UbuntuUpdates.org

Package "linux-oracle"

Name: linux-oracle

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Header files related to Oracle Linux kernel version 4.15.0
  • Header files related to Oracle Linux kernel version 4.15.0
  • Header files related to Oracle Linux kernel version 4.15.0
  • Header files related to Oracle Linux kernel version 4.15.0

Latest version: 4.15.0-1025.28~16.04.1
Release: xenial (16.04)
Level: security
Repository: main

Links

Save this URL for the latest version of "linux-oracle": https://www.ubuntuupdates.org/linux-oracle



Other versions of "linux-oracle" in Xenial

Repository Area Version
updates main 4.15.0-1025.28~16.04.1
proposed main 4.15.0-1026.29~16.04.1
PPA: Canonical Kernel Team 4.15.0-1026.29~16.04.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 4.15.0-1017.19~16.04.2 2019-06-28 22:07:01 UTC

  linux-oracle (4.15.0-1017.19~16.04.2) xenial; urgency=medium

  * linux-oracle: 4.15.0-1017.19~16.04.2 -proposed tracker (LP: #1833978)

  [ Ubuntu: 4.15.0-1017.19 ]

  * linux-oracle: 4.15.0-1017.19 -proposed tracker (LP: #1833979)
  * linux: 4.15.0-54.58 -proposed tracker (LP: #1833987)
  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638) // CVE-2019-11478
    - tcp: refine memory limit test in tcp_fragment()
  * CVE-2019-11479
    - SAUCE: tcp: add tcp_min_snd_mss sysctl
    - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()

 -- Kleber Sacilotto de Souza <email address hidden> Tue, 25 Jun 2019 15:21:14 +0200

Source diff to previous version
1831638 Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard manipulation
CVE-2019-11478 Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling cer
CVE-2019-11479 Jonathan Looney discovered that the Linux kernel default MSS is hard-c ...

Version: 4.15.0-1015.17~16.04.1 2019-06-19 13:11:04 UTC

  linux-oracle (4.15.0-1015.17~16.04.1) xenial; urgency=medium

  [ Ubuntu: 4.15.0-1015.17 ]

  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638)
    - SAUCE: tcp: tcp_fragment() should apply sane memory limits
  * Remote denial of service (system crash) caused by integer overflow in TCP
    SACK handling (LP: #1831637)
    - SAUCE: tcp: limit payload size of sacked skbs

 -- Marcelo Henrique Cerri <email address hidden> Wed, 05 Jun 2019 16:20:03 -0300

Source diff to previous version
1831638 Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard manipulation
1831637 Remote denial of service (system crash) caused by integer overflow in TCP SACK handling

Version: 4.15.0-1014.16~16.04.1 2019-06-05 14:07:09 UTC

  linux-oracle (4.15.0-1014.16~16.04.1) xenial; urgency=medium

  * linux-oracle: 4.15.0-1014.16~16.04.1 -proposed tracker (LP: #1829208)

  [ Ubuntu: 4.15.0-1014.16 ]

