ELSA-2023-0951
- ULN >
- Oracle Linux Errata repository >
- ELSA-2023-0951
ELSA-2023-0951 - kernel security and bug fix update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2023-03-01 |
Description
- [5.14.0-162.18.1_1.OL9]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5
- Remove nmap references from kernel (Mridula Shastry) [Orabug: 34313944]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
[5.14.0-162.18.1_1]
- powerpc/pseries: Use lparcfg to reconfig VAS windows for DLPAR CPU (Steve Best) [2154305 2133101]
- redhat/configs: Change the amd-pstate driver from builtin to loadable (David Arcari) [2151274 2143793]
- powerpc/pseries/mobility: set NMI watchdog factor during an LPM (Steve Best) [2140085 2122830]
- powerpc/watchdog: introduce a NMI watchdog's factor (Steve Best) [2140085 2122830]
- watchdog: export lockup_detector_reconfigure (Steve Best) [2140085 2122830]
- powerpc/mobility: wait for memory transfer to complete (Steve Best) [2140085 2122830]
[5.14.0-162.17.1_1]
- PCI: hv: Only reuse existing IRTE allocation for Multi-MSI (Emanuele Giuseppe Esposito) [2155459 2100404]
- PCI: hv: Fix the definition of vector in hv_compose_msi_msg() (Emanuele Giuseppe Esposito) [2155459 2100404]
- PCI: hv: Fix interrupt mapping for multi-MSI (Emanuele Giuseppe Esposito) [2155459 2100404]
- PCI: hv: Reuse existing IRTE allocation in compose_msi_msg() (Emanuele Giuseppe Esposito) [2155459 2100404]
- PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI (Emanuele Giuseppe Esposito) [2155459 2100404]
- PCI: hv: Fix multi-MSI to allow more than one MSI vector (Emanuele Giuseppe Esposito) [2155459 2100404]
- proc: proc_skip_spaces() shouldn't think it is working on C strings (Wander Lairson Costa) [2152580 2152581] {CVE-2022-4378}
- proc: avoid integer type confusion in get_proc_long (Wander Lairson Costa) [2152580 2152581] {CVE-2022-4378}
- blk-mq: run queue no matter whether the request is the last request (Ming Lei) [2162535 2118511]
- netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits (Florian Westphal) [2161724 2161725] {CVE-2023-0179}
- nvme-tcp: fix regression that causes sporadic requests to time out (Gopal Tiwari) [2161344 2124526]
- netfs: Fix dodgy maths (Xiubo Li) [2161418 2138981]
- netfs: Fix missing xas_retry() calls in xarray iteration (Xiubo Li) [2161418 2138981]
[5.14.0-162.16.1_1]
- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu (Ricardo Robaina) [2152929 2152931] {CVE-2022-3564}
- gitlab-ci: use CI templates from production branch (Michael Hofmann)
[5.14.0-162.15.1_1]
- KVM: s390: vsie: Fix the initialization of the epoch extension (epdx) field (Thomas Huth) [2158815 2140899]
- x86/fpu: Do not leak fpstate pointer on fork (Rafael Aquini) [2133083 2120448]
- Revert 'usb: typec: ucsi: add a common function ucsi_unregister_connectors()' (Torez Smith) [2153277 2113003]
- i2c: ismt: Fix an out-of-bounds bug in ismt_access() (David Arcari) [2154859 2119067] {CVE-2022-2873}
[5.14.0-162.14.1_1]
- NFSD: fix use-after-free in __nfs42_ssc_open() (Benjamin Coddington) [2152815 2152816] {CVE-2022-4379}
- PCI: hv: Fix synchronization between channel callback and hv_pci_bus_exit() (Mohammed Gamal) [2155930 2155277]
- PCI: hv: Fix synchronization between channel callback and hv_compose_msi_msg() (Mohammed Gamal) [2155930 2155277]
- PCI: hv: Use vmbus_requestor to generate transaction IDs for VMbus hardening (Mohammed Gamal) [2155930 2155277]
- sched/core: Always flush pending blk_plug (Phil Auld) [2153792 2115520]
