Upgrade kernel patch to CentOS7.6 3.10.0-957.12.2

New set of CVEs was reported against Intel CPUs: CVE-2018-12126, CVE-2018-12127, CVE-2018-12130 and CVE-2019-11091. For these CVEs there are RH and CentOS updates available. CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/ corporate-information/SA00233-microcode-update-guidance_05132019.pdf CVE-2018-12127: Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/ corporate-information/SA00233-microcode-update-guidance_05132019.pdf CVE-2018-12130: Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/ corporate-information/SA00233-microcode-update-guidance_05132019.pdf CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory(MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/ corporate-information/SA00233-microcode-update-guidance_05132019.pdf These are from the http://cve.mitre.org website. These are the MDS security CVEs. Closes-Bug: 1830487 Change-Id: I9c69ca78dc046128521d2a46b520f9c242fe6e56 Signed-off-by: zhiguo.zhang <zhiguox.zhang@intel.com>
2019-06-04 23:48:11 +08:00 · 2019-06-04 23:48:11 +08:00 · ecf223e163
parent 78258f737f
commit ecf223e163
2 changed files with 4 additions and 4 deletions
--- a/centos-mirror-tools/rpms_centos.lst
+++ b/centos-mirror-tools/rpms_centos.lst
@ -525,8 +525,8 @@ kbd-1.15.5-15.el7.x86_64.rpm
 kbd-legacy-1.15.5-15.el7.noarch.rpm
 kbd-misc-1.15.5-15.el7.noarch.rpm
 kde-filesystem-4-47.el7.x86_64.rpm
-kernel-3.10.0-957.1.3.el7.src.rpm
-kernel-headers-3.10.0-957.1.3.el7.x86_64.rpm
+kernel-3.10.0-957.12.2.el7.src.rpm
+kernel-headers-3.10.0-957.12.2.el7.x86_64.rpm
 keyutils-1.5.8-3.el7.x86_64.rpm
 keyutils-libs-1.5.8-3.el7.x86_64.rpm
 keyutils-libs-devel-1.5.8-3.el7.x86_64.rpm
@ -854,7 +854,7 @@ mesa-libGLU-9.0.0-4.el7.x86_64.rpm
 mesa-libGLU-devel-9.0.0-4.el7.x86_64.rpm
 mesa-libwayland-egl-18.0.5-3.el7.x86_64.rpm
 mesa-libwayland-egl-devel-18.0.5-3.el7.x86_64.rpm
-microcode_ctl-2.1-47.el7.x86_64.rpm
+microcode_ctl-2.1-47.2.el7_6.x86_64.rpm
 mod_wsgi-3.4-18.el7.x86_64.rpm
 moyogo-molengo-fonts-0.10-9.el7.noarch.rpm
 mozilla-fira-fonts-common-4.202-1.el7.noarch.rpm
--- a/centos-mirror-tools/rpms_centos3rdparties.lst
+++ b/centos-mirror-tools/rpms_centos3rdparties.lst
@ -39,7 +39,7 @@ iprutils-2.4.16.1-1.el7.x86_64.rpm
 java-1.8.0-openjdk-1.8.0.191.b12-1.el7_6.x86_64.rpm
 java-1.8.0-openjdk-devel-1.8.0.191.b12-1.el7_6.x86_64.rpm
 java-1.8.0-openjdk-headless-1.8.0.191.b12-1.el7_6.x86_64.rpm
-kernel-rt-3.10.0-957.1.3.rt56.913.el7.src.rpm
+kernel-rt-3.10.0-957.12.2.rt56.929.el7.src.rpm
 kexec-tools-2.0.15-21.el7.x86_64.rpm
 libblkid-2.23.2-59.el7.x86_64.rpm
 libcom_err-1.42.9-13.el7.x86_64.rpm