ELSA-2024-0897
- ULN >
- Oracle Linux Errata repository >
- ELSA-2024-0897
ELSA-2024-0897 - kernel security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2024-03-06 |
Description
[4.18.0-513.18.1.el8_9.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- Drop not needed patch
[4.18.0-513.18.1.el8_9]
- net: tls, update curr on splice as well (Sabrina Dubroca) [RHEL-22091 RHEL-19065] {CVE-2024-0646}
- smb: client: fix potential OOB in smb2_dump_detail() (Scott Mayhew) [RHEL-21672 RHEL-19144] {CVE-2023-6610}
- smb: client: fix potential OOB in cifs_dump_detail() (Scott Mayhew) [RHEL-21672 RHEL-19144] {CVE-2023-6610}
- nvmet-tcp: Fix the H2C expected PDU len calculation (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536}
- nvmet-tcp: remove boilerplate code (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536}
- nvmet-tcp: fix a crash in nvmet_req_complete() (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536}
- nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536}
- net-sysfs: add check for netdevice being present to speed_show (Michal Schmidt) [RHEL-20924 RHEL-16007]
- netfilter: nft_set_pipapo: skip inactive elements during set walk (Florian Westphal) [RHEL-20698 RHEL-19721] {CVE-2023-6817}
[4.18.0-513.17.1.el8_9]
- redhat: rewrite genlog and support Y- tags (Jan Stancek)
- smb: client: fix OOB in smbCalcSize() (Scott Mayhew) [RHEL-21662 RHEL-18990] {CVE-2023-6606}
- s390/qeth: Don't call dev_close/dev_open (DOWN/UP) (Tobias Huschle) [RHEL-17884 RHEL-2410]
- blk-mq: use quiesced elevator switch when reinitializing queues (Ming Lei) [RHEL-21785 RHEL-19944]
- lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (Ming Lei) [RHEL-20232 RHEL-8128]
[4.18.0-513.16.1.el8_9]
- tracing/timerlat: Add user-space interface (Chris White) [RHEL-20362 RHEL-15142]
- tracing/osnoise: Skip running osnoise if all instances are off (Chris White) [RHEL-20362 RHEL-15142]
- tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable (Chris White) [RHEL-20362 RHEL-15142]
- tracing/timerlat: Always wakeup the timerlat thread (Chris White) [RHEL-20362 RHEL-15142]
- tracing/osnoise: Fix notify new tracing_max_latency (Chris White) [RHEL-20362 RHEL-15142]
- tracing/timerlat: Notify new max thread latency (Chris White) [RHEL-20362 RHEL-15142]
- trace/osnoise: make use of the helper function kthread_run_on_cpu() (Chris White) [RHEL-20362 RHEL-15142]
- kthread: add the helper function kthread_run_on_cpu() (Chris White) [RHEL-20362 RHEL-15142]
- x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing (Prarit Bhargava) [RHEL-7238 RHEL-4244]
- HID: check empty report_list in hid_validate_values() (Desnes Nunes) [RHEL-19274 RHEL-19237] {CVE-2023-1073}
- s390/dasd: print copy pair message only for the correct error (Tobias Huschle) [RHEL-9444 RHEL-2831]
- blk-mq: don't count completed flush data request as inflight in case of quiesce (Ming Lei) [RHEL-19111 RHEL-18055]
[4.18.0-513.15.1.el8_9]
- IB/ipoib: Fix mcast list locking (Daniel Vacek) [RHEL-19699 RHEL-19244]
- RDMA/IPoIB: Fix error code return in ipoib_mcast_join (Daniel Vacek) [RHEL-19699 RHEL-19244]
- x86/sev: Check for user-space IOIO pointing to kernel space (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813}
