ELSA-2023-0399

ELSA-2023-0399 - kernel security and bug fix update

Type:SECURITY
Severity:IMPORTANT
Release Date:2023-01-25

Description


[3.10.0-1160.83.1.0.1.OL7]
- debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499}

[3.10.0-1160.83.1.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)

[3.10.0-1160.83.1]
- x86/sme: avoid using __x86_return_thunk (Rafael Aquini) [2122158]
- scsi: core: Simplify control flow in scmd_eh_abort_handler() (Ewan D. Milne) [2128337]
- scsi: core: Avoid leaving shost->last_reset with stale value if EH does not run (Ewan D. Milne) [2128337]
- [netdrv] i40e: Fix freeing of uninitialized misc IRQ vector (Jamie Bainbridge) [2129248]
- x86/speculation: Use generic retpoline by default on AMD (Rafael Aquini) [2062165] {CVE-2021-26401}

[3.10.0-1160.82.1]
- net: usb: ax88179_178a: Fix packet receiving (Jose Ignacio Tornos Martinez) [2120504] {CVE-2022-2964}
- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (Jose Ignacio Tornos Martinez) [2120504] {CVE-2022-2964}
- net: usb: Merge cpu_to_le32s + memcpy to put_unaligned_le32 (Jose Ignacio Tornos Martinez) [2120504] {CVE-2022-2964}
- ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (Jose Ignacio Tornos Martinez) [2120504] {CVE-2022-2964}
- net: usb: ax88179_178a: fix packet alignment padding (Jose Ignacio Tornos Martinez) [2120504] {CVE-2022-2964}
- mm: swap: disable swap_vma_readahead for PPC64 (Rafael Aquini) [2142455]


Related CVEs


CVE-2021-26401
CVE-2022-2964

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) kernel-3.10.0-1160.83.1.0.1.el7.src.rpmb07ff164cc8e5ac39b62dd91a00ea0c6-
bpftool-3.10.0-1160.83.1.0.1.el7.x86_64.rpm53afacdc84d1d16c6cb04ca2d09b0bf9-
kernel-3.10.0-1160.83.1.0.1.el7.x86_64.rpm8dcc6307c5b5a5bf6827563c3a590bee-
kernel-abi-whitelists-3.10.0-1160.83.1.0.1.el7.noarch.rpm315cb2d9ef7ce48e1839cbedfd254001-
kernel-debug-3.10.0-1160.83.1.0.1.el7.x86_64.rpm4af7b377319f7342005e996946ee350b-
kernel-debug-devel-3.10.0-1160.83.1.0.1.el7.x86_64.rpm30d6146477d2d7541a679279e33e9df7-
kernel-devel-3.10.0-1160.83.1.0.1.el7.x86_64.rpme9a5df2475dd78db09d6df374eaaa1da-
kernel-doc-3.10.0-1160.83.1.0.1.el7.noarch.rpm9d07fc1f4d003e57844ed0e107c8d2dd-
kernel-headers-3.10.0-1160.83.1.0.1.el7.x86_64.rpm34979d71da8576cbb63055bf08afb7ce-
kernel-tools-3.10.0-1160.83.1.0.1.el7.x86_64.rpm1c2449f876e6852daa0a4aa069fba3f1-
kernel-tools-libs-3.10.0-1160.83.1.0.1.el7.x86_64.rpmca42f2e08b20c7cc8eeb9d7337089d7e-
kernel-tools-libs-devel-3.10.0-1160.83.1.0.1.el7.x86_64.rpmc3294be30a2084156ab86bff574107fe-
perf-3.10.0-1160.83.1.0.1.el7.x86_64.rpm056bf84ca6a2946be9db42a8f3881e88-
python-perf-3.10.0-1160.83.1.0.1.el7.x86_64.rpmb03116c58cd487d2de63f725b9898a7e-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete