ELBA-2024-4583-1
- ULN >
- Oracle Linux Errata repository >
- ELBA-2024-4583-1
ELBA-2024-4583-1 - kernel bug fix update
| Type: | BUG |
| Impact: | NA |
| Release Date: | 2024-07-18 |
Description
- [5.14.0-427.26.1.0.1.el9_4.OL9]
- Revert 'crypto: testmgr - allow ecdsa-nist-p256 and -p384 in FIPS mode' [Orabug: 36638086]
- Update module name for cryptographic module [Orabug: 36324521]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
[5.14.0-427.26.1.el9_4]
- net: ena: Fix incorrect descriptor free behavior (Kamal Heib) [RHEL-39217 RHEL-37430] {CVE-2024-35958}
- tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (Guillaume Nault) [RHEL-41749 RHEL-39837] {CVE-2024-36904}
- mm/mglru: Revert 'don't sync disk for each aging cycle' (Waiman Long) [RHEL-44418]
- tipc: fix UAF in error path (Xin Long) [RHEL-34848 RHEL-34280] {CVE-2024-36886}
- selftest/cgroup: Update test_cpuset_prs.sh to match changes (Waiman Long) [RHEL-45139]
- cgroup/cpuset: Make cpuset.cpus.exclusive independent of cpuset.cpus (Waiman Long) [RHEL-45139]
- cgroup/cpuset: Delay setting of CS_CPU_EXCLUSIVE until valid partition (Waiman Long) [RHEL-45139]
- selftest/cgroup: Fix test_cpuset_prs.sh problems reported by test robot (Waiman Long) [RHEL-45139]
- cgroup/cpuset: Fix remote root partition creation problem (Waiman Long) [RHEL-45139]
- cgroup/cpuset: Optimize isolated partition only generate_sched_domains() calls (Waiman Long) [RHEL-45139]
- cgroup/cpuset: Fix retval in update_cpumask() (Waiman Long) [RHEL-45139]
- cgroup/cpuset: Fix a memory leak in update_exclusive_cpumask() (Waiman Long) [RHEL-45139]
- ice: implement AQ download pkg retry (Petr Oros) [RHEL-38907 RHEL-17318]
- redhat: include resolve_btfids in kernel-devel (Viktor Malik) [RHEL-43426 RHEL-40707]
- blk-cgroup: fix list corruption from resetting io stat (cki-backport-bot) [RHEL-44977] {CVE-2024-38663}
- misc: rtsx: do clear express reg every SD_INT (David Arcari) [RHEL-39985 RHEL-33706]
- misc: rtsx: Fix rts5264 driver status incorrect when card removed (David Arcari) [RHEL-39985 RHEL-33706]
- netfilter: tproxy: bail out if IP has been disabled on the device (cki-backport-bot) [RHEL-44371] {CVE-2024-36270}
- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (cki-backport-bot) [RHEL-44263 RHEL-44261] {CVE-2024-38543}
- r8169: Fix possible ring buffer corruption on fragmented Tx packets. (cki-backport-bot) [RHEL-44039] {CVE-2024-38586}
- net: micrel: Fix receiving the timestamp in the frame for lan8841 (cki-backport-bot) [RHEL-43996] {CVE-2024-38593}
- vt: fix memory overlapping when deleting chars in the buffer (Waiman Long) [RHEL-43379 RHEL-27780] {CVE-2022-48627}
- net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (Kamal Heib) [RHEL-42728 RHEL-34192] {CVE-2024-26858}
- locking/atomic: Make test_and_*_bit() ordered on failure (Paolo Bonzini) [RHEL-45896]
- mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index (Rafael Aquini) [RHEL-42659 RHEL-31840] {CVE-2024-26783}
- can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (Jose Ignacio Tornos Martinez) [RHEL-42379 RHEL-31530] {CVE-2023-52638}
- ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (Ken Cox) [RHEL-42226 RHEL-38715] {CVE-2021-47548}
[5.14.0-427.25.1.el9_4]
- nvme: fix reconnection fail due to reserved tag allocation (Maurizio Lombardi) [RHEL-42896 RHEL-36896] {CVE-2024-27435}
- net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (cki-backport-bot) [RHEL-43625] {CVE-2021-47596}
- scsi: sg: Avoid race in error handling & drop bogus warn (Ewan D. Milne) [RHEL-36106 RHEL-35659]
- scsi: sg: Avoid sg device teardown race (Ewan D. Milne) [RHEL-36106 RHEL-35659]
- netfilter: nf_tables: use timestamp to check for set element timeout (Florian Westphal) [RHEL-38032 RHEL-33985] {CVE-2024-27397}
- netfilter: nft_set_rbtree: Remove unused variable nft_net (Florian Westphal) [RHEL-38032 RHEL-33985]
- netfilter: nft_set_rbtree: prefer sync gc to async worker (Florian Westphal) [RHEL-38032 RHEL-33985]
- netfilter: nft_set_rbtree: rename gc deactivate+erase function (Florian Westphal) [RHEL-38032 RHEL-33985]
- netfilter: nf_tables: de-constify set commit ops function argument (Florian Westphal) [RHEL-38032 RHEL-33985]
- octeontx2-af: avoid off-by-one read from userspace (Kamal Heib) [RHEL-40486 RHEL-39873] {CVE-2024-36957}
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 9 (x86_64) | kernel-5.14.0-427.26.1.0.1.el9_4.src.rpm | f2f31006894f8b29cfd46ca479797aa02a3946371830da5311c4faa3ff294957 | - | ol9_x86_64_MODRHCK |
| bpftool-7.3.0-427.26.1.0.1.el9_4.x86_64.rpm | f747c855cd17710dd2873c114a500831e33a406c8b47fe079a9436521a8f2ffb | - | ol9_x86_64_MODRHCK | |