  * linux-oracle: 4.15.0-1014.16 -proposed tracker (LP: #1829210)
  * linux: 4.15.0-51.55 -proposed tracker (LP: #1829219)
  * disable a.out support (LP: #1818552)
    - [Config] Disable a.out support
  * [UBUNTU] qdio: clear intparm during shutdown (LP: #1828394)
    - s390/qdio: clear intparm during shutdown
  * ftrace in ubuntu_kernel_selftests hang with Cosmic kernel (LP: #1826385)
    - kprobes/x86: Fix instruction patching corruption when copying more than one
      RIP-relative instruction
  * touchpad not working on lenovo yoga 530 (LP: #1787775)
    - Revert "UBUNTU: SAUCE: i2c:amd Depends on ACPI"
    - Revert "UBUNTU: SAUCE: i2c:amd move out pointer in union i2c_event_base"
    - Revert "UBUNTU: SAUCE: i2c:amd I2C Driver based on PCI Interface for
      upcoming platform"
    - i2c: add helpers to ease DMA handling
    - i2c: add a message flag for DMA safe buffers
    - i2c: add extra check to safe DMA buffer helper
    - i2c: Add drivers for the AMD PCIe MP2 I2C controller
    - [Config] Update config for AMD MP2 I2C driver
    - [Config] Update I2C_AMD_MP2 annotations
  * tm-unavailable in powerpc/tm failed on Bionic Power9 (LP: #1813129)
    - selftests/powerpc: Check for pthread errors in tm-unavailable
    - selftests/powerpc: Skip tm-unavailable if TM is not enabled
  * cp_abort in powerpc/context_switch from ubunut_kernel_selftests failed on
    Bionic P9 (LP: #1813134)
    - selftests/powerpc: Remove redundant cp_abort test
  * bionic/linux: completely remove snapdragon files from sources (LP: #1827880)
    - [Packaging] remove snapdragon dead files
    - [Config] update configs after snapdragon removal
  * The noise keeps occurring when Headset is plugged in on a Dell machine
    (LP: #1827972)
    - ALSA: hda/realtek - Fixed Dell AIO speaker noise
  * Geneve tunnels don't work when ipv6 is disabled (LP: #1794232)
    - geneve: correctly handle ipv6.disable module parameter
  * There are 4 HDMI/Displayport audio output listed in sound setting without
    attach any HDMI/DP monitor (LP: #1827967)
    - ALSA: hda/hdmi - Read the pin sense from register when repolling
    - ALSA: hda/hdmi - Consider eld_valid when reporting jack event
  * Headphone jack switch sense is inverted: plugging in headphones disables
    headphone output (LP: #1824259)
    - ASoC: rt5645: Headphone Jack sense inverts on the LattePanda board
  * CTAUTO:DevOps:860.50:devops4fp1:Error occurred during LINUX Dmesg error
    Checking for all LINUX clients for devops4p10 (LP: #1766201)
    - SAUCE: integrity: downgrade error to warning
  * Screen freeze after resume from S3 when HDMI monitor plugged on Dell
    Precision 7740 (LP: #1825958)
    - PCI: Restore resized BAR state on resume
  * potential memory corruption on arm64 on dev release (LP: #1827437)
    - driver core: Postpone DMA tear-down until after devres release
  * powerpc/pmu/ebb test in ubuntu_kernel_selftest failed with "error while
    loading shared libraries" on Bionic/Cosmic PowerPC (LP: #1812805)
    - selftests/powerpc/pmu: Link ebb tests with -no-pie
  * unnecessary request_queue freeze (LP: #1815733)
    - block: avoid setting nr_requests to current value
    - block: avoid setting none scheduler if it's already none
  * Kprobe event string type argument failed in ftrace from
    ubuntu_kernel_selftests on B/C i386 (LP: #1825780)
    - selftests/ftrace: Fix kprobe string testcase to not probe notrace function
  * hns: fix socket accounting (LP: #1826911)
    - net: hns: fix skb->truesize underestimation
  * False positive test result in run_netsocktests from net in
    ubuntu_kernel_selftest (LP: #1825777)
    - selftests/net: correct the return value for run_netsocktests

 -- Kleber Sacilotto de Souza <email address hidden> Mon, 20 May 2019 16:28:32 +0200

Source diff to previous version
1818552 disable a.out support
1828394 [UBUNTU] qdio: clear intparm during shutdown
1826385 ftrace in ubuntu_kernel_selftests hang with Cosmic kernel
1787775 touchpad not working on lenovo yoga 530
1813129 tm-unavailable in powerpc/tm failed on Bionic Power9
1813134 cp_abort in powerpc/context_switch from ubunut_kernel_selftests failed on Bionic P9
1827880 bionic/linux: completely remove snapdragon files from sources
1827972 The noise keeps occurring when Headset is plugged in on a Dell machine
1794232 Geneve tunnels don't work when ipv6 is disabled
1827967 There are 4 HDMI/Displayport audio output listed in sound setting without attach any HDMI/DP monitor
1824259 Headphone jack switch sense is inverted: plugging in headphones disables headphone output
1766201 CTAUTO:DevOps:860.50:devops4fp1:Error occurred during LINUX Dmesg error Checking for all LINUX clients for devops4p10
1825958 Screen freeze after resume from S3 when HDMI monitor plugged on Dell Precision 7740
1827437 potential memory corruption on arm64 on dev release
1812805 powerpc/pmu/ebb test in ubuntu_kernel_selftest failed with \
1815733 unnecessary request_queue freeze
1825780 Kprobe event string type argument failed in ftrace from ubuntu_kernel_selftests on B/C i386
1826911 hns: fix socket accounting
1825777 False positive test result in run_netsocktests from net in ubuntu_kernel_selftest

