ELSA-2022-0188

ULN >
Oracle Linux Errata repository >
ELSA-2022-0188

ELSA-2022-0188 - kernel security and bug fix update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2022-01-21

Description

[4.18.0-348.12.2_5.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-11.0.5

[4.18.0-348.12.2_5]
- vfs: Out-of-bounds write of heap buffer in fs_context.c (Frantisek Hrbata) [2040585 2040586] {CVE-2022-0185}
- xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate (Bruno Meneguele) [2034864 2034865] {CVE-2021-4155}

[4.18.0-348.12.1_5]
- tcp: don't free a FIN sk_buff in tcp_remove_empty_skb() (Guillaume Nault) [2021574 2016210]
- kernel.spec: Add support to use vmlinux.h (Jiri Olsa) [2031053 1989087]
- spec: Add vmlinux.h to kernel-devel package (Jiri Olsa) [2031053 1989087]
- x86/mce: Avoid infinite loop for copy from user recovery (Prarit Bhargava) [2008789 1999550]
- x86/mce: Rename kill_it to kill_current_task (Prarit Bhargava) [2008789 1999550]
- x86/mce: Recover from poison found while copying from user space (Prarit Bhargava) [2008789 1999550]
- x86/mce: Delay clearing IA32_MCG_STATUS to the end of do_machine_check() (Prarit Bhargava) [2008789 1999550]
- x86/mce: Send #MC singal from task work (Prarit Bhargava) [2008789 1999550]

[4.18.0-348.11.1_5]
- blk-mq: avoid to iterate over stale request (Ming Lei) [2034396 1997338]
- rcu: Tighten rcu_advance_cbs_nowake() checks (Daniel Vacek) [2032579 2013408]

[4.18.0-348.10.1_5]
- selftests: add a test case for mirred egress to ingress (Xin Long) [2024411 1983894]
- net: sched: act_mirred: drop dst for the direction from egress to ingress (Xin Long) [2024411 1983894]

[4.18.0-348.9.1_5]
- ixgbe: Revert 'bpf, devmap: Move drop error path to devmap for XDP_REDIRECT' (Ken Cox) [2029845 2024240]
- i40e: Revert 'bpf, devmap: Move drop error path to devmap for XDP_REDIRECT' (Stefan Assmann) [2029845 2024225]
- rcu/nocb: Perform deferred wake up before last idle's need_resched() check (Waiman Long) [2029449 2008340]

[4.18.0-348.8.1_5]
- ice: Fix VF true promiscuous mode (Jonathan Toppins) [2026698 1970643]
- ice: Remove toggling of antispoof for VF trusted promiscuous mode (Jonathan Toppins) [2026698 1970643]
- ice: Fix replacing VF hardware MAC to existing MAC filter (Jonathan Toppins) [2026698 1970643]
- ice: Fix not stopping Tx queues for VFs (Jonathan Toppins) [2026698 1970643]
- ice: Fix race conditions between virtchnl handling and VF ndo ops (Jonathan Toppins) [2026698 1970643]
- net/netif_receive_skb_core: Use migrate_disable() (Luis Claudio R. Goncalves) [2027689 2024168]
- crypto: jitter - consider 32 LSB for APT (Herbert Xu) [2029365 1994390]
- xfs: fix I_DONTCACHE (Carlos Maiolino) [2028534 2024969]

Related CVEs

CVE-2022-0185

CVE-2021-4155

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 8 (aarch64)	kernel-4.18.0-348.12.2.el8_5.src.rpm	c685017b128144c798c9213fed3025e2	-
	bpftool-4.18.0-348.12.2.el8_5.aarch64.rpm	7f7f91740556fca5d2112866d44da95c	-
	kernel-cross-headers-4.18.0-348.12.2.el8_5.aarch64.rpm	5d898b3e49265e5f78381f45872daf1a	-
	kernel-headers-4.18.0-348.12.2.el8_5.aarch64.rpm	514e324788d9575191359d71b1c48f30	-
	kernel-tools-4.18.0-348.12.2.el8_5.aarch64.rpm	98812a1d8137bb03fe842d5d3e82399d	-
	kernel-tools-libs-4.18.0-348.12.2.el8_5.aarch64.rpm	f8ebc08155aed70c13d52fe4eb4cee64	-
	kernel-tools-libs-devel-4.18.0-348.12.2.el8_5.aarch64.rpm	76697cb940935ec15ef36765fd025575	-
	perf-4.18.0-348.12.2.el8_5.aarch64.rpm	9575c11221d89334baa75dc082b74f30	-
	python3-perf-4.18.0-348.12.2.el8_5.aarch64.rpm	e72d5692ffcedd191ebde3531e1d4921	-

Oracle Linux 8 (x86_64)	kernel-4.18.0-348.12.2.el8_5.src.rpm	c685017b128144c798c9213fed3025e2	-
	bpftool-4.18.0-348.12.2.el8_5.x86_64.rpm	7f25cabf0cda1bbdfaf9358b9074920b	-
	kernel-4.18.0-348.12.2.el8_5.x86_64.rpm	8902bc130f1e527ecdd0220299f44f5d	-
	kernel-abi-stablelists-4.18.0-348.12.2.el8_5.noarch.rpm	e7bc4d6231a6270469a25a05852922c5	-
	kernel-core-4.18.0-348.12.2.el8_5.x86_64.rpm	96edcd9b27be3902662ee9ee08d9e406	-
	kernel-cross-headers-4.18.0-348.12.2.el8_5.x86_64.rpm	505030532dc2970352fc10628ef5d1fa	-
	kernel-debug-4.18.0-348.12.2.el8_5.x86_64.rpm	ec9e8af5077b10d1240653a04410c0ea	-
	kernel-debug-core-4.18.0-348.12.2.el8_5.x86_64.rpm	518eac508cdef25104c28a25bd19c143	-
	kernel-debug-devel-4.18.0-348.12.2.el8_5.x86_64.rpm	fef8e24f1feb4116ddd196771c8dac46	-
	kernel-debug-modules-4.18.0-348.12.2.el8_5.x86_64.rpm	23c13547836c8ab8f04f20ba1485d155	-
	kernel-debug-modules-extra-4.18.0-348.12.2.el8_5.x86_64.rpm	0638771cf71c4e32cc585fdd47c31842	-
	kernel-devel-4.18.0-348.12.2.el8_5.x86_64.rpm	db4f650e717d62f4d2320750d9f9a38d	-
	kernel-doc-4.18.0-348.12.2.el8_5.noarch.rpm	27c9eab24fee07bed1e3c0ffcc463ab6	-
	kernel-headers-4.18.0-348.12.2.el8_5.x86_64.rpm	f016ff2dc47660a23ece3c9b7897c96d	-
	kernel-modules-4.18.0-348.12.2.el8_5.x86_64.rpm	c87a0a239fdb32e69b0d6961b7838e31	-
	kernel-modules-extra-4.18.0-348.12.2.el8_5.x86_64.rpm	63f01f725477d87309f150c0759a1752	-
	kernel-tools-4.18.0-348.12.2.el8_5.x86_64.rpm	70c27a71fe2b857203bb684b431a4df2	-
	kernel-tools-libs-4.18.0-348.12.2.el8_5.x86_64.rpm	71d97ad3d10766217d1d3fb5a61ba6c9	-
	kernel-tools-libs-devel-4.18.0-348.12.2.el8_5.x86_64.rpm	6258d72846663c18843bf2a43b370673	-
	perf-4.18.0-348.12.2.el8_5.x86_64.rpm	e247d7e19058b6985fe2d89de1e01c06	-
	python3-perf-4.18.0-348.12.2.el8_5.x86_64.rpm	e759e389f2c6f3564ff4dce09f436cd5	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691