- x86/sev: Check IOBM for IOIO exceptions from user-space (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813}
- x86/sev: Disable MMIO emulation from user mode (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813}
- x86/sev-es: Fix SEV-ES OUT/IN immediate opcode vc handling (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813}
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 8 (aarch64) | kernel-4.18.0-513.18.1.el8_9.src.rpm | ea2b46e8912d0b45b2df51623bff05d5703e87bd44f4a0a6077d4da3052a6beb | - | ol8_aarch64_baseos_latest |
| kernel-4.18.0-513.18.1.el8_9.src.rpm | ea2b46e8912d0b45b2df51623bff05d5703e87bd44f4a0a6077d4da3052a6beb | - | ol8_aarch64_codeready_builder | |
| kernel-4.18.0-513.18.1.el8_9.src.rpm | ea2b46e8912d0b45b2df51623bff05d5703e87bd44f4a0a6077d4da3052a6beb | - | ol8_aarch64_u9_baseos_patch | |
| bpftool-4.18.0-513.18.1.el8_9.aarch64.rpm | 96f3366e1dcb23a1849535eb2d6dc15e05e2ec15ab87cafddb127f25f5d3df88 | - | ol8_aarch64_baseos_latest | |
| bpftool-4.18.0-513.18.1.el8_9.aarch64.rpm | 96f3366e1dcb23a1849535eb2d6dc15e05e2ec15ab87cafddb127f25f5d3df88 | - | ol8_aarch64_u9_baseos_patch | |
| kernel-cross-headers-4.18.0-513.18.1.el8_9.aarch64.rpm | 449a6b4b8c3ea06df452f5b2f60917cf2ad1a73ced02456c068ac577a4011b19 | - | ol8_aarch64_baseos_latest | |
| kernel-cross-headers-4.18.0-513.18.1.el8_9.aarch64.rpm | 449a6b4b8c3ea06df452f5b2f60917cf2ad1a73ced02456c068ac577a4011b19 | - | ol8_aarch64_u9_baseos_patch | |
| kernel-headers-4.18.0-513.18.1.el8_9.aarch64.rpm | d60e97b5bb4afb18abf7174200b9620459528bdbd1cebf98f4beacafce844813 | - | ol8_aarch64_baseos_latest | |
| kernel-headers-4.18.0-513.18.1.el8_9.aarch64.rpm | d60e97b5bb4afb18abf7174200b9620459528bdbd1cebf98f4beacafce844813 | - | ol8_aarch64_u9_baseos_patch | |
| kernel-tools-4.18.0-513.18.1.el8_9.aarch64.rpm | 3937a5060b2b8762752348335881f6b17ddeab056d9068c96e955b12e55e44c5 | - | ol8_aarch64_baseos_latest | |
| kernel-tools-4.18.0-513.18.1.el8_9.aarch64.rpm | 3937a5060b2b8762752348335881f6b17ddeab056d9068c96e955b12e55e44c5 | - | ol8_aarch64_u9_baseos_patch | |
| kernel-tools-libs-4.18.0-513.18.1.el8_9.aarch64.rpm | 2bc81817fb065ec2b73a7f9fb250d51908dd09c4195fdbbfea44289e38e2f349 | - | ol8_aarch64_baseos_latest | |
| kernel-tools-libs-4.18.0-513.18.1.el8_9.aarch64.rpm | 2bc81817fb065ec2b73a7f9fb250d51908dd09c4195fdbbfea44289e38e2f349 | - | ol8_aarch64_u9_baseos_patch | |
| kernel-tools-libs-devel-4.18.0-513.18.1.el8_9.aarch64.rpm | 00ef3ad527fdcb0162e15d77f99f30e6fb53e1254d171fa75e56cd72cca5b64f | - | ol8_aarch64_codeready_builder | |
| perf-4.18.0-513.18.1.el8_9.aarch64.rpm | 0e492d58555ad2761c16e442c3c4c5ee2259d94b5c2bca2af1f0401905a8d6d0 | - | ol8_aarch64_baseos_latest | |
| perf-4.18.0-513.18.1.el8_9.aarch64.rpm | 0e492d58555ad2761c16e442c3c4c5ee2259d94b5c2bca2af1f0401905a8d6d0 | - | ol8_aarch64_u9_baseos_patch | |
| python3-perf-4.18.0-513.18.1.el8_9.aarch64.rpm | 16e9e857ecba9f791e0306b9a3a43436cb0375614d8aabd0079a66a3e972034a | - | ol8_aarch64_baseos_latest | |
| python3-perf-4.18.0-513.18.1.el8_9.aarch64.rpm | 16e9e857ecba9f791e0306b9a3a43436cb0375614d8aabd0079a66a3e972034a | - | ol8_aarch64_u9_baseos_patch | |
