ELBA-2024-4349-1

ELBA-2024-4349-1 - kernel bug fix update

Type:BUG
Severity:NA
Release Date:2024-07-08

Description


- [5.14.0-427.24.1.0.1.el9_4.OL9]
- Revert 'crypto: testmgr - allow ecdsa-nist-p256 and -p384 in FIPS mode' [Orabug: 36638086]
- Update module name for cryptographic module [Orabug: 36324521]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates

[5.14.0-427.24.1.el9_4]
- net/bnx2x: Prevent access to a freed page in page_pool (Michal Schmidt) [RHEL-43272 RHEL-23117]
- bnx2x: new flag for track HW resource allocation (Michal Schmidt) [RHEL-43272 RHEL-23117]
- bnx2x: fix page fault following EEH recovery (Michal Schmidt) [RHEL-43272 RHEL-23117]
- bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending() (Michal Schmidt) [RHEL-43272 RHEL-23117]
- bnx2x: fix potential memory leak in bnx2x_tpa_stop() (Michal Schmidt) [RHEL-43272 RHEL-23117]
- xen-netfront: Add missing skb_mark_for_recycle (Vitaly Kuznetsov) [RHEL-37626 RHEL-36573] {CVE-2024-27393}
- tools/power/turbostat: Fix uncore frequency file string (David Arcari) [RHEL-34953 RHEL-29239]
- tools/power turbostat: Expand probe_intel_uncore_frequency() (David Arcari) [RHEL-34953 RHEL-29239]
- net/mlx5e: fix a potential double-free in fs_any_create_groups (Kamal Heib) [RHEL-38972 RHEL-37093] {CVE-2023-52667}
- crypto: qat - Fix typo (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (Vladis Dronov) [RHEL-38546 RHEL-35816] {CVE-2024-26974}
- crypto: qat - specify firmware files for 402xx (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - validate slices count returned by FW (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - improve error logging to be consistent across features (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - improve error message in adf_get_arbiter_mapping() (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - implement dh fallback for primes > 4K (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - Fix spelling mistake 'Invalide' -> 'Invalid' (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - implement interface for live migration (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add interface for live migration (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add bank save and restore flows (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - expand CSR operations for QAT GEN4 devices (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - rename get_sla_arr_of_type() (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - relocate CSR access code (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - move PFVF compat checker to a function (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - relocate and rename 4xxx PF2VM definitions (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - adf_get_etr_base() helper (Vladis Dronov) [RHEL-38546 RHEL-35816]
- redhat/configs: Add CONFIG_CRYPTO_DEV_QAT_420XX (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - make ring to service map common for QAT GEN4 (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - fix ring to service map for dcc in 420xx (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - fix ring to service map for dcc in 4xxx (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - fix comment structure (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - remove unnecessary description from comment (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - remove double initialization of value (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - avoid division by zero (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - removed unused macro in adf_cnv_dbgfs.c (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - remove unused macros in qat_comp_alg.c (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (Vladis Dronov) [RHEL-38546 RHEL-35816]
- Documentation: qat: fix auto_reset section (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - resolve race condition during AER recovery (Vladis Dronov) [RHEL-38546 RHEL-35816] {CVE-2024-26974}
- crypto: qat - change SLAs cleanup flow at shutdown (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - improve aer error reset handling (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - limit heartbeat notifications (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add auto reset on error (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add fatal error notification (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - re-enable sriov after pf reset (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - update PFVF protocol for recovery (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - disable arbitration before reset (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add fatal error notify method (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add heartbeat error simulator (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - avoid memcpy() overflow warning (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - generate dynamically arbiter mappings (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add support for ring pair level telemetry (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add support for device telemetry (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add admin msgs for telemetry (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - include pci.h for GET_DEV() (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - add support for 420xx devices (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - move fw config related structures (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - relocate portions of qat_4xxx code (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - change signature of uof_get_num_objs() (Vladis Dronov) [RHEL-38546 RHEL-35816]
- crypto: qat - relocate and rename get_service_enabled() (Vladis Dronov) [RHEL-38546 RHEL-35816]
- seq_file: add helper macro to define attribute for rw file (Vladis Dronov) [RHEL-38546 RHEL-35816]
- minmax: Introduce {min,max}_array() (Vladis Dronov) [RHEL-38546 RHEL-35816]

