ELSA-2023-12242
- ULN >
- Oracle Linux Errata repository >
- ELSA-2023-12242
ELSA-2023-12242 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2023-04-10 |
Description
[4.14.35-2047.524.5]
- rds/ib: Fix the softlock-up in RDS cache GC worker (Arumugam Kolappan) [Orabug: 35079728]
[4.14.35-2047.524.4]
- xfs: add missing cmap->br_state = XFS_EXT_NORM update (Gao Xiang) [Orabug: 35202792]
- x86/tsc: Disable clocksource watchdog for TSC on qualified platorms (Feng Tang) [Orabug: 35181414]
- x86/tsc: Add a timer to make sure TSC_adjust is always checked (Feng Tang) [Orabug: 35181414]
[4.14.35-2047.524.3]
- KVM: x86/pmu: Update AMD PMC sample period to fix guest NMI-watchdog (Like Xu) [Orabug: 35182018]
- KVM: x86: Prevent set vCPU into INIT/SIPI_RECEIVED state when INIT are latched (Liran Alon) [Orabug: 35146837]
- KVM: x86: Evaluate latched_init in KVM_SET_VCPU_EVENTS when vCPU not in SMM (Liran Alon) [Orabug: 35146837]
- mm: use ktask for copying page ranges in vma_dup() (Anthony Yznaga) [Orabug: 35054623]
- mm: parallelize unmap_page_range() for some large VMAs (Anthony Yznaga) [Orabug: 35054623]
- hv_netvsc: Add check for kvmalloc_array (Jiasheng Jiang) [Orabug: 34951483] {CVE-2022-3107}
- block: fix handling for BIO_NO_PAGE_REF (Ming Lei) [Orabug: 34602747]
- block: add BIO_NO_PAGE_REF flag (Jens Axboe) [Orabug: 34602747]
- block: implement bio helper to add iter bvec pages to bio (Jens Axboe) [Orabug: 34602747]
- block: introduce mp_bvec_for_each_page() for iterating over page (Ming Lei) [Orabug: 34602747]
[4.14.35-2047.524.2]
- x86/kdump: Fall back to reserve high crashkernel memory (Dave Young) [Orabug: 35158700]
- NFS: If the VFS sets LOOKUP_REVAL then force a lookup of the dentry (Trond Myklebust) [Orabug: 35136066]
- nfsd: Do not refuse to serve out of cache (Trond Myklebust) [Orabug: 35136066]
[4.14.35-2047.524.1]
- Revert 'Change mincore() to count 'mapped' pages rather than 'cached' pages' (Linus Torvalds) [Orabug: 35124753]
- Revert 'XFS: code enhancement to help debug' (Stephen Brennan) [Orabug: 35070084]
- NFSv4: Fix OPEN / CLOSE race (Trond Myklebust) [Orabug: 34998974]
- LTS version: v4.14.306 (Saeed Mirzamohammadi)
- nilfs2: fix underflow in second superblock position calculations (Ryusuke Konishi)
- kvm: initialize all of the kvm_debugregs structure before sending it to userspace (Greg Kroah-Hartman)
- i40e: Add checking for null for nlmsg_find_attr() (Natalia Petrova)
- ipv6: Fix tcp socket connection with DSCP. (Guillaume Nault)
- ipv6: Fix datagram socket connection with DSCP. (Guillaume Nault)
- net: mpls: fix stale pointer if allocation fails during device rename (Jakub Kicinski)
- net: stmmac: Restrict warning on disabling DMA store and fwd mode (Cristian Ciocaltea)
- net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path (Miko Larsson)
- dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.pktoptions. (Kuniyuki Iwashima)
- net: bgmac: fix BCM5358 support by setting correct flags (Rafa Mi ecki)
- i40e: add double of VLAN header when computing the max MTU (Jason Xing)
- revert 'squashfs: harden sanity check in squashfs_read_xattr_id_table' (Andrew Morton)
