
  • ext4: fix false negatives and false positives in ext4_check_descriptors() (Shuning Zhang) [Orabug: 29797007]
    [4.1.12-124.27.3]
  • ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (Shuning Zhang) [Orabug: 29233739]
  • Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer (Marcel Holtmann) [Orabug: 29526426] {CVE-2019-3459}
  • Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt (Marcel Holtmann) [Orabug: 29526426] {CVE-2019-3459}
  • HID: debug: fix the ring buffer implementation (Vladis Dronov) [Orabug: 29629481] {CVE-2019-3819} {CVE-2019-3819}
  • scsi: target: iscsi: Use hex2bin instead of a re-implementation (Vincent Pelletier) [Orabug: 29778875] {CVE-2018-14633} {CVE-2018-14633}
  • scsi: libsas: fix a race condition when smp task timeout (Jason Yan) [Orabug: 29783225] {CVE-2018-20836}
  • scsi: megaraid_sas: return error when create DMA pool failed (Jason Yan) [Orabug: 29783254] {CVE-2019-11810}
  • Bluetooth: hidp: fix buffer overflow (Young Xiao) [Orabug: 29786786] {CVE-2011-1079} {CVE-2019-11884}
  • x86/speculation/mds: Add ‘mitigations=’ support for MDS (Kanth Ghatraju) [Orabug: 29791046]
  • net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock(). (Mao Wenan) [Orabug: 29802785] {CVE-2019-11815}

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.017 Low

EPSS

Percentile

86.4%