| Oracle Linux 8 (x86_64) | kernel-4.18.0-513.18.1.el8_9.src.rpm | ea2b46e8912d0b45b2df51623bff05d5703e87bd44f4a0a6077d4da3052a6beb | - | ol8_x86_64_baseos_latest |
| kernel-4.18.0-513.18.1.el8_9.src.rpm | ea2b46e8912d0b45b2df51623bff05d5703e87bd44f4a0a6077d4da3052a6beb | - | ol8_x86_64_codeready_builder | |
| kernel-4.18.0-513.18.1.el8_9.src.rpm | ea2b46e8912d0b45b2df51623bff05d5703e87bd44f4a0a6077d4da3052a6beb | - | ol8_x86_64_u9_baseos_patch | |
| bpftool-4.18.0-513.18.1.el8_9.x86_64.rpm | db3476289e6e532dde4df8c98ec9e9e572a5febc872fb601bc1be1da2b74e6f9 | - | ol8_x86_64_baseos_latest | |
| bpftool-4.18.0-513.18.1.el8_9.x86_64.rpm | db3476289e6e532dde4df8c98ec9e9e572a5febc872fb601bc1be1da2b74e6f9 | - | ol8_x86_64_u9_baseos_patch | |
| kernel-4.18.0-513.18.1.el8_9.x86_64.rpm | bdab3718da19d2ad53a60ff9809f762fbcf1c7976611454f5a6a0968937a6416 | - | ol8_x86_64_baseos_latest | |
| kernel-4.18.0-513.18.1.el8_9.x86_64.rpm | bdab3718da19d2ad53a60ff9809f762fbcf1c7976611454f5a6a0968937a6416 | - | ol8_x86_64_u9_baseos_patch | |
| kernel-abi-stablelists-4.18.0-513.18.1.el8_9.noarch.rpm | 70a8e26eb61cca8a58f3e5628151608622e23e407a92d71604d7548153580360 | - | ol8_x86_64_baseos_latest | |
| kernel-abi-stablelists-4.18.0-513.18.1.el8_9.noarch.rpm | 70a8e26eb61cca8a58f3e5628151608622e23e407a92d71604d7548153580360 | - | ol8_x86_64_u9_baseos_patch | |
| kernel-core-4.18.0-513.18.1.el8_9.x86_64.rpm | bf0fb6048fd43a4d1858b92bcdc27427da157b7ec0cc5c2ec70854b7300a0954 | - | ol8_x86_64_baseos_latest | |
| kernel-core-4.18.0-513.18.1.el8_9.x86_64.rpm | bf0fb6048fd43a4d1858b92bcdc27427da157b7ec0cc5c2ec70854b7300a0954 | - | ol8_x86_64_u9_baseos_patch | |
| kernel-cross-headers-4.18.0-513.18.1.el8_9.x86_64.rpm | 89a768761b8942740a6e6c3e7623d5cd2a939f55fbe69f210379ca009af1d40f | - | ol8_x86_64_baseos_latest | |
| kernel-cross-headers-4.18.0-513.18.1.el8_9.x86_64.rpm | 89a768761b8942740a6e6c3e7623d5cd2a939f55fbe69f210379ca009af1d40f | - | ol8_x86_64_u9_baseos_patch | |
| kernel-debug-4.18.0-513.18.1.el8_9.x86_64.rpm | b2e3b5ab7a644ded5f8921db86050a2f28ab0f3159bae5fb4e0c11f5f9ff63ad | - | ol8_x86_64_baseos_latest | |
| kernel-debug-4.18.0-513.18.1.el8_9.x86_64.rpm | b2e3b5ab7a644ded5f8921db86050a2f28ab0f3159bae5fb4e0c11f5f9ff63ad | - | ol8_x86_64_u9_baseos_patch | |
| kernel-debug-core-4.18.0-513.18.1.el8_9.x86_64.rpm | 3b4d0d04a9749957d8f64978c42a9f9b9ffff57da75cc5b37afff25a1930e435 | - | ol8_x86_64_baseos_latest | |
| kernel-debug-core-4.18.0-513.18.1.el8_9.x86_64.rpm | 3b4d0d04a9749957d8f64978c42a9f9b9ffff57da75cc5b37afff25a1930e435 | - | ol8_x86_64_u9_baseos_patch | |
| kernel-debug-devel-4.18.0-513.18.1.el8_9.x86_64.rpm | b015a1789e1b3f108f3e84562d22f57bdb003c8d2ae69f768918f2420d90d0c9 | - | ol8_x86_64_baseos_latest | |
| kernel-debug-devel-4.18.0-513.18.1.el8_9.x86_64.rpm | b015a1789e1b3f108f3e84562d22f57bdb003c8d2ae69f768918f2420d90d0c9 | - | ol8_x86_64_u9_baseos_patch | |
| kernel-debug-modules-4.18.0-513.18.1.el8_9.x86_64.rpm | 5eabfc8d5ae0db174aaced47d2383e63f4566656d1821514a50004592274a4a0 | - | ol8_x86_64_baseos_latest | |
| kernel-debug-modules-4.18.0-513.18.1.el8_9.x86_64.rpm | 5eabfc8d5ae0db174aaced47d2383e63f4566656d1821514a50004592274a4a0 | - | ol8_x86_64_u9_baseos_patch | |