- hugetlb: check for undefined shift on 32 bit architectures (Mike Kravetz)
- ALSA: hda/conexant: add a new hda codec SN6180 (Bo Liu)
- mmc: sdio: fix possible resource leaks in some error paths (Yang Yingliang)
- Revert 'x86/fpu: Use _Alignof to avoid undefined behavior in TYPE_ALIGN' (Greg Kroah-Hartman)
- aio: fix mremap after fork null-deref (Seth Jenkins)
- nvme-fc: fix a missing queue put in nvmet_fc_ls_create_association (Amit Engel)
- net/rose: Fix to not accept on connected socket (Hyunwoo Kim)
- tools/virtio: fix the vringh test for virtio ring changes (Shunsuke Mie)
- migrate: hugetlb: check for hugetlb shared PMD in node migration (Mike Kravetz)
- usb: core: add quirk for Alcor Link AK9563 smartcard reader (Mark Pearson)
- net: USB: Fix wrong-direction WARNING in plusb.c (Alan Stern)
- pinctrl: single: fix potential NULL dereference (Maxim Korotkov)
- pinctrl: aspeed: Fix confusing types in return value (Joel Stanley)
- ALSA: pci: lx6464es: fix a debug loop (Dan Carpenter)
- ALSA: emux: Avoid potential array out-of-bound in snd_emux_xg_control() (Artemii Karasev)
- btrfs: limit device extents to the device size (Josef Bacik)
- serial: 8250_dma: Fix DMA Rx rearm race (Ilpo Jarvinen)
- serial: 8250_dma: Fix DMA Rx completion race (Ilpo Jarvinen)
- Squashfs: fix handling and sanity checking of xattr_ids count (Phillip Lougher)
- mm/swapfile: add cond_resched() in get_swap_pages() (Longlong Xia)
- mm: hugetlb: proc: check for hugetlb shared PMD in /proc/PID/smaps (Mike Kravetz)
- parisc: Wire up PTRACE_GETREGS/PTRACE_SETREGS for compat case (Helge Deller)
- parisc: Fix return code of pdc_iodc_print() (Helge Deller)
- iio:adc:twl6030: Enable measurements of VUSB, VBAT and others (Andreas Kemnade)
- iio: adc: berlin2-adc: Add missing of_node_put() in error path (Xiongfeng Wang)
- iio: hid: fix the retval in accel_3d_capture_sample (Dmitry Perchanov)
- efi: Accept version 2 of memory attributes table (Ard Biesheuvel)
- watchdog: diag288_wdt: fix __diag288() inline assembly (Alexander Egorenkov)
- watchdog: diag288_wdt: do not use stack buffers for hardware data (Alexander Egorenkov)
- fbcon: Check font dimension limits (Samuel Thibault)
- usb: gadget: f_fs: Fix unbalanced spinlock in __ffs_ep0_queue_wait (Udipto Goswami)
- net/x25: Fix to not accept on connected socket (Hyunwoo Kim)
- scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (Mike Christie)
- scsi: target: core: Fix warning on RT kernels (Maurizio Lombardi)
- net: openvswitch: fix flow memory leak in ovs_flow_cmd_new (Fedor Pchelkin)
- sctp: do not check hb_timer.expires when resetting hb_timer (Xin Long)
- squashfs: harden sanity check in squashfs_read_xattr_id_table (Fedor Pchelkin)
- netrom: Fix use-after-free caused by accept on already connected socket (Hyunwoo Kim)
- ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() (Artemii Karasev)
- bus: sunxi-rsb: Fix error handling in sunxi_rsb_init() (Yuan Can)
- firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region (Takashi Sakamoto)
- LTS version: v4.14.305 (Saeed Mirzamohammadi)
- usb: host: xhci-plat: add wakeup entry at sysfs (Peter Chen)
