ELBA-2024-4349-1
- ULN >
- Oracle Linux Errata repository >
- ELBA-2024-4349-1
ELBA-2024-4349-1 - kernel bug fix update
| Type: | BUG |
| Impact: | NA |
| Release Date: | 2024-07-08 |
Description
- [5.14.0-427.24.1.0.1.el9_4.OL9]
- Revert 'crypto: testmgr - allow ecdsa-nist-p256 and -p384 in FIPS mode' [Orabug: 36638086]
- Update module name for cryptographic module [Orabug: 36324521]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
[5.14.0-427.24.1.el9_4]
- net/bnx2x: Prevent access to a freed page in page_pool (Michal Schmidt) [RHEL-43272 RHEL-23117]
- bnx2x: new flag for track HW resource allocation (Michal Schmidt) [RHEL-43272 RHEL-23117]
- bnx2x: fix page fault following EEH recovery (Michal Schmidt) [RHEL-43272 RHEL-23117]
- bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending() (Michal Schmidt) [RHEL-43272 RHEL-23117]
- bnx2x: fix potential memory leak in bnx2x_tpa_stop() (Michal Schmidt) [RHEL-43272 RHEL-23117]
- xen-netfront: Add missing skb_mark_for_recycle (Vitaly Kuznetsov) [RHEL-37626 RHEL-36573] {CVE-2024-27393}
- tools/power/turbostat: Fix uncore frequency file string (David Arcari) [RHEL-34953 RHEL-29239]
- tools/power turbostat: Expand probe_intel_uncore_frequency() (David Arcari) [RHEL-34953 RHEL-29239]
- net/mlx5e: fix a potential double-free in fs_any_create_groups (Kamal Heib) [RHEL-38972 RHEL-37093] {CVE-2023-52667}
- crypto: qat - Fix typo (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (Vladis Dronov) [RHEL-38546 RHEL-35816] {CVE-2024-26974}
- crypto: qat - specify firmware files for 402xx (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - validate slices count returned by FW (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - improve error logging to be consistent across features (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - improve error message in adf_get_arbiter_mapping() (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - implement dh fallback for primes > 4K (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - Fix spelling mistake 'Invalide' -> 'Invalid' (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - implement interface for live migration (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add interface for live migration (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add bank save and restore flows (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - expand CSR operations for QAT GEN4 devices (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - rename get_sla_arr_of_type() (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - relocate CSR access code (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - move PFVF compat checker to a function (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - relocate and rename 4xxx PF2VM definitions (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - adf_get_etr_base() helper (Vladis Dronov) [RHEL-38546 RHEL-35816]
- redhat/configs: Add CONFIG_CRYPTO_DEV_QAT_420XX (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - make ring to service map common for QAT GEN4 (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - fix ring to service map for dcc in 420xx (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - fix ring to service map for dcc in 4xxx (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - fix comment structure (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - remove unnecessary description from comment (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - remove double initialization of value (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - avoid division by zero (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - removed unused macro in adf_cnv_dbgfs.c (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - remove unused macros in qat_comp_alg.c (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (Vladis Dronov) [RHEL-38546 RHEL-35816]
- Documentation: qat: fix auto_reset section (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - resolve race condition during AER recovery (Vladis Dronov) [RHEL-38546 RHEL-35816] {CVE-2024-26974}
- crypto: qat - change SLAs cleanup flow at shutdown (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - improve aer error reset handling (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - limit heartbeat notifications (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add auto reset on error (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add fatal error notification (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - re-enable sriov after pf reset (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - update PFVF protocol for recovery (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - disable arbitration before reset (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add fatal error