Version: 4.15.0-1013.15~16.04.1 2019-05-15 21:07:11 UTC

  linux-oracle (4.15.0-1013.15~16.04.1) xenial; urgency=medium

  [ Ubuntu: 4.15.0-1013.15 ]

  * CVE-2018-12126 // CVE-2018-12127 // CVE-2018-12130
    - Documentation/l1tf: Fix small spelling typo
    - x86/cpu: Sanitize FAM6_ATOM naming
    - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID
    - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a
      new <linux/bits.h> file
    - tools include: Adopt linux/bits.h
    - x86/msr-index: Cleanup bit defines
    - x86/speculation: Consolidate CPU whitelists
    - x86/speculation/mds: Add basic bug infrastructure for MDS
    - x86/speculation/mds: Add BUG_MSBDS_ONLY
    - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests
    - x86/speculation/mds: Add mds_clear_cpu_buffers()
    - x86/speculation/mds: Clear CPU buffers on exit to user
    - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
    - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
    - x86/speculation/mds: Add mitigation control for MDS
    - x86/speculation/mds: Add sysfs reporting for MDS
    - x86/speculation/mds: Add mitigation mode VMWERV
    - Documentation: Move L1TF to separate directory
    - Documentation: Add MDS vulnerability documentation
    - x86/speculation/mds: Add mds=full,nosmt cmdline option
    - x86/speculation: Move arch_smt_update() call to after mitigation decisions
    - x86/speculation/mds: Add SMT warning message
    - x86/speculation/mds: Fix comment
    - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
    - x86/speculation/mds: Add 'mitigations=' support for MDS
  * CVE-2017-5715 // CVE-2017-5753
    - s390/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5753 // CVE-2017-5754 // CVE-2018-3639
    - powerpc/speculation: Support 'mitigations=' cmdline option
  * CVE-2017-5715 // CVE-2017-5754 // CVE-2018-3620 // CVE-2018-3639 //
    CVE-2018-3646
    - cpu/speculation: Add 'mitigations=' cmdline option
    - x86/speculation: Support 'mitigations=' cmdline option
  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

Source diff to previous version
1786013 Packaging resync
CVE-2018-12126 MSBDS Microarchitectural Store Buffer Data Sampling
CVE-2018-12127 MLPDS Microarchitectural Load Port Data Sampling
CVE-2018-12130 MFBDS Microarchitectural Fill Buffer Data Sampling
CVE-2017-5715 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2017-5753 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wi
CVE-2017-5754 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an at
CVE-2018-3639 Speculative Store Bypass
CVE-2018-3620 L1 Terminal Fault-OS/SMM Foreshadow-NG
CVE-2018-3646 L1 Terminal Fault-VMM

Version: 4.15.0-1010.12~16.04.1 2019-04-02 16:12:09 UTC

  linux-oracle (4.15.0-1010.12~16.04.1) xenial; urgency=medium

  * linux-oracle: 4.15.0-1010.12~16.04.1 -proposed tracker (LP: #1819703)

  * Packaging resync (LP: #1786013)
    - [Packaging] update update.conf
    - [Packaging] update helper scripts

  * Strip specific changes from update-from-*master (LP: #1817734)
    - Packaging: Introduce copy-files and local-mangle
    - Packaging: Make update-from-*master call copy-files

