ELSA-2019-4708

Affecting python-perf package, versions oracle:7: <0:4.14.35-1902.3.1.el7uek

low severity
Do your applications use this vulnerable package? Test your applications

Overview

[4.14.35-1902.3.1] - x86/platform/UV: Mark tsc_check_sync as an init function (mike.travis@hpe.com) [Orabug: 29701029] - mm, page_alloc: check for max order in hot path (Michal Hocko) [Orabug: 29924411] - net/mlx5: FW tracer, Enable tracing (Feras Daoud) [Orabug: 29717200] - net/mlx5: FW tracer, parse traces and kernel tracing support (Feras Daoud) [Orabug: 29717200] - net/mlx5: FW tracer, events handling (Feras Daoud) [Orabug: 29717200] - net/mlx5: FW tracer, register log buffer memory key (Saeed Mahameed) [Orabug: 29717200] - net/mlx5: FW tracer, create trace buffer and copy strings database (Feras Daoud) [Orabug: 29717200] - net/mlx5: FW tracer, implement tracer logic (Feras Daoud) [Orabug: 29717200] - net/mlx5: FW tracer, add hardware structures (Feras Daoud) [Orabug: 29717200] - net/mlx5: Mkey creation command adjustments (Ariel Levkovich) [Orabug: 29717200] - rds: Incorrect locking in rds_tcp_conn_path_shutdown() (Ka-Cheong Poon) [Orabug: 29814108] - rds: Add per namespace RDS/TCP accept work queue (Ka-Cheong Poon) [Orabug: 29814108] - rds: ib: Fix dereference of conn when NULL and cleanup thereof (Hakon Bugge) [Orabug: 29924845] - AMD: Change CONFIG_EDAC_DECODE_MCE to built-in (George Kennedy) [Orabug: 29926109] - watchdog: sp5100_tco: Add support for recent FCH versions (Guenter Roeck) [Orabug: 29933621] - watchdog: sp5100-tco: Abort if watchdog is disabled by hardware (Guenter Roeck) [Orabug: 29933621] - watchdog: sp5100_tco: Use bit operations (Guenter Roeck) [Orabug: 29933621] - watchdog: sp5100_tco: Convert to use watchdog subsystem (Guenter Roeck) [Orabug: 29933621] - watchdog: sp5100_tco: Clean up function and variable names (Guenter Roeck) [Orabug: 29933621] - watchdog: sp5100_tco: Use dev_ print functions where possible (Guenter Roeck) [Orabug: 29933621] - watchdog: sp5100_tco: Match PCI device early (Guenter Roeck) [Orabug: 29933621] - watchdog: sp5100_tco: Clean up sp5100_tco_setupdevice (Guenter Roeck) [Orabug: 29933621] - watchdog: sp5100_tco: Use standard error codes (Guenter Roeck) [Orabug: 29933621] - watchdog: sp5100_tco: Use request_muxed_region where possible (Guenter Roeck) [Orabug: 29933621] - watchdog: sp5100_tco: Always use SP5100_IO_PM_{INDEX_REG,DATA_REG} (Guenter Roeck) [Orabug: 29933621] - i2c: piix4: Use request_muxed_region (Guenter Roeck) [Orabug: 29933621] - i2c: piix4: Use usleep_range() (Guenter Roeck) [Orabug: 29933621] - i2c: piix4: Fix port number check on release (Jean Delvare) [Orabug: 29933621] - scsi: smartpqi: correct lun reset issues (Kevin Barnett) [Orabug: 29939095] [4.14.35-1902.3.0] - nvme.h: fixup ANA group descriptor format (Hannes Reinecke) [Orabug: 29750813] - nvme: validate cntlid during controller initialisation (Christoph Hellwig) [Orabug: 29750813] - nvme: change locking for the per-subsystem controller list (Christoph Hellwig) [Orabug: 29750813] - net/mlx5e: Disable ODP capability advertizing and close kernel ODP flows (Qing Huang) [Orabug: 29786503] - EDAC/amd64: Adjust printed chip select sizes when interleaved (Yazen Ghannam) [Orabug: 29861840] - EDAC/amd64: Support more than two controllers for chip select handling (Yazen Ghannam) [Orabug: 29861840] - EDAC/amd64: Recognize x16 symbol size (Yazen Ghannam) [Orabug: 29861840] - EDAC/amd64: Set maximum channel layer size depending on family (Yazen Ghannam) [Orabug: 29861840] - EDAC/amd64: Support more than two Unified Memory Controllers (Yazen Ghannam) [Orabug: 29861840] - EDAC/amd64: Use a macro for iterating over Unified Memory Controllers (Yazen Ghannam) [Orabug: 29861840] - EDAC/amd64: Add Family 17h Model 30h PCI IDs (Yazen Ghannam) [Orabug: 29861840] - EDAC, amd64: Add Family 17h, models 10h-2fh support (Michael Jin) [Orabug: 29861840] - libnvdimm/namespace: Fix label tracking error (Dan Williams) [Orabug: 29839902] - fork: record start_time late (David Herrmann) [Orabug: 29850579] {CVE-2019-6133} - IB/mlx5: Removed an empty file introduced by Mellanox backport (Qing Huang) [Orabug: 29891479] - config: enable PSI (Tom Hromatka) [Orabug: 29896487] - net/mlx5: Set FW pre-init timeout to 120k (Yuval Shaia) [Orabug: 29906258]

References

CVE
ELSA-2019-4708
Snyk ID
SNYK-LINUX-PYTHONPERF-452655
Published
24 Jul, 2019