notify method (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add heartbeat error simulator (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - avoid memcpy() overflow warning (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - generate dynamically arbiter mappings (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add support for ring pair level telemetry (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add support for device telemetry (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add admin msgs for telemetry (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - include pci.h for GET_DEV() (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add support for 420xx devices (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - move fw config related structures (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - relocate portions of qat_4xxx code (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - change signature of uof_get_num_objs() (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - relocate and rename get_service_enabled() (Vladis Dronov) [RHEL-38546 RHEL-35816]
- seq_file: add helper macro to define attribute for rw file (Vladis Dronov) [RHEL-38546 RHEL-35816]
- minmax: Introduce {min,max}_array() (Vladis Dronov) [RHEL-38546 RHEL-35816]
[5.14.0-427.23.1.el9_4]
- net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (Kamal Heib) [RHEL-34050 RHEL-30492] {CVE-2023-52626}
- blk-mq: add helper for checking if one CPU is mapped to specified hctx (Ming Lei) [RHEL-38595 RHEL-36684]
- net/sched: flower: Add lock protection when remove filter handle (Petr Oros) [RHEL-35672 RHEL-33379]
- Bluetooth: Avoid potential use-after-free in hci_error_reset (David Marlin) [RHEL-33913 RHEL-31828] {CVE-2024-26801}
- net: hns3: do not allow call hns3_nic_net_open repeatedly (Jose Ignacio Tornos Martinez) [RHEL-38933 RHEL-37707] {CVE-2021-47400}
- tmpfs: fix Documentation of noswap and huge mount options (Nico Pache) [RHEL-38252 RHEL-31975]
- shmem: add support to ignore swap (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
- shmem: update documentation (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
- shmem: skip page split if we're not reclaiming (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
- shmem: move reclaim check early on writepages() (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
- shmem: set shmem_writepage() variables early (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
- shmem: remove check for folio lock on writepage() (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
- ice: Add automatic VF reset on Tx MDD events (Petr Oros) [RHEL-39083 RHEL-36317]
- net/ipv6: SKB symmetric hash should incorporate transport ports (Ivan Vecera) [RHEL-37641 RHEL-36218]
- ipv6: sr: fix memleak in seg6_hmac_init_algo (Hangbin Liu) [RHEL-37669 RHEL-37511]
- ipv6: sr: fix missing sk_buff release in seg6_input_core (Hangbin Liu) [RHEL-37669 RHEL-37511]
- ipv6: sr: fix invalid unregister error path (Hangbin Liu) [RHEL-37669 RHEL-37511]
- ipv6: sr: fix incorrect unregister order (Hangbin Liu) [RHEL-37669 RHEL-37511]
- ipv6: sr: add missing seg6_local_exit (Hangbin Liu) [RHEL-37669 RHEL-37511]
- block: fix q->blkg_list corruption during disk rebind (Ming Lei) [RHEL-36687 RHEL-33577]
- ice: fix uninitialized dplls mutex usage (Petr Oros) [RHEL-36716 RHEL-36283]
- ice: fix pin phase adjust updates on PF reset (Petr Oros) [RHEL-36716 RHEL-36283]
- ice: fix dpll periodic work data updates on PF reset (Petr Oros) [RHEL-36716 RHEL-36283]
- ice: fix dpll and dpll_pin data access on PF reset (Petr Oros) [RHEL-36716 RHEL-36283]
- ice: fix dpll input pin phase_adjust value updates (Petr Oros) [RHEL-36716 RHEL-36283]
- ice: fix connection state of DPLL and out pin (Petr Oros) [RHEL-36716 RHEL-36283]
- redhat: remove the merge subtrees script (Derek Barbosa)
- redhat: rhdocs: delete .get_maintainer.conf (Derek Barbosa)
- redhat: rhdocs: Remove the rhdocs directory (Derek Barbosa)
- net/mlx5: Properly link new fs rules into the tree (Kamal Heib) [RHEL-38954 RHEL-37422] {CVE-2024-35960}
- smb: client: fix UAF in smb2_reconnect_server() (Jay Shin) [RHEL-28943 RHEL-40177 RHEL-37273 RHEL-7986] {CVE-2024-35870}
- smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (Jay Shin) [RHEL-28943 RHEL-31245]
- RHEL: enable CONFIG_AMD_ATL (Aristeu Rozanski) [RHEL-36220 RHEL-26704]
- EDAC/amd64: Use new AMD Address Translation Library (Aristeu Rozanski) [RHEL-36220 RHEL-26704]
- RAS: Introduce AMD Address Translation Library (Aristeu Rozanski) [RHEL-36220 RHEL-26704]
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 9 (x86_64) | kernel-5.14.0-427.24.1.0.1.el9_4.src.rpm | 91e9b350564c7363512d987824ccab653b32ab00780443b63b4bf040e69c5e69 | - | ol9_x86_64_MODRHCK |