- ipv6: ensure sane device mtu in tunnels (Eric Dumazet)
- mm: kvmalloc does not fallback to vmalloc for incompatible gfp flags (Michal Hocko)
- exit: Use READ_ONCE() for all oops/warn limit reads (Kees Cook)
- docs: Fix path paste-o for /sys/kernel/warn_count (Kees Cook)
- panic: Expose 'warn_count' to sysfs (Kees Cook)
- panic: Introduce warn_limit (Kees Cook)
- panic: Consolidate open-coded panic_on_warn checks (Kees Cook)
- exit: Allow oops_limit to be disabled (Kees Cook)
- exit: Expose 'oops_count' to sysfs (Kees Cook)
- exit: Put an upper limit on how often we can oops (Jann Horn)
- ia64: make IA64_MCA_RECOVERY bool instead of tristate (Randy Dunlap)
- h8300: Fix build errors from do_exit() to make_task_dead() transition (Nathan Chancellor)
- hexagon: Fix function name in die() (Nathan Chancellor)
- objtool: Add a missing comma to avoid string concatenation (Eric W. Biederman)
- exit: Add and use make_task_dead. (Eric W. Biederman)
- panic: unset panic_on_warn inside panic() (Tiezhu Yang)
- sysctl: add a new register_sysctl_init() interface (Xiaoming Ni)
- x86/entry/64: Add instruction suffix to SYSRET (Jan Beulich)
- x86/asm: Fix an assembler warning with current binutils (Mikulas Patocka)
- drm/radeon/dp: make radeon_dp_get_dp_link_config static (Alex Deucher)
- wifi: brcmfmac: fix up incorrect 4.14.y backport for brcmf_fw_map_chip_to_name() (Greg Kroah-Hartman)
- x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL (Thomas Gleixner)
- Revert 'Input: synaptics - switch touchpad on HP Laptop 15-da3001TU to RMI mode' (Dmitry Torokhov)
- net/tg3: resolve deadlock in tg3_reset_task() during EEH (David Christensen)
- net: ravb: Fix possible hang if RIS2_QFF1 happen (Yoshihiro Shimoda)
- sctp: fail if no bound addresses can be used for a given scope (Marcelo Ricardo Leitner)
- netrom: Fix use-after-free of a listening socket. (Kuniyuki Iwashima)
- netfilter: conntrack: fix vtag checks for ABORT/SHUTDOWN_COMPLETE (Sriram Yagnaraman)
- netlink: annotate data races around sk_state (Eric Dumazet)
- netlink: annotate data races around dst_portid and dst_group (Eric Dumazet)
- EDAC/device: Respect any driver-supplied workqueue polling value (Manivannan Sadhasivam)
- ARM: 9280/1: mm: fix warning on phys_addr_t to void pointer assignment (Giulio Benetti)
- tracing: Make sure trace_printk() can output as soon as it can be used (Steven Rostedt (Google))
- module: Don't wait for GOING modules (Petr Pavlu)
- scsi: hpsa: Fix allocation size for scsi_host_alloc() (Alexey V. Vissarionov)
- Bluetooth: hci_sync: cancel cmd_timer if hci_open failed (Archie Pusaka)
- fs: reiserfs: remove useless new_opts in reiserfs_remount (Dongliang Mu)
- comedi: adv_pci1760: Fix PWM instruction handling (Ian Abbott)
- w1: fix WARNING after calling w1_process() (Yang Yingliang)
- w1: fix deadloop in __w1_remove_master_device() (Yang Yingliang)
- HID: betop: check shape of output reports (Pietro Borrello)
- dmaengine: Fix double increment of client_count in dma_chan_get() (Koba Ko)
- net: mlx5: eliminate anonymous module_init & module_exit (Randy Dunlap)
- usb: gadget: f_fs: Ensure ep0req is dequeued before free_request (Udipto Goswami)
- usb: gadget: f_fs: Prevent race during ffs_ep0_queue_wait (Udipto Goswami)
- HID: check empty report_list in hid_validate_values() (Pietro Borrello)
- net: mdio: validate parameter addr in mdiobus_get_phy() (Heiner Kallweit)
- net: usb: sr9700: Handle negative len (Szymon Heidrich)
- wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid (Szymon Heidrich) [Orabug: 35037714] {CVE-2023-23559}
- net: nfc: Fix use-after-free in local_cleanup() (Jisoo Jang)
- phy: rockchip-inno-usb2: Fix missing clk_disable_unprepare() in rockchip_usb2phy_power_on() (Shang XiaoJing)
- amd-xgbe: TX Flow Ctrl Registers are h/w ver dependent (Raju Rangoju)
- affs: initialize fsdata in affs_truncate() (Alexander Potapenko)
- IB/hfi1: Reserve user expected TIDs (Dean Luick)
- IB/hfi1: Reject a zero-length user expected buffer (Dean Luick)
- tomoyo: fix broken dependency on *.conf.default (Masahiro Yamada)
- EDAC/highbank: Fix memory leak in highbank_mc_probe() (Miaoqian Lin)
- HID: intel_ish-hid: Add check for ishtp_dma_tx_map (Jiasheng Jiang)
- ARM: dts: imx6qdl-gw560x: Remove incorrect 'uart-has-rtscts' (Fabio Estevam)
Related CVEs
| CVE-2023-23559 |
| CVE-2022-3107 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (aarch64) | kernel-uek-4.14.35-2047.524.5.el7uek.src.rpm | b2a742910cf30a0e7565113666a6fa2e | - |
| kernel-uek-4.14.35-2047.524.5.el7uek.aarch64.rpm | 3a7933731cb6019a02a5c51e92a5bbcd | - | |
| kernel-uek-debug-4.14.35-2047.524.5.el7uek.aarch64.rpm | e50609494539b247d794be7dd1486914 | - | |
| kernel-uek-debug-devel-4.14.35-2047.524.5.el7uek.aarch64.rpm | 596a042230ffd4a4344fef0e0e4e577d | - | |
| kernel-uek-devel-4.14.35-2047.524.5.el7uek.aarch64.rpm | b3b33522006f8ebbba51663afe55db94 | - | |
| kernel-uek-headers-4.14.35-2047.524.5.el7uek.aarch64.rpm | de78f0a579f09875a95d81f6ecc4c946 | - | |
| kernel-uek-tools-4.14.35-2047.524.5.el7uek.aarch64.rpm | 567b9c56c1512decd8483e965f6eceb7 | - | |
| kernel-uek-tools-libs-4.14.35-2047.524.5.el7uek.aarch64.rpm | c17bb13108680b345e3f9c8bf7597278 | - | |
| kernel-uek-tools-libs-devel-4.14.35-2047.524.5.el7uek.aarch64.rpm | a7a3242a1b388feb073504ac4ff5409d | - | |
| perf-4.14.35-2047.524.5.el7uek.aarch64.rpm | 3242841928250dbfc9ee197a245d7f4e | - | |
| python-perf-4.14.35-2047.524.5.el7uek.aarch64.rpm | ddb5323354f650c9928212793a96c145 | - | |
| Oracle Linux 7 (x86_64) | kernel-uek-4.14.35-2047.524.5.el7uek.src.rpm | b2a742910cf30a0e7565113666a6fa2e | - |
| kernel-uek-4.14.35-2047.524.5.el7uek.x86_64.rpm | f7be5b292a8ca9e72b1ff21abffebff6 | - | |
| kernel-uek-debug-4.14.35-2047.524.5.el7uek.x86_64.rpm | 3488e1d8ee2ec667b14fe5c055972341 | - | |
| kernel-uek-debug-devel-4.14.35-2047.524.5.el7uek.x86_64.rpm | e3b7324b94fb0443628e2877faf9b712 | - | |
| kernel-uek-devel-4.14.35-2047.524.5.el7uek.x86_64.rpm | 507e5d963202d147a50420b2ed62fe56 | - | |
| kernel-uek-doc-4.14.35-2047.524.5.el7uek.noarch.rpm | e481928caffe9dcdf7ab2179c409d733 | - | |
| kernel-uek-tools-4.14.35-2047.524.5.el7uek.x86_64.rpm | e1cd1f41d7c7386b0df62f5e68abf8e6 | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
