OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0038)

The remote OracleVM system is missing necessary patches to address critical security updates : - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 29967571 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 29967571...

Unbreakable Enterprise kernel security update

4.1.12-124.29.3 - mlx4core: change lognumqp,rdmarc with scaleprofile Mukesh Kacker Orabug: 30064080 4.1.12-124.29.2 - scsi: storvsc: Fix scsicmd error assignments in storvschandleerror Cathy Avery Orabug: 30052805 4.1.12-124.29.1 - USB: check usbgetextradescriptor for proper size Mathias Payer...

DEBIAN-CVE-2019-12381

An issue was discovered in ipracontrol in net/ipv4/ipsockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of newra, which might allow an attacker to cause a denial of service NULL pointer dereference and system crash. NOTE: this is disputed because newra is never used if it...

Linux kernel denial of service vulnerability (CNVD-2019-16431)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in ipracontrol in net/ipv4/ipsockglue.c in Linux kernel 5.1.5 and earlier. A...