[5.14.0-427.23.1.el9_4]
- net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (Kamal Heib) [RHEL-34050 RHEL-30492] {CVE-2023-52626}
- blk-mq: add helper for checking if one CPU is mapped to specified hctx (Ming Lei) [RHEL-38595 RHEL-36684]
- net/sched: flower: Add lock protection when remove filter handle (Petr Oros) [RHEL-35672 RHEL-33379]
- Bluetooth: Avoid potential use-after-free in hci_error_reset (David Marlin) [RHEL-33913 RHEL-31828] {CVE-2024-26801}
- net: hns3: do not allow call hns3_nic_net_open repeatedly (Jose Ignacio Tornos Martinez) [RHEL-38933 RHEL-37707] {CVE-2021-47400}
- tmpfs: fix Documentation of noswap and huge mount options (Nico Pache) [RHEL-38252 RHEL-31975]
- shmem: add support to ignore swap (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
- shmem: update documentation (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
- shmem: skip page split if we're not reclaiming (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
- shmem: move reclaim check early on writepages() (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
- shmem: set shmem_writepage() variables early (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
- shmem: remove check for folio lock on writepage() (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
- ice: Add automatic VF reset on Tx MDD events (Petr Oros) [RHEL-39083 RHEL-36317]
- net/ipv6: SKB symmetric hash should incorporate transport ports (Ivan Vecera) [RHEL-37641 RHEL-36218]
- ipv6: sr: fix memleak in seg6_hmac_init_algo (Hangbin Liu) [RHEL-37669 RHEL-37511]
- ipv6: sr: fix missing sk_buff release in seg6_input_core (Hangbin Liu) [RHEL-37669 RHEL-37511]
- ipv6: sr: fix invalid unregister error path (Hangbin Liu) [RHEL-37669 RHEL-37511]
- ipv6: sr: fix incorrect unregister order (Hangbin Liu) [RHEL-37669 RHEL-37511]
- ipv6: sr: add missing seg6_local_exit (Hangbin Liu) [RHEL-37669 RHEL-37511]
- block: fix q->blkg_list corruption during disk rebind (Ming Lei) [RHEL-36687 RHEL-33577]
- ice: fix uninitialized dplls mutex usage (Petr Oros) [RHEL-36716 RHEL-36283]
- ice: fix pin phase adjust updates on PF reset (Petr Oros) [RHEL-36716 RHEL-36283]
- ice: fix dpll periodic work data updates on PF reset (Petr Oros) [RHEL-36716 RHEL-36283]
- ice: fix dpll and dpll_pin data access on PF reset (Petr Oros) [RHEL-36716 RHEL-36283]
- ice: fix dpll input pin phase_adjust value updates (Petr Oros) [RHEL-36716 RHEL-36283]
- ice: fix connection state of DPLL and out pin (Petr Oros) [RHEL-36716 RHEL-36283]
- redhat: remove the merge subtrees script (Derek Barbosa)
- redhat: rhdocs: delete .get_maintainer.conf (Derek Barbosa)
- redhat: rhdocs: Remove the rhdocs directory (Derek Barbosa)
- net/mlx5: Properly link new fs rules into the tree (Kamal Heib) [RHEL-38954 RHEL-37422] {CVE-2024-35960}
- smb: client: fix UAF in smb2_reconnect_server() (Jay Shin) [RHEL-28943 RHEL-40177 RHEL-37273 RHEL-7986] {CVE-2024-35870}
- smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (Jay Shin) [RHEL-28943 RHEL-31245]
- RHEL: enable CONFIG_AMD_ATL (Aristeu Rozanski) [RHEL-36220 RHEL-26704]
- EDAC/amd64: Use new AMD Address Translation Library (Aristeu Rozanski) [RHEL-36220 RHEL-26704]
- RAS: Introduce AMD Address Translation Library (Aristeu Rozanski) [RHEL-36220 RHEL-26704]




Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 9 (x86_64) kernel-5.14.0-427.24.1.0.1.el9_4.src.rpm18c60b0f29952ad1222827b42d455507-ol9_x86_64_MODRHCK
bpftool-7.3.0-427.24.1.0.1.el9_4.x86_64.rpmd97fd759a8dd68219949f01495b8a805-ol9_x86_64_MODRHCK
kernel-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm085499ab64ca3b00df8a5ee5978d8944-ol9_x86_64_MODRHCK
kernel-abi-stablelists-5.14.0-427.24.1.0.1.el9_4.noarch.rpm9325f9c056cf57286830c446d663fce7-ol9_x86_64_MODRHCK
kernel-core-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm74cb6cc9760fbec025a92eb633c2b057-ol9_x86_64_MODRHCK
kernel-cross-headers-5.14.0-427.24.1.0.1.el9_4.x86_64.rpmd9cad6557ea7bdc6223a0fc97990dcda-ol9_x86_64_MODRHCK
kernel-debug-5.14.0-427.24.1.0.1.el9_4.x86_64.rpmb8fae80b84f8c4c637e463fe26b3c1ee-ol9_x86_64_MODRHCK
kernel-debug-core-5.14.0-427.24.1.0.1.el9_4.x86_64.rpme4a47b5a04a500e5cd5475f4fa6b6557-ol9_x86_64_MODRHCK
kernel-debug-devel-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm76f53d9c3afa8271e1f322712b484e9f-ol9_x86_64_MODRHCK
kernel-debug-devel-matched-5.14.0-427.24.1.0.1.el9_4.x86_64.rpma82bba1bae559eec32b6cc324eda2b83-ol9_x86_64_MODRHCK
kernel-debug-modules-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm618de649df9e9ed28f3675d309223647-ol9_x86_64_MODRHCK
kernel-debug-modules-core-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm4926f5be8c9cc2e18bab0816a0b54941-ol9_x86_64_MODRHCK
kernel-debug-modules-extra-5.14.0-427.24.1.0.1.el9_4.x86_64.rpme386299d293970dfb4a56d528bd46d9e-ol9_x86_64_MODRHCK
kernel-debug-uki-virt-5.14.0-427.24.1.0.1.el9_4.x86_64.rpmce917c5ef7a9fe3c2c845e6a4c08aec3-ol9_x86_64_MODRHCK
kernel-devel-5.14.0-427.24.1.0.1.el9_4.x86_64.rpmf32f6c0cba190e433d74a4fad8f705a4-ol9_x86_64_MODRHCK
kernel-devel-matched-5.14.0-427.24.1.0.1.el9_4.x86_64.rpmf403d607c27dff741a89779ca936e02e-ol9_x86_64_MODRHCK
kernel-doc-5.14.0-427.24.1.0.1.el9_4.noarch.rpm52d7119849358aa887d1f10a0c317a6b-ol9_x86_64_MODRHCK
kernel-headers-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm752f7bd3ecaf5df9d987014c2bb50ac4-ol9_x86_64_MODRHCK
kernel-modules-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm04ea517a12b30cc891a0c5b4a00c0a24-ol9_x86_64_MODRHCK
kernel-modules-core-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm3223812ee0934128616a738eacefc4a8-ol9_x86_64_MODRHCK
kernel-modules-extra-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm9967134f0020660ccee7ec53a3bfec4f-ol9_x86_64_MODRHCK
kernel-tools-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm1da1fe86257458546d26eefcebfdd5f8-ol9_x86_64_MODRHCK
kernel-tools-libs-5.14.0-427.24.1.0.1.el9_4.x86_64.rpmae5c703f148bc69f2e5d576a156eddf3-ol9_x86_64_MODRHCK
kernel-tools-libs-devel-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm4f08bdae4899b6aa87962477142854c9-ol9_x86_64_MODRHCK
kernel-uki-virt-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm6da47610b81912aabc8453eef7384b45-ol9_x86_64_MODRHCK
libperf-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm027ddd6798cc1935251497f09a534a1b-ol9_x86_64_MODRHCK
perf-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm495e1d6a5c0939b376dbbc2227a8ff4c-ol9_x86_64_MODRHCK
python3-perf-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm7f4b5cd39789838e9c11ca82c21afbbb-ol9_x86_64_MODRHCK
rtla-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm46c8ec7377a224678b9bb967dab746b5-ol9_x86_64_MODRHCK
rv-5.14.0-427.24.1.0.1.el9_4.x86_64.rpm2f6fd2f128103e8d16e83f219c98d33b-ol9_x86_64_MODRHCK


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete