Subject: | |
From: | |
Reply To: | |
Date: | Thu, 8 Mar 2018 11:59:35 -0600 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
An updated gcc that supports this option is scheduled for publication on
Tuesday.
Pat
On 03/08/2018 11:46 AM, Gilles Detillieux wrote:
> I realize this problem was likely introduced by upsteam updates, but I
> thought I'd point it out here anyway so you're aware of it. An
> unintended consequence of this latest kernel update is that it breaks
> recompilation of third-party kernel modules. The new kernel was built
> with CONFIG_RETPOLINE enabled, so presumably with a compiler that
> supports it, but that updated compiler hasn't been released through a
> corresponding security ERRATA update. (Not yet, anyway.) When I try to
> build a third-party device driver, I get the following error:
>
> make[1]: Entering directory `/usr/src/kernels/3.10.0-693.21.1.el7.x86_64'
> arch/x86/Makefile:166: *** CONFIG_RETPOLINE=y, but not supported by
> the compiler. Toolchain update recommended.. Stop.
> make[1]: Leaving directory `/usr/src/kernels/3.10.0-693.21.1.el7.x86_64'
> make: *** [default] Error 2
>
> Is an update of the compiler toolchain for RHEL7/SL7 through the usual
> update repos forthcoming? Until then, I don't think I can use this
> kernel update on systems that rely on that 3rd party driver.
>
> Thanks,
> Gilles
>
> On 2018-03-07 16:16, Pat Riehecky wrote:
>> Synopsis: Important: kernel security and bug fix update
>> Advisory ID: SLSA-2018:0395-1
>> Issue Date: 2018-03-06
>> CVE Numbers: CVE-2017-7518
>> CVE-2017-12188
>> --
>>
>> Security Fix(es):
>>
>> * Kernel: KVM: MMU potential stack buffer overrun during page walks
>> (CVE-2017-12188, Important)
>>
>> * Kernel: KVM: debug exception via syscall emulation (CVE-2017-7518,
>> Moderate)
>> --
>>
>> SL7
>> x86_64
>> kernel-3.10.0-693.21.1.el7.x86_64.rpm
>> kernel-debug-3.10.0-693.21.1.el7.x86_64.rpm
>> kernel-debug-debuginfo-3.10.0-693.21.1.el7.x86_64.rpm
>> kernel-debug-devel-3.10.0-693.21.1.el7.x86_64.rpm
>> kernel-debuginfo-3.10.0-693.21.1.el7.x86_64.rpm
>> kernel-debuginfo-common-x86_64-3.10.0-693.21.1.el7.x86_64.rpm
>> kernel-devel-3.10.0-693.21.1.el7.x86_64.rpm
>> kernel-headers-3.10.0-693.21.1.el7.x86_64.rpm
>> kernel-tools-3.10.0-693.21.1.el7.x86_64.rpm
>> kernel-tools-debuginfo-3.10.0-693.21.1.el7.x86_64.rpm
>> kernel-tools-libs-3.10.0-693.21.1.el7.x86_64.rpm
>> perf-3.10.0-693.21.1.el7.x86_64.rpm
>> perf-debuginfo-3.10.0-693.21.1.el7.x86_64.rpm
>> python-perf-3.10.0-693.21.1.el7.x86_64.rpm
>> python-perf-debuginfo-3.10.0-693.21.1.el7.x86_64.rpm
>> kernel-tools-libs-devel-3.10.0-693.21.1.el7.x86_64.rpm
>> noarch
>> kernel-abi-whitelists-3.10.0-693.21.1.el7.noarch.rpm
>> kernel-doc-3.10.0-693.21.1.el7.noarch.rpm
>>
>> - Scientific Linux Development Team
>
--
Pat Riehecky
Fermi National Accelerator Laboratory
www.fnal.gov
www.scientificlinux.org
|
|
|