| kernel-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 10c72440834ea9519d4a49447a140f896c47676872c0b884de86ed38284be4cd | - | ol9_x86_64_MODRHCK | |
| kernel-abi-stablelists-5.14.0-427.26.1.0.1.el9_4.noarch.rpm | ee88b6999e87b73823b410a5b9c6cc06bb2f26fbaae8e85e1efb0b4730ffc2ec | - | ol9_x86_64_MODRHCK | |
| kernel-core-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 68d64a07afcb0c2d0a1489249a318b49a17bfdb85aeaf548445eb9913c6cd7f3 | - | ol9_x86_64_MODRHCK | |
| kernel-cross-headers-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 6046b7f901a0295f279792c2dd4823dfad2072e6f9fb04b67b53f7cd4168ade3 | - | ol9_x86_64_MODRHCK | |
| kernel-debug-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | d524f6b390e3a1d5694ba067fba86f70d43ba040f407f04bcd8073527a936128 | - | ol9_x86_64_MODRHCK | |
| kernel-debug-core-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 71d1dce863746e5541e229b4b8f50d2ea842766cb187fa9d09b8095831babb1e | - | ol9_x86_64_MODRHCK | |
| kernel-debug-devel-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 07685feaeab5abf99de2cb7f6a30c5515f76fdf2b5da541b84074614bce0ada3 | - | ol9_x86_64_MODRHCK | |
| kernel-debug-devel-matched-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 8ccb92f22037a37a3b7c211192b3367a3b9daf2e7239eb798db6986b0578ccd4 | - | ol9_x86_64_MODRHCK | |
| kernel-debug-modules-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 096312fd62b5dea9e4bd6ca6e5cec1ac7f19de260571b1d2e6b7101d9a67e29a | - | ol9_x86_64_MODRHCK | |
| kernel-debug-modules-core-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | a061c1f34ecfb282586ce9c5d442bd318759413a7820584628032ccde3ad2c4d | - | ol9_x86_64_MODRHCK | |
| kernel-debug-modules-extra-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 7af9fb4926611c03f8388529c09c785a3bfe59e447220705a1be3472a944b520 | - | ol9_x86_64_MODRHCK | |
| kernel-debug-uki-virt-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 62e28490c4a230d680fe0f4ad847b6411fc49a470e0e98a8831b41e86242dbbb | - | ol9_x86_64_MODRHCK | |
| kernel-devel-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | a1c25a7e3e45fcc37608f516bb323f0e7d8566033756bfba0d03d30591924374 | - | ol9_x86_64_MODRHCK | |
| kernel-devel-matched-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 6703f7ddef2a61c4b07075716712add236cf23d812539fe3287c08229fdf1c2b | - | ol9_x86_64_MODRHCK | |
| kernel-doc-5.14.0-427.26.1.0.1.el9_4.noarch.rpm | f74716cb493ad495602ef5acc736a31268ff50f30c0168cde93e3c8a8535ed5f | - | ol9_x86_64_MODRHCK | |
| kernel-headers-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | bc80b0a9714227e701232aa5a6e86382bcd74e94c19c91ffb64f5294207723ad | - | ol9_x86_64_MODRHCK | |
| kernel-modules-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | b670c25e7c55e47e0278f51a412f90814d08977885a45274498bab0eab1414a9 | - | ol9_x86_64_MODRHCK | |
| kernel-modules-core-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 8151806f7ab5886a6f6c964dc609b778622e1821f37c02117ede3eb899cc7f9e | - | ol9_x86_64_MODRHCK | |
| kernel-modules-extra-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 24af704a5a515c923dc5911650099e00912f0de2f017002bd7eb2b382130c532 | - | ol9_x86_64_MODRHCK | |
| kernel-tools-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | a8ac42c0c3503da9ee7171771102ed24a127fe5f9cc1ab69b891d8b80e566ebf | - | ol9_x86_64_MODRHCK | |
| kernel-tools-libs-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | b4c4738309bccce475897c48e2631e66bd0c25084da290d8c5c6e5872056a495 | - | ol9_x86_64_MODRHCK | |
| kernel-tools-libs-devel-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 991a1d3f9c53a77d11fea9a9e7e3e0b5998e8e3dc75396f3672ed8f5665e28ee | - | ol9_x86_64_MODRHCK | |
| kernel-uki-virt-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | c221feaca9b28f8a54181c748a162c00b1ee4b0594da396b1e0b5164cd6b95b8 | - | ol9_x86_64_MODRHCK | |
| libperf-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 658024c999fd9a711bd37e8695dad848035c1df6b2479c5d8f541bfcd9602986 | - | ol9_x86_64_MODRHCK | |
| perf-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | a320790c175e7ee361ab0f55b78cf4e6ca27e2cfd5ca1013e1c2b8bdfd74cca3 | - | ol9_x86_64_MODRHCK | |
| python3-perf-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 11b7e0c378925c22c0c3a1faaafee3e9a7e070d774f79c7641d68ae432cf620a | - | ol9_x86_64_MODRHCK | |
| rtla-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | 11f5a478781905ec48374d7436b242ee09b190df2a35d91481e537573c55dc7e | - | ol9_x86_64_MODRHCK | |
| rv-5.14.0-427.26.1.0.1.el9_4.x86_64.rpm | af8131bec0fca4bfe51edf48ceb7d3dc104c0175a11bed3745f6430bb0cd19e3 | - | ol9_x86_64_MODRHCK | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
