What Are You Looking For?

Sign Up
Oracle Linux Security Advisory ELSA-2022-9198

https://linux.oracle.com/errata/ELSA-2022-9198.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-4.14.35-2047.511.5.4.el7uek.x86_64.rpm
kernel-uek-debug-4.14.35-2047.511.5.4.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.14.35-2047.511.5.4.el7uek.x86_64.rpm
kernel-uek-devel-4.14.35-2047.511.5.4.el7uek.x86_64.rpm
kernel-uek-tools-4.14.35-2047.511.5.4.el7uek.x86_64.rpm
kernel-uek-doc-4.14.35-2047.511.5.4.el7uek.noarch.rpm


SRPMS:
https://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.14.35-2047.511.5.4.el7uek.src.rpm

Related CVEs:

CVE-2021-26341




Description of changes:

[4.14.35-2047.511.5.4.el7uek]
- x86/speculation: Add knob for eibrs_retpoline_enabled (Patrick Colp)  [Orabug: 33922122]  {CVE-2021-26341}
- x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline (Patrick Colp)  [Orabug: 33922122]  {CVE-2021-26341}
- x86/speculation: Update link to AMD speculation whitepaper (Kim Phillips)  [Orabug: 33922122]  {CVE-2021-26341}
- x86/speculation: Use generic retpoline by default on AMD (Kim Phillips)  [Orabug: 33922122]  {CVE-2021-26341}
- x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting (Josh Poimboeuf)  [Orabug: 33922122]  {CVE-2021-26341}
- Documentation/hw-vuln: Update spectre doc (Peter Zijlstra)  [Orabug: 33922122]  {CVE-2021-26341}
- x86/speculation: Add eIBRS + Retpoline options (Peter Zijlstra)  [Orabug: 33922122]  {CVE-2021-26341}
- x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE (Peter Zijlstra (Intel))  [Orabug: 33922122]  {CVE-2021-26341}
- x86/speculation: Merge one test in spectre_v2_user_select_mitigation() (Borislav Petkov)  [Orabug: 33922122]  {CVE-2021-26341}
- x86/speculation: Update ALTERNATIVEs to (more closely) match upstream (Patrick Colp)  [Orabug: 33922122]  {CVE-2021-26341}
- x86/speculation: Fix bug in retpoline mode on AMD with `spectre_v2=none` (Patrick Colp)  [Orabug: 33922122]  {CVE-2021-26341}
- bpf: Add kconfig knob for disabling unpriv bpf by default (Daniel Borkmann)  [Orabug: 33926438]


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle7: ELSA-2022-9198: kernel Important Security Update

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

Summary

[4.14.35-2047.511.5.4.el7uek] - x86/speculation: Add knob for eibrs_retpoline_enabled (Patrick Colp) [Orabug: 33922122] {CVE-2021-26341} - x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline (Patrick Colp) [Orabug: 33922122] {CVE-2021-26341} - x86/speculation: Update link to AMD speculation whitepaper (Kim Phillips) [Orabug: 33922122] {CVE-2021-26341} - x86/speculation: Use generic retpoline by default on AMD (Kim Phillips) [Orabug: 33922122] {CVE-2021-26341} - x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting (Josh Poimboeuf) [Orabug: 33922122] {CVE-2021-26341} - Documentation/hw-vuln: Update spectre doc (Peter Zijlstra) [Orabug: 33922122] {CVE-2021-26341} - x86/speculation: Add eIBRS + Retpoline options (Peter Zijlstra) [Orabug: 33922122] {CVE-2021-26341} - x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE (Peter Zijlstra (Intel)) [Orabug: 33922122] {CVE-2021-26341} - x86/speculation: Merge one test in spectre_v2_user_select_mitigation() (Borislav Petkov) [Orabug: 33922122] {CVE-2021-26341} - x86/speculation: Update ALTERNATIVEs to (more closely) match upstream (Patrick Colp) [Orabug: 33922122] {CVE-2021-26341} - x86/speculation: Fix bug in retpoline mode on AMD with `spectre_v2=none` (Patrick Colp) [Orabug: 33922122] {CVE-2021-26341} - bpf: Add kconfig knob for disabling unpriv bpf by default (Daniel Borkmann) [Orabug: 33926438]

SRPMs

https://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.14.35-2047.511.5.4.el7uek.src.rpm

x86_64

kernel-uek-4.14.35-2047.511.5.4.el7uek.x86_64.rpm kernel-uek-debug-4.14.35-2047.511.5.4.el7uek.x86_64.rpm kernel-uek-debug-devel-4.14.35-2047.511.5.4.el7uek.x86_64.rpm kernel-uek-devel-4.14.35-2047.511.5.4.el7uek.x86_64.rpm kernel-uek-tools-4.14.35-2047.511.5.4.el7uek.x86_64.rpm kernel-uek-doc-4.14.35-2047.511.5.4.el7uek.noarch.rpm

aarch64

i386

Severity
Related CVEs: CVE-2021-26341

Related News

Linux version of Qilin ransomware focuses on VMware ESXi

Dec 4, 2023

Tails 5.20 Brings Latest Tor Browser, Ditches AdGuard Filter List

Nov 29, 2023

CISA Orders Federal Agencies to Patch Looney Tunables Linux Bug

Nov 25, 2023

How Meta Patches Linux at Hyperscale

Dec 2, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo