ELSA-2023-1091

ULN >
Oracle Linux Errata repository >
ELSA-2023-1091

ELSA-2023-1091 - kernel security and bug fix update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2023-03-08

Description

[3.10.0-1160.88.1.0.1.OL7]
- debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499}

[3.10.0-1160.88.1.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)

[3.10.0-1160.88.1]
- KVM: x86: add bit to indicate correct tsc_shift (Marcelo Tosatti) [2152838]
- KVM: x86: rewrite handling of scaled TSC for kvmclock (Marcelo Tosatti) [2152838]
- KVM: x86: rename argument to kvm_set_tsc_khz (Marcelo Tosatti) [2152838]

[3.10.0-1160.87.1]
- Revert 'openvswitch: fix flow actions reallocation' (Rado Vrbovsky) [2141780] {CVE-2022-2639}
- Revert 'openvswitch: fix OOB access in reserve_sfa_size()' (Rado Vrbovsky) [2141780] {CVE-2022-2639}
- kvm/emulate: Fix SETcc emulation function offsets with SLS (Vitaly Kuznetsov) [2143438]
- mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse (Rafael Aquini) [2138620] {CVE-2022-42703}
- mm, rmap: handle anon_vma_prepare() common case inline (Rafael Aquini) [2138620] {CVE-2022-42703}
- proc: proc_skip_spaces() shouldn't think it is working on C strings (Wander Lairson Costa) [2152565] {CVE-2022-4378}
- proc: avoid integer type confusion in get_proc_long (Wander Lairson Costa) [2152565] {CVE-2022-4378}
- scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts (Nilesh Javali) [2092105]
- fs: move S_ISGID stripping into the vfs_*() helpers (Andrey Albershteyn) [2159946] {CVE-2018-13405 CVE-2021-4037}
- fs: Add missing umask strip in vfs_tmpfile (Andrey Albershteyn) [2159946] {CVE-2018-13405 CVE-2021-4037}
- fs: add mode_strip_sgid() helper (Andrey Albershteyn) [2159946] {CVE-2018-13405 CVE-2021-4037}

[3.10.0-1160.86.1]
- openvswitch: fix OOB access in reserve_sfa_size() (Rado Vrbovsky) [2141780] {CVE-2022-2639}
- openvswitch: fix flow actions reallocation (Rado Vrbovsky) [2141780] {CVE-2022-2639}
- gitlab-ci: use CI templates from production branch (Michael Hofmann)
- mm: prevent page_frag_alloc() from corrupting the memory (Rafael Aquini) [2141062]
- mm: Use fixed constant in page_frag_alloc instead of size + 1 (Rafael Aquini) [2141062]
- mm: page_alloc: fix ref bias in page_frag_alloc() for 1-byte allocs (Rafael Aquini) [2141062]
- x86/pat: Pass valid address to sanitize_phys() (Jeff Moyer) [1974485]

[3.10.0-1160.85.1]
- sctp: do asoc update earlier in sctp_sf_do_dupcook_b (Xin Long) [2054037]
- sctp: do asoc update earlier in sctp_sf_do_dupcook_a (Xin Long) [2054037]
- sctp: handle errors when updating asoc (Xin Long) [2054037]
- sctp: no need to check assoc id before calling sctp_assoc_set_id (Xin Long) [2054037]
- s390/topology: fix warning when disabling cpus (Tobias Huschle) [2071980]

[3.10.0-1160.84.1]
- blk-mq: fix flush-rq race (Ming Lei) [2088029]
- scsi: target: iscsi: Fix a race condition between login_work and the login thread (Maurizio Lombardi) [2154243]

Related CVEs

CVE-2022-4378

CVE-2022-42703

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	kernel-3.10.0-1160.88.1.0.1.el7.src.rpm	e496102ff0030bbcc73a6171158e8bd343653d1f0fc532f60c89a4e1243202b5	ELSA-2025-1281	ol7_x86_64_latest
	kernel-3.10.0-1160.88.1.0.1.el7.src.rpm	e496102ff0030bbcc73a6171158e8bd343653d1f0fc532f60c89a4e1243202b5	ELSA-2025-1281	ol7_x86_64_optional_latest
	kernel-3.10.0-1160.88.1.0.1.el7.src.rpm	e496102ff0030bbcc73a6171158e8bd343653d1f0fc532f60c89a4e1243202b5	ELSA-2025-1281	ol7_x86_64_u9_patch
	bpftool-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	f3232f4dd019f99834497a3c81e49400c5ebe1856b740e59bae1a8b8794a4748	ELSA-2025-1281	ol7_x86_64_latest
	bpftool-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	f3232f4dd019f99834497a3c81e49400c5ebe1856b740e59bae1a8b8794a4748	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	2cf1b8c3b16cc6f56cd72dcd388f75a60f5b182aaa7535079fea1e7a1bd55c0f	ELSA-2025-1281	ol7_x86_64_latest
	kernel-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	2cf1b8c3b16cc6f56cd72dcd388f75a60f5b182aaa7535079fea1e7a1bd55c0f	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-abi-whitelists-3.10.0-1160.88.1.0.1.el7.noarch.rpm	865bbc53c46f59e16080309183c917841630a0ba4797dd0a2255b1616849aad2	ELSA-2025-1281	ol7_x86_64_latest
	kernel-abi-whitelists-3.10.0-1160.88.1.0.1.el7.noarch.rpm	865bbc53c46f59e16080309183c917841630a0ba4797dd0a2255b1616849aad2	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-debug-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	e8e971b3f5663ca17e78fbcf49e1912914e7f61274dadbbfcab58aa708c9dba6	ELSA-2025-1281	ol7_x86_64_latest
	kernel-debug-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	e8e971b3f5663ca17e78fbcf49e1912914e7f61274dadbbfcab58aa708c9dba6	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-debug-devel-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	224dd768a6bb9bd83dbfcfd9ce3adfe1635168451b7322251b1da4a45c2b01a6	ELSA-2025-1281	ol7_x86_64_latest
	kernel-debug-devel-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	224dd768a6bb9bd83dbfcfd9ce3adfe1635168451b7322251b1da4a45c2b01a6	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-devel-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	a438487323dc0585a8014bfa663396caa62341f7a3fc0f3fa802a77cb2992cc2	ELSA-2025-1281	ol7_x86_64_latest
	kernel-devel-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	a438487323dc0585a8014bfa663396caa62341f7a3fc0f3fa802a77cb2992cc2	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-doc-3.10.0-1160.88.1.0.1.el7.noarch.rpm	dd1bb0b2de58c464e05e508440a3079d6dc539d7dffb607afbf185e0b0784555	ELSA-2025-1281	ol7_x86_64_latest
	kernel-doc-3.10.0-1160.88.1.0.1.el7.noarch.rpm	dd1bb0b2de58c464e05e508440a3079d6dc539d7dffb607afbf185e0b0784555	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-headers-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	93b948f85182db6ed06d86a706ad39f596d6fdbc16c46236e83a61c8bde181e8	ELSA-2025-1281	exadata_dbserver_21.2.23.0.0_x86_64_base
	kernel-headers-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	93b948f85182db6ed06d86a706ad39f596d6fdbc16c46236e83a61c8bde181e8	ELSA-2025-1281	exadata_dbserver_22.1.10.0.0_x86_64_base
	kernel-headers-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	93b948f85182db6ed06d86a706ad39f596d6fdbc16c46236e83a61c8bde181e8	ELSA-2025-1281	ol7_x86_64_latest
	kernel-headers-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	93b948f85182db6ed06d86a706ad39f596d6fdbc16c46236e83a61c8bde181e8	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-tools-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	4b745fcd966da2dc025a9b3232f4bf1cd4b2f0b43d0b29c1d22728b20e67b978	ELSA-2025-1281	exadata_dbserver_21.2.23.0.0_x86_64_base
	kernel-tools-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	4b745fcd966da2dc025a9b3232f4bf1cd4b2f0b43d0b29c1d22728b20e67b978	ELSA-2025-1281	exadata_dbserver_22.1.10.0.0_x86_64_base
	kernel-tools-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	4b745fcd966da2dc025a9b3232f4bf1cd4b2f0b43d0b29c1d22728b20e67b978	ELSA-2025-1281	ol7_x86_64_latest
	kernel-tools-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	4b745fcd966da2dc025a9b3232f4bf1cd4b2f0b43d0b29c1d22728b20e67b978	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-tools-libs-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	dd1135cb7612f54409c32fe6654f411bc4d69d41403b482b5ce3ecd310c05468	ELSA-2025-1281	exadata_dbserver_21.2.23.0.0_x86_64_base
	kernel-tools-libs-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	dd1135cb7612f54409c32fe6654f411bc4d69d41403b482b5ce3ecd310c05468	ELSA-2025-1281	exadata_dbserver_22.1.10.0.0_x86_64_base
	kernel-tools-libs-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	dd1135cb7612f54409c32fe6654f411bc4d69d41403b482b5ce3ecd310c05468	ELSA-2025-1281	ol7_x86_64_latest
	kernel-tools-libs-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	dd1135cb7612f54409c32fe6654f411bc4d69d41403b482b5ce3ecd310c05468	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-tools-libs-devel-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	e6f3afe7ad3b91259152eca09c0f119217fe3593b86844ee8c63a7be64390a19	ELSA-2025-1281	ol7_x86_64_optional_latest
	perf-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	d1e9231cbb18f3a82d84b3ae932c20c2f9ebbb4357d6b2476727ffb03adac09c	ELSA-2025-20019	ol7_x86_64_latest
	perf-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	d1e9231cbb18f3a82d84b3ae932c20c2f9ebbb4357d6b2476727ffb03adac09c	ELSA-2025-20019	ol7_x86_64_u9_patch
	python-perf-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	8e976267c944a0594c272659d9a6836685bb0e913fa3acb3477b0ca0acfc638d	ELSA-2025-20019	ol7_x86_64_latest
	python-perf-3.10.0-1160.88.1.0.1.el7.x86_64.rpm	8e976267c944a0594c272659d9a6836685bb0e913fa3acb3477b0ca0acfc638d	ELSA-2025-20019	ol7_x86_64_u9_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691