Lucene search

K
oraclelinuxOracleLinuxELSA-2019-4878
HistoryDec 13, 2019 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2019-12-1300:00:00
linux.oracle.com
80

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

[4.14.35-1902.8.4]

  • Revert ‘oled: give panic handler chance to run before kexec’ (John Donnelly) [Orabug: 30594702]
  • Revert ‘oled: export symbols’ (John Donnelly) [Orabug: 30594702]
  • net/rds: Recycle RDS headers to speed up connection fail over (Ka-Cheong Poon) [Orabug: 30628735]
  • net/rds: Reduce RDS headers de-allocation time (Ka-Cheong Poon) [Orabug: 30628735]
  • net/rds: Should use rds_rtd_ptr() to trace pointer value (Ka-Cheong Poon) [Orabug: 30628735]
    [4.14.35-1902.8.3]
  • rds: Disable heartbeat by default (Hakon Bugge) [Orabug: 30580080]
    [4.14.35-1902.8.2]
  • rds:ib: Set RoCE ACK timeout before resolving route (Dag Moxnes) [Orabug: 30581176]
  • RDMA/cma: Use ACK timeout for RoCE packetLifeTime (Dag Moxnes) [Orabug: 30581176]
  • x86/hyperv: Make vapic support x2apic mode (Roman Kagan) [Orabug: 30571044]
  • PCI: hv: Refactor hv_irq_unmask() to use cpumask_to_vpset() (Maya Nakamura) [Orabug: 30571044]
  • PCI: hv: Replace hv_vp_set with hv_vpset (Maya Nakamura) [Orabug: 30571044]
  • PCI: hv: Add __aligned(8) to struct retarget_msi_interrupt (Maya Nakamura) [Orabug: 30571044]
  • MAINTAINERS: Add Hyper-V IOMMU driver into Hyper-V CORE AND DRIVERS scope (Lan Tianyu) [Orabug: 30571044]
  • iommu/hyper-v: Add Hyper-V stub IOMMU driver (Lan Tianyu) [Orabug: 30571044]
  • x86/Hyper-V: Set x2apic destination mode to physical when x2apic is available (Lan Tianyu) [Orabug: 30571044]
  • x86/apic: Provide apic_ack_irq() (Thomas Gleixner) [Orabug: 30571044]
  • rds: ib: update WR sizes when bringing up connection (Dag Moxnes) [Orabug: 30572790]
  • USB: sisusbvga: fix oops in error path of sisusb_probe (Oliver Neukum) [Orabug: 30548564] {CVE-2019-15219}
  • block-mq: fix hung due to too much warning log (Junxiao Bi) [Orabug: 30544816]
  • oled: export symbols (Wengang Wang) [Orabug: 30550387]
  • oled: give panic handler chance to run before kexec (Wengang Wang) [Orabug: 30550387]
    [4.14.35-1902.8.1]
  • ocfs2: protect extent tree in ocfs2_prepare_inode_for_write() (Shuning Zhang) [Orabug: 30545335]
  • kvm: mmu: ITLB_MULTIHIT mitigation selection (Kanth Ghatraju) [Orabug: 30539764]
  • x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs (Josh Poimboeuf) [Orabug: 30539764]
  • cpu/speculation: Uninline and export CPU mitigations helpers (Tyler Hicks) [Orabug: 30539764]
  • x86/speculation/taa: Fix for mitigation for TSX Async Abort (Kanth Ghatraju) [Orabug: 30533711]
  • media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap (Vandana BN) [Orabug: 30532773] {CVE-2019-15217}
  • x86: cpu: bugs.c: Fix compile error when CONFIG_XEN=n (Aaron Young) [Orabug: 30516915]
  • SUNRPC: Remove xprt_connect_status() (Trond Myklebust) [Orabug: 30513391]
  • SUNRPC: Handle ENETDOWN errors (Trond Myklebust) [Orabug: 30513391]
  • x86/platform/uv: Account for UV Hubless in is_uvX_hub Ops (Mike Travis) [Orabug: 30518602]
  • x86/platform/uv: Check EFI Boot to set reboot type (Mike Travis) [Orabug: 30518602]
  • x86/platform/uv: Decode UVsystab Info (Mike Travis) [Orabug: 30518602]
  • x86/platform/uv: Add UV Hubbed/Hubless Proc FS Files (Mike Travis) [Orabug: 30518602]
  • x86/platform/uv: Setup UV functions for Hubless UV Systems (Mike Travis) [Orabug: 30518602]
  • x86/platform/uv: Add return code to UV BIOS Init function (Mike Travis) [Orabug: 30518602]
  • x86/platform/uv: Return UV Hubless System Type (Mike Travis) [Orabug: 30518602]
  • x86/platform/uv: Save OEM_ID from ACPI MADT probe (Mike Travis) [Orabug: 30518602]
    [4.14.35-1902.8.0.1.sn]
  • rds: ib: Improve neighbor cache flush throttling (Dag Moxnes) [Orabug: 30472626]
  • KVM: VMX: Do not change PID.NDST when loading a blocked vCPU (Joao Martins) [Orabug: 30512558]
  • KVM: x86: Recompute PID.ON when clearing PID.SN (Joao Martins) [Orabug: 30512558]
  • Revert ‘KVM: VMX: sync pending posted interrupts based on PIR’ (Joao Martins) [Orabug: 30512558]
  • cpuidle: haltpoll: Take ‘idle=’ override into account (Zhenzhong Duan) [Orabug: 30519673]
  • media: cpia2_usb: first wake up, then free in disconnect (Oliver Neukum) [Orabug: 30511740] {CVE-2019-15215}
  • rds: ib: __flush_neigh_conn error messages in syslog during failover/failback (Dag Moxnes) [Orabug: 30499609]
  • kdump: decouple trace_extern_vmcoreinfo_setup from CONFIG_TRACING (Dave Kleikamp) [Orabug: 30493478]
  • media: dvb: usb: fix use after free in dvb_usb_device_exit (Oliver Neukum) [Orabug: 30490490] {CVE-2019-15213}
  • net: sit: fix memory leak in sit_init_net() (Mao Wenan) [Orabug: 30445304] {CVE-2019-16994}
  • mISDN: enforce CAP_NET_RAW for raw sockets (Ori Nimron) [Orabug: 30445156] {CVE-2019-17055}
  • ieee802154: enforce CAP_NET_RAW for raw sockets (Ori Nimron) [Orabug: 30444945] {CVE-2019-17053}
  • net: hsr: fix memory leak in hsr_dev_finalize() (Mao Wenan) [Orabug: 30444852] {CVE-2019-16995}
  • vhost/vsock: fix uninitialized vhost_vsock->guest_cid (Stefan Hajnoczi) [Orabug: 30339795]
  • fm10k: Fix a potential NULL pointer dereference (Yue Haibing) [Orabug: 30322694] {CVE-2019-15924}
  • x86/apic: Get rid of multi CPU affinity (Thomas Gleixner) [Orabug: 29645216]
  • rds: ib: need to flush neighbor cache for local peer connections on failover (Dag Moxnes) [Orabug: 30472629]

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

Related for ELSA-2019-4878