  [ Ubuntu: 4.15.0-1010.12 ]

  * linux-oracle: 4.15.0-1010.12 -proposed tracker (LP: #1819704)
  * hot add VF to net_failover - could not rename interface '8' from 'eth0' to
    'ens4': Device or resource busy (LP: #1815268)
    - SAUCE: net_failover: delay taking over primary device to accommodate udevd
      renaming
  * linux: 4.15.0-47.50 -proposed tracker (LP: #1819716)
  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts
    - [Packaging] resync retpoline extraction
  * C++ demangling support missing from perf (LP: #1396654)
    - [Packaging] fix a mistype
  * arm-smmu-v3 arm-smmu-v3.3.auto: CMD_SYNC timeout (LP: #1818162)
    - iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout
  * Crash in nvme_irq_check() when using threaded interrupts (LP: #1818747)
    - nvme-pci: fix out of bounds access in nvme_cqe_pending
  * CVE-2019-9213
    - mm: enforce min addr even if capable() in expand_downwards()
  * CVE-2019-3460
    - Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
  * amdgpu with mst WARNING on blanking (LP: #1814308)
    - drm/amd/display: Don't use dc_link in link_encoder
    - drm/amd/display: Move wait for hpd ready out from edp power control.
    - drm/amd/display: eDP sequence BL off first then DP blank.
    - drm/amd/display: Fix unused variable compilation error
    - drm/amd/display: Fix warning about misaligned code
    - drm/amd/display: Fix MST dp_blank REG_WAIT timeout
  * tun/tap: unable to manage carrier state from userland (LP: #1806392)
    - tun: implement carrier change
  * CVE-2019-8980
    - exec: Fix mem leak in kernel_read_file
  * raw_skew in timer from the ubuntu_kernel_selftests failed on Bionic
    (LP: #1811194)
    - selftest: timers: Tweak raw_skew to SKIP when ADJ_OFFSET/other clock
      adjustments are in progress
  * [Packaging] Allow overlay of config annotations (LP: #1752072)
    - [Packaging] config-check: Add an include directive
  * CVE-2019-7308
    - bpf: move {prev_,}insn_idx into verifier env
    - bpf: move tmp variable into ax register in interpreter
    - bpf: enable access to ax register also from verifier rewrite
    - bpf: restrict map value pointer arithmetic for unprivileged
    - bpf: restrict stack pointer arithmetic for unprivileged
    - bpf: restrict unknown scalars of mixed signed bounds for unprivileged
    - bpf: fix check_map_access smin_value test when pointer contains offset
    - bpf: prevent out of bounds speculation on pointer arithmetic
    - bpf: fix sanitation of alu op with pointer / scalar type from different
      paths
    - bpf: add various test cases to selftests
  * CVE-2017-5753
    - bpf: properly enforce index mask to prevent out-of-bounds speculation
    - bpf: fix inner map masking to prevent oob under speculation
  * BPF: kernel pointer leak to unprivileged userspace (LP: #1815259)
    - bpf/verifier: disallow pointer subtraction
  * squashfs hardening (LP: #1816756)
    - squashfs: more metadata hardening
    - squashfs metadata 2: electric boogaloo
    - squashfs: more metadata hardening
    - Squashfs: Compute expected length from inode size rather than block length
  * efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted (LP: #1814982)
    - efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted
  * Update ENA driver to version 2.0.3K (LP: #1816806)
    - net: ena: update driver version from 2.0.2 to 2.0.3
    - net: ena: fix race between link up and device initalization
    - net: ena: fix crash during failed resume from hibernation
  * ipset kernel error: 4.15.0-43-generic (LP: #1811394)
    - netfilter: ipset: Fix wraparound in hash:*net* types
  * Silent "Unknown key" message when pressing keyboard backlight hotkey
    (LP: #1817063)
    - platform/x86: dell-wmi: Ignore new keyboard backlight change event
  * CVE-2018-18021
    - arm64: KVM: Tighten guest core register access from userspace
    - KVM: arm/arm64: Introduce vcpu_el1_is_32bit
    - arm64: KVM: Sanitize PSTATE.M when being set from userspace
  * CVE-2018-14678
    - x86/entry/64: Remove %ebx handling from error_entry/exit
  * CVE-2018-19824
    - ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c
  * CVE-2019-3459
    - Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer
  * Bionic update: upstream stable patchset 2019-02-08 (LP: #1815234)
    - fork: unconditionally clear stack on fork
    - spi: spi-s3c64xx: Fix system resume support
    - Input: elan_i2c - add ACPI ID for lenovo ideapad 330
    - Input: i8042 - add Lenovo LaVie Z to the i8042 reset list
    - Input: elan_i2c - add another ACPI ID for Lenovo Ideapad 330-15AST
    - kvm, mm: account shadow page tables to kmemcg
    - delayacct: fix crash in delayacct_blkio_end() after delayacct init failure
    - tracing: Fix double free of event_trigger_data
    - tracing: Fix possible double free in event_enable_trigger_func()
    - kthread, tracing: Don't expose half-written comm when creating kthreads
    - tracing/kprobes: Fix trace_probe flags on enable_trace_kprobe() failure
    - tracing: Quiet gcc warning about maybe unused link variable
    - arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups
    - mlxsw: spectrum_switchdev: Fix port_vlan refcounting
    - kcov: ensure irq code sees a valid area
    - xen/netfront: raise max number of slots in xennet_get_responses()
    - skip LAYOUTRETURN if layout is invalid
    - ALSA: emu10k1: add error handling for snd_ctl_add
    - ALSA: fm801: add error handlin