| bpftool-7.3.0-427.24.1.0.1.el9_4.x86_64.rpm | b3d65df2a13dc730bf378fca8322b2bbb9677682f60efd4d916a9dad582e9aca | - | ol9_x86_64_MODRHCK | |
| kernel-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | ab315787325e841da2367d037b9c444fb1e6820091153999d3e314fad7e9423d | - | ol9_x86_64_MODRHCK | |
| kernel-abi-stablelists-5.14.0-427.24.1.0.1.el9_4.noarch.rpm | dff4adcf5ab2ae52f72ebbafd10939477b6e5e8f6a9c61131da22ee99cada63c | - | ol9_x86_64_MODRHCK | |
| kernel-core-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | e964a3d9e5f461c4e7eabcaec3a78f7990ac0efb40db6215b6875e351c8f3ccb | - | ol9_x86_64_MODRHCK | |
| kernel-cross-headers-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | acf1bca3b95d1f63751b7a9fd85e72802c3aa4559a3a9673e76e81dfaba5cd54 | - | ol9_x86_64_MODRHCK | |
| kernel-debug-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | 6601d5e6031b86ee88d15658d4da0c400942c311f152d2de89a512e161875475 | - | ol9_x86_64_MODRHCK | |
| kernel-debug-core-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | 1c4dd8ca4101323699f619058a951054e2be0f44d611f86af6a25a86899ea2b2 | - | ol9_x86_64_MODRHCK | |
| kernel-debug-devel-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | 27c130caca60a34bcab76cac8289f5a0d1829c6cdbd8bcf932b3e720ac6b10c1 | - | ol9_x86_64_MODRHCK | |
| kernel-debug-devel-matched-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | 461d4cf240f3fd1063c971ac58c5a75657051217321a933cc753401d56b33433 | - | ol9_x86_64_MODRHCK | |
| kernel-debug-modules-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | 89aac1beb0a679b0aabd62dfca1d37bc810140bb7baf3c4d8887ce8706a7f002 | - | ol9_x86_64_MODRHCK | |
| kernel-debug-modules-core-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | 0cc85e0c0e6d251cff83dcafcb17290ce5b2f3ca01376aa6733089f1b501b1e8 | - | ol9_x86_64_MODRHCK | |
| kernel-debug-modules-extra-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | 28c372ae4cfa5264d19212fff8710bf97b7a3c85b84c03b61b56ef717d1babe8 | - | ol9_x86_64_MODRHCK | |
| kernel-debug-uki-virt-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | a7574f0307b9c6dc0017ce1e0cae3cc7bcda05e40ad79cdc297ad67cbdb86e31 | - | ol9_x86_64_MODRHCK | |
| kernel-devel-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | 878b49f15b287498e99db1eb39aed1a93b89c5fd31163a8f9aa2fddf1c78df5a | - | ol9_x86_64_MODRHCK | |
| kernel-devel-matched-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | 2ca7d144ae24098638f0ec6ffb4f6e8033fb654da5380a5305f5eed15ddaabbb | - | ol9_x86_64_MODRHCK | |
| kernel-doc-5.14.0-427.24.1.0.1.el9_4.noarch.rpm | 582e51d85e8c0219b4f62a51344d345f59517ff5fa4c909aba0d510150625395 | - | ol9_x86_64_MODRHCK | |
| kernel-headers-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | a51fa9cb38c885140d31fe7d0ee29298bcfa5bedc68f9201e83b27e61d34378b | - | ol9_x86_64_MODRHCK | |
| kernel-modules-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | e1a7e2b5bf35a80d92cb050b364120784c06821c2983b1a0d9c9b50a41a0f0d4 | - | ol9_x86_64_MODRHCK | |
| kernel-modules-core-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | a11b5db21bff22f0da80eb03b73ef187eaa6745ae93aca5be56b7db956c9badb | - | ol9_x86_64_MODRHCK | |
| kernel-modules-extra-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | e4520ee343fa9f661390fadd569f4f3c92a12b08090cea651c4eab9fd1d25860 | - | ol9_x86_64_MODRHCK | |
| kernel-tools-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | 9e95c541a0f25ab2f98bf8d237696112718b215c7319d607637421f8897ddb00 | - | ol9_x86_64_MODRHCK | |
| kernel-tools-libs-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | ab3b15ddf239cc52b171600b5e16f2208b09ba406f1d16d9d8e66211c5f84c8e | - | ol9_x86_64_MODRHCK | |
| kernel-tools-libs-devel-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | 28e30bde197d8155aaa1a3b87364c7454062af655ecf66e604fd70d1bd70857c | - | ol9_x86_64_MODRHCK | |
| kernel-uki-virt-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | 410bf2ea5f237f4abfa42ea91fffb3f31e2c4ed30bf603c2a595fba8cdcec3a7 | - | ol9_x86_64_MODRHCK | |
| libperf-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | 773d98789f25dda450dd0e91245f10eda1475ef19aa362afd10d002cb4f2697f | - | ol9_x86_64_MODRHCK | |
| perf-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | d7bccf097283b65dc06962d5be2a854dc77b70bae5f10be41a7d8cbc20d1dc83 | - | ol9_x86_64_MODRHCK | |
| python3-perf-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | 2c1b182a53292fa89bd8800c099fa24b6b4b51471ffa4ae4f9574fbeb7fbc448 | - | ol9_x86_64_MODRHCK | |
| rtla-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | a0031cbd55c7bce7cda51957e644b7e9d7c4be4e4926b2f5b6171d32e0d8e153 | - | ol9_x86_64_MODRHCK | |
| rv-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm | 3ffee9f8b89151b01abada2dac08a8daf7f1da5bc1b997a229dfe0caebc78253 | - | ol9_x86_64_MODRHCK | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
