Updated Unbreakable Enterprise kernel packages has been released for Oracle Linux 7 to address security issues on some Intel CPUs
Oracle Linux Security Advisory ELSA-2019-4838
http://linux.oracle.com/errata/ELSA-2019-4838.html
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
kernel-uek-firmware-3.8.13-118.39.1.1.el7uek.noarch.rpm
kernel-uek-doc-3.8.13-118.39.1.1.el7uek.noarch.rpm
kernel-uek-3.8.13-118.39.1.1.el7uek.x86_64.rpm
kernel-uek-devel-3.8.13-118.39.1.1.el7uek.x86_64.rpm
kernel-uek-debug-devel-3.8.13-118.39.1.1.el7uek.x86_64.rpm
kernel-uek-debug-3.8.13-118.39.1.1.el7uek.x86_64.rpm
dtrace-modules-3.8.13-118.39.1.1.el7uek-0.4.5-3.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-3.8.13-118.39.1.1.el7uek.src.rpm
http://oss.oracle.com/ol7/SRPMS-updates/dtrace-modules-3.8.13-118.39.1.1.el7uek-0.4.5-3.el7.src.rpm
Description of changes:
kernel-uek
[3.8.13-118.39.1.1.el7uek]
- x86/tsx: Add config options to set tsx=on|off|auto (Michal Hocko)
[Orabug: 30419232] {CVE-2019-11135}
- x86/speculation/taa: Add documentation for TSX Async Abort (Pawan
Gupta) [Orabug: 30419232] {CVE-2019-11135}
- x86/tsx: Add "auto" option to TSX cmdline parameter (Pawan Gupta)
[Orabug: 30419232] {CVE-2019-11135}
- x86/speculation/taa: Add sysfs reporting for TSX Async Abort (Pawan
Gupta) [Orabug: 30419232] {CVE-2019-11135}
- x86/speculation/taa: Add mitigation for TSX Async Abort (Pawan Gupta)
[Orabug: 30419232] {CVE-2019-11135}
- x86/tsx: Add TSX cmdline option with TSX disabled by default (Pawan
Gupta) [Orabug: 30419232] {CVE-2019-11135}
- x86: Add helper function x86_read_arch_cap_msr() (Pawan Gupta)
[Orabug: 30419232] {CVE-2019-11135}
- x86/tsx: Add enumeration support for IA32_TSX_CTRL MSR (Pawan Gupta)
[Orabug: 30419232] {CVE-2019-11135}