1786013 Packaging resync
1817734 Strip specific changes from update-from-*master
1815268 hot add VF to net_failover - could not rename interface '8' from 'eth0' to 'ens4': Device or resource busy
1818162 arm-smmu-v3 arm-smmu-v3.3.auto: CMD_SYNC timeout
1818747 Crash in nvme_irq_check() when using threaded interrupts
1814308 amdgpu with mst WARNING on blanking
1806392 tun/tap: unable to manage carrier state from userland
1811194 raw_skew in timer from the ubuntu_kernel_selftests failed on Bionic
1752072 [Packaging] Allow overlay of config annotations
1815259 BPF: kernel pointer leak to unprivileged userspace
1816756 squashfs hardening
1814982 efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted
1816806 Update ENA driver to version 2.0.3K
1811394 ipset kernel error: 4.15.0-43-generic
1817063 Silent \
1815234 Bionic update: upstream stable patchset 2019-02-08
1814813 Bionic update: upstream stable patchset 2019-02-05
1817321 installer does not support iSCSI iBFT
1817628 Regular D-state processes impacting LXD containers
1817969 hns3 nic speed may not match optical port speed
1802021 [Hyper-V] srcu: Lock srcu_data structure in srcu_gp_start()
1817784 libsas disks can have non-unique by-path names
1817518 Bluetooth not working (Intel CyclonePeak)
1817200 Trackpad is not recognized.
1815831 [ALSA] [PATCH] System76 darp5 and oryp5 fixups
1817263 Constant noise in the headphone on Lenovo X1 machines
1745032 AC adapter status not detected on Asus ZenBook UX410UAK
1762672 TPM intermittently fails after cold-boot
1815033 qlcnic: Firmware aborts/hangs in QLogic NIC
CVE-2019-9213 In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to
CVE-2019-3460 Heap data infoleak in multiple locations including functionl2cap_parse_conf_rsp
CVE-2019-8980 A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory
CVE-2019-7308 kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, includ
CVE-2017-5753 Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wi
CVE-2018-18021 arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. This is exploitable by at
CVE-2018-14678 An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/e
CVE-2018-19824 In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with ze
CVE-2019-3459 Heap address infoleak in use of l2cap_get_conf_opt
CVE-2019-7222 KVM: x86: work around leak of uninitialized stack contents
CVE-2019-7221 KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer
CVE-2019-6974 In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading
CVE-2019-8912 In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to



About   -   Send Feedback to @ubuntu_updates