OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0038)

The remote OracleVM system is missing necessary patches to address critical security updates : - x86/speculation: Exclude ATOMs from speculation through SWAPGS Thomas Gleixner Orabug: 29967571 CVE-2019-1125 - x86/speculation: Enable Spectre v1 swapgs mitigations Josh Poimboeuf Orabug: 29967571...

Unbreakable Enterprise kernel security update

4.1.12-124.29.3 - mlx4core: change lognumqp,rdmarc with scaleprofile Mukesh Kacker Orabug: 30064080 4.1.12-124.29.2 - scsi: storvsc: Fix scsicmd error assignments in storvschandleerror Cathy Avery Orabug: 30052805 4.1.12-124.29.1 - USB: check usbgetextradescriptor for proper size Mathias Payer...

CVE-2019-12378

CVE-2019-12378 affects the Linux kernel (up to 5.1.5) in ip6_ra_control (net/ipv6/ipv6_sockglue.c). It involves an unchecked kmalloc of new_ra that could lead to a NULL pointer dereference and system crash (DoS). Note: the issue has been disputed as not an issue in some sources. No public patch d...

Linux kernel denial of service vulnerability (CNVD-2019-16428)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A denial of service vulnerability exists in ip6racontrol in net/ipv6/ipv6sockglue.c in Linux kernel 5.1.5 and earlier...