| kernel-debug-modules-extra-4.18.0-513.18.1.el8_9.x86_64.rpm | 2cf250baa1b592faafb71427f71fe868c61ee7ae35941ca7010d11c4890ec649 | - | ol8_x86_64_baseos_latest | |
| kernel-debug-modules-extra-4.18.0-513.18.1.el8_9.x86_64.rpm | 2cf250baa1b592faafb71427f71fe868c61ee7ae35941ca7010d11c4890ec649 | - | ol8_x86_64_u9_baseos_patch | |
| kernel-devel-4.18.0-513.18.1.el8_9.x86_64.rpm | b0e5b2f3bf11e94bc8f021847fcef4ec65b9d24309579ee98857c49fc0627b92 | - | ol8_x86_64_baseos_latest | |
| kernel-devel-4.18.0-513.18.1.el8_9.x86_64.rpm | b0e5b2f3bf11e94bc8f021847fcef4ec65b9d24309579ee98857c49fc0627b92 | - | ol8_x86_64_u9_baseos_patch | |
| kernel-doc-4.18.0-513.18.1.el8_9.noarch.rpm | 9d30a49fee2debaf9dfbda8ccc58b03d763e159286f48fa95e7646a9a548663b | - | ol8_x86_64_baseos_latest | |
| kernel-doc-4.18.0-513.18.1.el8_9.noarch.rpm | 9d30a49fee2debaf9dfbda8ccc58b03d763e159286f48fa95e7646a9a548663b | - | ol8_x86_64_u9_baseos_patch | |
| kernel-headers-4.18.0-513.18.1.el8_9.x86_64.rpm | ab98f2f955792b37c7e3d0d4e104f8ce505d2807f24bc6ad1817fd6760f80f73 | - | ol8_x86_64_baseos_latest | |
| kernel-headers-4.18.0-513.18.1.el8_9.x86_64.rpm | ab98f2f955792b37c7e3d0d4e104f8ce505d2807f24bc6ad1817fd6760f80f73 | - | ol8_x86_64_u9_baseos_patch | |
| kernel-modules-4.18.0-513.18.1.el8_9.x86_64.rpm | 7c075ffb911c3d6368a95a7e8574341ea0a16eed43ffc2183845e0a665d45817 | - | ol8_x86_64_baseos_latest | |
| kernel-modules-4.18.0-513.18.1.el8_9.x86_64.rpm | 7c075ffb911c3d6368a95a7e8574341ea0a16eed43ffc2183845e0a665d45817 | - | ol8_x86_64_u9_baseos_patch | |
| kernel-modules-extra-4.18.0-513.18.1.el8_9.x86_64.rpm | 26db0aead44cf29e4a6a6ac65ae99115a86421c12cd31bd4ff6dd5e1eb4ba695 | - | ol8_x86_64_baseos_latest | |
| kernel-modules-extra-4.18.0-513.18.1.el8_9.x86_64.rpm | 26db0aead44cf29e4a6a6ac65ae99115a86421c12cd31bd4ff6dd5e1eb4ba695 | - | ol8_x86_64_u9_baseos_patch | |
| kernel-tools-4.18.0-513.18.1.el8_9.x86_64.rpm | 6c38816a0c205e0522b6bbebca2928b528cfb0f700adb8df8c32a2591f201893 | - | ol8_x86_64_baseos_latest | |
| kernel-tools-4.18.0-513.18.1.el8_9.x86_64.rpm | 6c38816a0c205e0522b6bbebca2928b528cfb0f700adb8df8c32a2591f201893 | - | ol8_x86_64_u9_baseos_patch | |
| kernel-tools-libs-4.18.0-513.18.1.el8_9.x86_64.rpm | c8d376e38a45bdfe6891b53253d17ddd9d362c82e0464edf8481d8e22aaef223 | - | ol8_x86_64_baseos_latest | |
| kernel-tools-libs-4.18.0-513.18.1.el8_9.x86_64.rpm | c8d376e38a45bdfe6891b53253d17ddd9d362c82e0464edf8481d8e22aaef223 | - | ol8_x86_64_u9_baseos_patch | |
| kernel-tools-libs-devel-4.18.0-513.18.1.el8_9.x86_64.rpm | 23019d32110f0f0e2ab925566c2618eac3ed41fb885b292894ddcef7f1f93f6a | - | ol8_x86_64_codeready_builder | |
| perf-4.18.0-513.18.1.el8_9.x86_64.rpm | 3f5e728dcd362f9570f1f9950c80d46a8fddf29a7fda01e95bc44b104a6abde3 | - | ol8_x86_64_baseos_latest | |
| perf-4.18.0-513.18.1.el8_9.x86_64.rpm | 3f5e728dcd362f9570f1f9950c80d46a8fddf29a7fda01e95bc44b104a6abde3 | - | ol8_x86_64_u9_baseos_patch | |
| python3-perf-4.18.0-513.18.1.el8_9.x86_64.rpm | 870813ff990d271bae4c52edd4c1df24ccc798106ae02527a7afa03506e2e32c | - | ol8_x86_64_baseos_latest | |
| python3-perf-4.18.0-513.18.1.el8_9.x86_64.rpm | 870813ff990d271bae4c52edd4c1df24ccc798106ae02527a7afa03506e2e32c | - | ol8_x86_64_u9_baseos_patch | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