[5.14.0-162.13.1_1]
- scsi: qla2xxx: Fix crash when I/O abort times out (Nilesh Javali) [2152178 2115892]
- net: mana: Fix race on per-CQ variable napi work_done (Emanuele Giuseppe Esposito) [2155145 2153431]
Related CVEs
| CVE-2023-0179 |
| CVE-2022-4378 |
| CVE-2022-4379 |
| CVE-2022-2873 |
| CVE-2022-3564 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 9 (aarch64) | kernel-5.14.0-162.18.1.el9_1.src.rpm | 153b8f420b7e96160027e9bd21ddf8f8 | - |
| bpftool-5.14.0-162.18.1.el9_1.aarch64.rpm | f80a4c4d128f9410260f388f2757f98f | - | |
| kernel-cross-headers-5.14.0-162.18.1.el9_1.aarch64.rpm | 303dee2095310da1afebee9346475ab0 | - | |
| kernel-headers-5.14.0-162.18.1.el9_1.aarch64.rpm | a9e4be54ee8caab62b0896cbb4192cec | - | |
| kernel-tools-5.14.0-162.18.1.el9_1.aarch64.rpm | 73570d310951f396ccb7cbf8f0ee5c38 | - | |
| kernel-tools-libs-5.14.0-162.18.1.el9_1.aarch64.rpm | df5de57b8b7c637035cdbfcfe8dcebf3 | - | |
| kernel-tools-libs-devel-5.14.0-162.18.1.el9_1.aarch64.rpm | f788e10017499b02be4864746b006ac0 | - | |
| perf-5.14.0-162.18.1.el9_1.aarch64.rpm | b5ee935efa0369adb8e566b99903cc4c | - | |
| python3-perf-5.14.0-162.18.1.el9_1.aarch64.rpm | 08c493c93d9db86c38dc346739e01c6d | - | |
| Oracle Linux 9 (x86_64) | kernel-5.14.0-162.18.1.el9_1.src.rpm | 153b8f420b7e96160027e9bd21ddf8f8 | - |
| bpftool-5.14.0-162.18.1.el9_1.x86_64.rpm | f6a17d811a20e2e6a629557e141d75cf | - | |
| kernel-5.14.0-162.18.1.el9_1.x86_64.rpm | 5b78d9f3d47db7f43c130cad187ba60e | - | |
| kernel-abi-stablelists-5.14.0-162.18.1.el9_1.noarch.rpm | f4dbd30a8ea02ca5a2bf839106842353 | - | |
| kernel-core-5.14.0-162.18.1.el9_1.x86_64.rpm | d54235bb0f7fc9fd7dcf775a5cdea810 | - | |
| kernel-cross-headers-5.14.0-162.18.1.el9_1.x86_64.rpm | 889bccd1e1fdbace2b6fe844e433081a | - | |
| kernel-debug-5.14.0-162.18.1.el9_1.x86_64.rpm | 1d8a453f3af93f704512ae6fedb3e42d | - | |
| kernel-debug-core-5.14.0-162.18.1.el9_1.x86_64.rpm | 4351b900a988baa6baee10ba0ee5e200 | - | |
| kernel-debug-devel-5.14.0-162.18.1.el9_1.x86_64.rpm | 02f46730d635c90f688b17896777b5ef | - | |
| kernel-debug-devel-matched-5.14.0-162.18.1.el9_1.x86_64.rpm | e48cdfefc9595f5c2db1a098fe8720ba | - | |
| kernel-debug-modules-5.14.0-162.18.1.el9_1.x86_64.rpm | 84029885881244ee4577617cec7feb53 | - | |
| kernel-debug-modules-extra-5.14.0-162.18.1.el9_1.x86_64.rpm | 67575a7ca13bf74afe0ec77de3b9b58d | - | |
| kernel-devel-5.14.0-162.18.1.el9_1.x86_64.rpm | 5e4cb57b058c8777fc40a96da91f92ad | - | |
| kernel-devel-matched-5.14.0-162.18.1.el9_1.x86_64.rpm | 55a4cc4c8b3a3e1598407cda63e75ac0 | - | |
| kernel-doc-5.14.0-162.18.1.el9_1.noarch.rpm | 9c1f0fcb6581282334e2f1089e76f493 | - | |
| kernel-headers-5.14.0-162.18.1.el9_1.x86_64.rpm | 04760eb72132ecdf0f7f5184b76a7c2d | - | |
| kernel-modules-5.14.0-162.18.1.el9_1.x86_64.rpm | a7dc10ea1d493ced36e60b2659a55122 | - | |
| kernel-modules-extra-5.14.0-162.18.1.el9_1.x86_64.rpm | 237ae694440a45d0dabc1651d11e0f1a | - | |
| kernel-tools-5.14.0-162.18.1.el9_1.x86_64.rpm | 6b14fe44e92f4a8a0bb05cbba0bf13ea | - | |
| kernel-tools-libs-5.14.0-162.18.1.el9_1.x86_64.rpm | 4a96fa4cdce2fc7cdd8a22b66393375e | - | |
| kernel-tools-libs-devel-5.14.0-162.18.1.el9_1.x86_64.rpm | 483cbe7b6fdc262720a6a5273e79952b | - | |
| perf-5.14.0-162.18.1.el9_1.x86_64.rpm | b43149efd16cc2d0609b2422ace28c23 | - | |
| python3-perf-5.14.0-162.18.1.el9_1.x86_64.rpm | e4718713228db768d7d24f670c88b32c | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
