ELSA-2024-10281

ULN >
Oracle Linux Errata repository >
ELSA-2024-10281

ELSA-2024-10281 - kernel:4.18.0 security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2024-11-26

Description

- [4.18.0-553.30.1_10.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]

[4.18.0-553.30.1_10]
- media: edia: dvbdev: fix a use-after-free (Kate Hsuan) [RHEL-35763] {CVE-2024-27043}
- blk-mq: fix missing blk_account_io_done() in error path (Ming Lei) [RHEL-61200]
- rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov) [RHEL-52684]
- rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov) [RHEL-52684]
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov) [RHEL-52684]
- smb: client: use actual path when queryfs (Paulo Alcantara) [RHEL-60363]
- cifs: Fix uninitialized memory reads for oparms.mode (Paulo Alcantara) [RHEL-60363]
- cifs: Fix uninitialized memory read for smb311 posix symlink create (Paulo Alcantara) [RHEL-60363]
- cifs: convert the path to utf16 in smb2_query_info_compound (Paulo Alcantara) [RHEL-60363]
- autofs: fix thinko in validate_dev_ioctl() (Ian Kent) [RHEL-62168]
- autofs: add per dentry expire timeout (Ian Kent) [RHEL-62168]
- bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (Viktor Malik) [RHEL-44167] {CVE-2024-38564}

[4.18.0-553.29.1_10]
- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (cki-backport-bot) [RHEL-36372] {CVE-2024-27399}
- mptcp: pm: Fix uaf in __timer_delete_sync (Guillaume Nault) [RHEL-60614] {CVE-2024-46858}
- cifs: fix dfs link failover in cifs_tree_connect() (Paulo Alcantara) [RHEL-8002]

[4.18.0-553.28.1_10]
- s390/mm: Add cond_resched() to cmm_alloc/free_pages() (Mete Durlu) [RHEL-61702]
- smb: client: fix deadlock in smb2_find_smb_tcon() (Paulo Alcantara) [RHEL-61400]
- smb: client: fix potential deadlock when releasing mids (Paulo Alcantara) [RHEL-61400]
- cifs: remove useless DeleteMidQEntry() (Paulo Alcantara) [RHEL-61400]
- Bluetooth: af_bluetooth: Fix deadlock (CKI Backport Bot) [RHEL-58991]
- gitlab-ci: provide consistent kcidb_tree_name (Michael Hofmann)
- x86/mm/ident_map: Use gbpages only where full GB page should be mapped. (Nico Pache) [RHEL-26709]
- audit: Send netlink ACK before setting connection in auditd_set (Richard Guy Briggs) [RHEL-14004]
- KVM: selftests: x86: Fix test failure on arch lbr capable platforms (Maxim Levitsky) [RHEL-23999]
- raid1: fix use-after-free for original bio in raid1_write_request() (Nigel Croxon) [RHEL-55263]

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	kernel-4.18.0-553.30.1.el8_10.src.rpm	2b95e743c2ee46123608a6786c9c0d70	-	ol8_aarch64_baseos_latest
	kernel-4.18.0-553.30.1.el8_10.src.rpm	2b95e743c2ee46123608a6786c9c0d70	-	ol8_aarch64_codeready_builder
	kernel-4.18.0-553.30.1.el8_10.src.rpm	2b95e743c2ee46123608a6786c9c0d70	-	ol8_aarch64_u10_baseos_patch
	bpftool-4.18.0-553.30.1.el8_10.aarch64.rpm	f2b520a5c0a805b03242f7984b6a7de0	-	ol8_aarch64_baseos_latest
	bpftool-4.18.0-553.30.1.el8_10.aarch64.rpm	f2b520a5c0a805b03242f7984b6a7de0	-	ol8_aarch64_u10_baseos_patch
	kernel-cross-headers-4.18.0-553.30.1.el8_10.aarch64.rpm	afdd6defde0c8df19713875fca1879e7	-	ol8_aarch64_baseos_latest
	kernel-cross-headers-4.18.0-553.30.1.el8_10.aarch64.rpm	afdd6defde0c8df19713875fca1879e7	-	ol8_aarch64_u10_baseos_patch
	kernel-headers-4.18.0-553.30.1.el8_10.aarch64.rpm	35bec149e044f984c839f6fa36442ceb	-	ol8_aarch64_baseos_latest
	kernel-headers-4.18.0-553.30.1.el8_10.aarch64.rpm	35bec149e044f984c839f6fa36442ceb	-	ol8_aarch64_u10_baseos_patch
	kernel-tools-4.18.0-553.30.1.el8_10.aarch64.rpm	39d476306371e6fe298cd2bcc42c8309	-	ol8_aarch64_baseos_latest
	kernel-tools-4.18.0-553.30.1.el8_10.aarch64.rpm	39d476306371e6fe298cd2bcc42c8309	-	ol8_aarch64_u10_baseos_patch
	kernel-tools-libs-4.18.0-553.30.1.el8_10.aarch64.rpm	ac2d9ee71f2ae59099c97a8cb2e140d9	-	ol8_aarch64_baseos_latest
	kernel-tools-libs-4.18.0-553.30.1.el8_10.aarch64.rpm	ac2d9ee71f2ae59099c97a8cb2e140d9	-	ol8_aarch64_u10_baseos_patch
	kernel-tools-libs-devel-4.18.0-553.30.1.el8_10.aarch64.rpm	4c6fdfe98ba657620a0004f2ee878674	-	ol8_aarch64_codeready_builder
	perf-4.18.0-553.30.1.el8_10.aarch64.rpm	a1ef5576a22d1d15c61c2bd063ead4b8	-	ol8_aarch64_baseos_latest
	perf-4.18.0-553.30.1.el8_10.aarch64.rpm	a1ef5576a22d1d15c61c2bd063ead4b8	-	ol8_aarch64_u10_baseos_patch
	python3-perf-4.18.0-553.30.1.el8_10.aarch64.rpm	73551726e81b509facef8670f73c66a4	-	ol8_aarch64_baseos_latest
	python3-perf-4.18.0-553.30.1.el8_10.aarch64.rpm	73551726e81b509facef8670f73c66a4	-	ol8_aarch64_u10_baseos_patch

