ELSA-2022-1198
- ULN >
- Oracle Linux Errata repository >
- ELSA-2022-1198
ELSA-2022-1198 - kernel security, bug fix, and enhancement update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2022-04-06 |
Description
[3.10.0-1160.62.1.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)
[3.10.0-1160.62.1]
- cifs: fix handling of DFS links where we can not access all components (Ronnie Sahlberg) [1937304]
- redhat: kernel.spec: install new kernel boot entry in posttrans, not post (Denys Vlasenko) [1893756]
- [s390] s390/cpumf: Support for CPU Measurement Facility CSVN 7 (Mete Durlu) [2048920]
- dm table: fix iterate_devices based device capability checks (Mike Snitzer) [2054743]
- buffer: eliminate the need to call free_more_memory() in __getblk_slow() (Carlos Maiolino) [2030609]
- buffer: grow_dev_page() should use __GFP_NOFAIL for all cases (Carlos Maiolino) [2030609]
- buffer: have alloc_page_buffers() use __GFP_NOFAIL (Carlos Maiolino) [2030609]
- mm: memcg: do not fail __GFP_NOFAIL charges (Rafael Aquini) [2054345]
- mm: filemap: do not drop action modifier flags from the gfp_mask passed to __add_to_page_cache_locked() (Rafael Aquini) [2054345]
- Added ZSTREAM=yes to makefile (Lucas Zampieri)
[3.10.0-1160.61.1]
- x86/efi: reset the correct tlb_state when returning from efi_switch_mm() (Rafael Aquini) [2055587]
[3.10.0-1160.60.1]
- svcrdma: Fix leak of svc_rdma_recv_ctxt objects (Benjamin Coddington) [2028740]
- sunrpc: Remove unneeded pointer dereference (Benjamin Coddington) [2028740]
- x86/platform/uv: Add more to secondary CPU kdump info (Frank Ramsay) [2042462]
- [s390] s390/AP: support new dynamic AP bus size limit (Claudio Imbrenda) [1997156]
- CI: Enable baseline realtime checks (Veronika Kabatova)
- CI: Rename pipelines to include release names (Veronika Kabatova)
- RDMA/cma: Do not change route.addr.src_addr.ss_family (Kamal Heib) [2032075] {CVE-2021-4028}
- fget: clarify and improve __fget_files() implementation (Miklos Szeredi) [2032478] {CVE-2021-4083}
- fget: check that the fd still exists after getting a ref to it (Miklos Szeredi) [2032478] {CVE-2021-4083}
- net: Set fput_needed iff FDPUT_FPUT is set (Miklos Szeredi) [2032478] {CVE-2021-4083}
- vfs, fdtable: Add fget_task helper (Miklos Szeredi) [2032478] {CVE-2021-4083}
- fs: add fget_many() and fput_many() (Miklos Szeredi) [2032478] {CVE-2021-4083}
- fs/file.c: __fget() and dup2() atomicity rules (Miklos Szeredi) [2032478] {CVE-2021-4083}
- vfs: Don't let __fdget_pos() get FMODE_PATH files (Miklos Szeredi) [2032478] {CVE-2021-4083}
- get rid of fget_light() (Miklos Szeredi) [2032478] {CVE-2021-4083}
- sockfd_lookup_light(): switch to fdget^W^Waway from fget_light (Miklos Szeredi) [2032478] {CVE-2021-4083}
- fs: __fget_light() can use __fget() in slow path (Miklos Szeredi) [2032478] {CVE-2021-4083}
- fs: factor out common code in fget_light() and fget_raw_light() (Miklos Szeredi) [2032478] {CVE-2021-4083}
- fs: factor out common code in fget() and fget_raw() (Miklos Szeredi) [2032478] {CVE-2021-4083}
- introduce __fcheck_files() to fix rcu_dereference_check_fdtable(), kill rcu_my_thread_group_empty() (Miklos Szeredi) [2032478] {CVE-2021-4083}
Related CVEs
| CVE-2021-4028 |
| CVE-2021-4083 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (x86_64) | kernel-3.10.0-1160.62.1.el7.src.rpm | 1094c8ad77dee4130e21513b9a93d91c | - |
| bpftool-3.10.0-1160.62.1.el7.x86_64.rpm | 30dbde05d06a18a126d6064c9873cb93 | - | |
| kernel-3.10.0-1160.62.1.el7.x86_64.rpm | 9fe0e13bf8669e1b0e05d95de7dcd87f | - | |
| kernel-abi-whitelists-3.10.0-1160.62.1.el7.noarch.rpm | e29b3141a58c6a7493c08e837c1cfb4a | - | |
| kernel-debug-3.10.0-1160.62.1.el7.x86_64.rpm | 161e6bba629a6ea86777cd39442284d0 | - | |
| kernel-debug-devel-3.10.0-1160.62.1.el7.x86_64.rpm | e0322a9d2f0fc7bc4d6e66876430838e | - | |
| kernel-devel-3.10.0-1160.62.1.el7.x86_64.rpm | 6a2d8b55b4ac47fa58a413c20c2993ea | - | |
| kernel-doc-3.10.0-1160.62.1.el7.noarch.rpm | a8b074041c955a5ed129f9618c1ced5c | - | |
| kernel-headers-3.10.0-1160.62.1.el7.x86_64.rpm | 2b5c332b5030e9fe7f65933f3e02e97b | - | |
| kernel-tools-3.10.0-1160.62.1.el7.x86_64.rpm | 7076dedbb1b6ecd777eac6f47ab9c75b | - | |
| kernel-tools-libs-3.10.0-1160.62.1.el7.x86_64.rpm | de6fea5045dd7cf4d85922aa73769507 | - | |
| kernel-tools-libs-devel-3.10.0-1160.62.1.el7.x86_64.rpm | 5b6c5c5abe945233b935be1c17126dc6 | - | |
| perf-3.10.0-1160.62.1.el7.x86_64.rpm | 3db75be03b502762870abfffebb3583e | - | |
| python-perf-3.10.0-1160.62.1.el7.x86_64.rpm | 5255c423a7ff6e6bdb26ab31027ca6ed | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
