ELSA-2023-1091
- ULN >
- Oracle Linux Errata repository >
- ELSA-2023-1091
ELSA-2023-1091 - kernel security and bug fix update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2023-03-08 |
Description
[3.10.0-1160.88.1.0.1.OL7]
- debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499}
[3.10.0-1160.88.1.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)
[3.10.0-1160.88.1]
- KVM: x86: add bit to indicate correct tsc_shift (Marcelo Tosatti) [2152838]
- KVM: x86: rewrite handling of scaled TSC for kvmclock (Marcelo Tosatti) [2152838]
- KVM: x86: rename argument to kvm_set_tsc_khz (Marcelo Tosatti) [2152838]
[3.10.0-1160.87.1]
- Revert 'openvswitch: fix flow actions reallocation' (Rado Vrbovsky) [2141780] {CVE-2022-2639}
- Revert 'openvswitch: fix OOB access in reserve_sfa_size()' (Rado Vrbovsky) [2141780] {CVE-2022-2639}
- kvm/emulate: Fix SETcc emulation function offsets with SLS (Vitaly Kuznetsov) [2143438]
- mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse (Rafael Aquini) [2138620] {CVE-2022-42703}
- mm, rmap: handle anon_vma_prepare() common case inline (Rafael Aquini) [2138620] {CVE-2022-42703}
- proc: proc_skip_spaces() shouldn't think it is working on C strings (Wander Lairson Costa) [2152565] {CVE-2022-4378}
- proc: avoid integer type confusion in get_proc_long (Wander Lairson Costa) [2152565] {CVE-2022-4378}
- scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts (Nilesh Javali) [2092105]
- fs: move S_ISGID stripping into the vfs_*() helpers (Andrey Albershteyn) [2159946] {CVE-2018-13405 CVE-2021-4037}
- fs: Add missing umask strip in vfs_tmpfile (Andrey Albershteyn) [2159946] {CVE-2018-13405 CVE-2021-4037}
- fs: add mode_strip_sgid() helper (Andrey Albershteyn) [2159946] {CVE-2018-13405 CVE-2021-4037}
[3.10.0-1160.86.1]
- openvswitch: fix OOB access in reserve_sfa_size() (Rado Vrbovsky) [2141780] {CVE-2022-2639}
- openvswitch: fix flow actions reallocation (Rado Vrbovsky) [2141780] {CVE-2022-2639}
- gitlab-ci: use CI templates from production branch (Michael Hofmann)
- mm: prevent page_frag_alloc() from corrupting the memory (Rafael Aquini) [2141062]
- mm: Use fixed constant in page_frag_alloc instead of size + 1 (Rafael Aquini) [2141062]
- mm: page_alloc: fix ref bias in page_frag_alloc() for 1-byte allocs (Rafael Aquini) [2141062]
- x86/pat: Pass valid address to sanitize_phys() (Jeff Moyer) [1974485]
[3.10.0-1160.85.1]
- sctp: do asoc update earlier in sctp_sf_do_dupcook_b (Xin Long) [2054037]
- sctp: do asoc update earlier in sctp_sf_do_dupcook_a (Xin Long) [2054037]
- sctp: handle errors when updating asoc (Xin Long) [2054037]
- sctp: no need to check assoc id before calling sctp_assoc_set_id (Xin Long) [2054037]
- s390/topology: fix warning when disabling cpus (Tobias Huschle) [2071980]
[3.10.0-1160.84.1]
- blk-mq: fix flush-rq race (Ming Lei) [2088029]
- scsi: target: iscsi: Fix a race condition between login_work and the login thread (Maurizio Lombardi) [2154243]
Related CVEs
| CVE-2022-4378 |
| CVE-2022-42703 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (x86_64) | kernel-3.10.0-1160.88.1.0.1.el7.src.rpm | 67e8c71cc8165ffa702f3cdcdafca4e4 | - |
| bpftool-3.10.0-1160.88.1.0.1.el7.x86_64.rpm | ff8f76b235b1dbf7a8bbcdf01b75df4e | - | |
| kernel-3.10.0-1160.88.1.0.1.el7.x86_64.rpm | eefa4f568fe23c38fbe119b0dc29d55a | - | |
| kernel-abi-whitelists-3.10.0-1160.88.1.0.1.el7.noarch.rpm | 09a43d655d3963a0847b8d4b7d204e30 | - | |
| kernel-debug-3.10.0-1160.88.1.0.1.el7.x86_64.rpm | abea7c9ce736f5c177717d6814f94e69 | - | |
| kernel-debug-devel-3.10.0-1160.88.1.0.1.el7.x86_64.rpm | f573e36dd8a9426cf5adebff93a732a4 | - | |
| kernel-devel-3.10.0-1160.88.1.0.1.el7.x86_64.rpm | 107ded02fc6ed08b33e24999bb1fcd52 | - | |
| kernel-doc-3.10.0-1160.88.1.0.1.el7.noarch.rpm | edadeeb5dabaacef194b9a51ad1255b0 | - | |
| kernel-headers-3.10.0-1160.88.1.0.1.el7.x86_64.rpm | 0523ba0cbe0f431f10ffa03845c53f1f | - | |
| kernel-tools-3.10.0-1160.88.1.0.1.el7.x86_64.rpm | cbb15b4c278776823b6cacfb51d9f0e2 | - | |
| kernel-tools-libs-3.10.0-1160.88.1.0.1.el7.x86_64.rpm | b800e6049cb69725a20d9796284b2778 | - | |
| kernel-tools-libs-devel-3.10.0-1160.88.1.0.1.el7.x86_64.rpm | eedc9a2fb37af2bda188ce55c8137029 | - | |
| perf-3.10.0-1160.88.1.0.1.el7.x86_64.rpm | 2f12f28fca4787600ee6cf11d0714b88 | - | |
| python-perf-3.10.0-1160.88.1.0.1.el7.x86_64.rpm | c95d8714bd7de8002b898d9198a44d4f | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