Oracle Linux 8 (x86_64)	kernel-4.18.0-553.30.1.el8_10.src.rpm	2b95e743c2ee46123608a6786c9c0d70	-	ol8_x86_64_baseos_latest
	kernel-4.18.0-553.30.1.el8_10.src.rpm	2b95e743c2ee46123608a6786c9c0d70	-	ol8_x86_64_codeready_builder
	kernel-4.18.0-553.30.1.el8_10.src.rpm	2b95e743c2ee46123608a6786c9c0d70	-	ol8_x86_64_u10_baseos_patch
	bpftool-4.18.0-553.30.1.el8_10.x86_64.rpm	3a1b77737b6c0dc0179c1d8b71048518	-	ol8_x86_64_baseos_latest
	bpftool-4.18.0-553.30.1.el8_10.x86_64.rpm	3a1b77737b6c0dc0179c1d8b71048518	-	ol8_x86_64_u10_baseos_patch
	kernel-4.18.0-553.30.1.el8_10.x86_64.rpm	1e79b523192295f52aafbfe186a4171b	-	ol8_x86_64_baseos_latest
	kernel-4.18.0-553.30.1.el8_10.x86_64.rpm	1e79b523192295f52aafbfe186a4171b	-	ol8_x86_64_u10_baseos_patch
	kernel-abi-stablelists-4.18.0-553.30.1.el8_10.noarch.rpm	a77b295eca15873edb62de9ea377265b	-	ol8_x86_64_baseos_latest
	kernel-abi-stablelists-4.18.0-553.30.1.el8_10.noarch.rpm	a77b295eca15873edb62de9ea377265b	-	ol8_x86_64_u10_baseos_patch
	kernel-core-4.18.0-553.30.1.el8_10.x86_64.rpm	1c67abd1edbeb4b4b17b9bb8f397a6e5	-	ol8_x86_64_baseos_latest
	kernel-core-4.18.0-553.30.1.el8_10.x86_64.rpm	1c67abd1edbeb4b4b17b9bb8f397a6e5	-	ol8_x86_64_u10_baseos_patch
	kernel-cross-headers-4.18.0-553.30.1.el8_10.x86_64.rpm	4bafd25ba3a2f7cb87c63fa12734a3b4	-	ol8_x86_64_baseos_latest
	kernel-cross-headers-4.18.0-553.30.1.el8_10.x86_64.rpm	4bafd25ba3a2f7cb87c63fa12734a3b4	-	ol8_x86_64_u10_baseos_patch
	kernel-debug-4.18.0-553.30.1.el8_10.x86_64.rpm	08891b97b04183641dbe9e8fda792fd3	-	ol8_x86_64_baseos_latest
	kernel-debug-4.18.0-553.30.1.el8_10.x86_64.rpm	08891b97b04183641dbe9e8fda792fd3	-	ol8_x86_64_u10_baseos_patch
	kernel-debug-core-4.18.0-553.30.1.el8_10.x86_64.rpm	fe04fa0f7e55c4e9b148b05eb6dcbcd1	-	ol8_x86_64_baseos_latest
	kernel-debug-core-4.18.0-553.30.1.el8_10.x86_64.rpm	fe04fa0f7e55c4e9b148b05eb6dcbcd1	-	ol8_x86_64_u10_baseos_patch
	kernel-debug-devel-4.18.0-553.30.1.el8_10.x86_64.rpm	5a568f13b6121b4826c85b13b177a3a9	-	ol8_x86_64_baseos_latest
	kernel-debug-devel-4.18.0-553.30.1.el8_10.x86_64.rpm	5a568f13b6121b4826c85b13b177a3a9	-	ol8_x86_64_u10_baseos_patch
	kernel-debug-modules-4.18.0-553.30.1.el8_10.x86_64.rpm	5ac418b1cfcd88aeff8be6aa5b252904	-	ol8_x86_64_baseos_latest
	kernel-debug-modules-4.18.0-553.30.1.el8_10.x86_64.rpm	5ac418b1cfcd88aeff8be6aa5b252904	-	ol8_x86_64_u10_baseos_patch
	kernel-debug-modules-extra-4.18.0-553.30.1.el8_10.x86_64.rpm	3b743adb45da8f9dffb239d6ac300543	-	ol8_x86_64_baseos_latest
	kernel-debug-modules-extra-4.18.0-553.30.1.el8_10.x86_64.rpm	3b743adb45da8f9dffb239d6ac300543	-	ol8_x86_64_u10_baseos_patch
	kernel-devel-4.18.0-553.30.1.el8_10.x86_64.rpm	bb5d4ac008e880d404836f48463edc8a	-	ol8_x86_64_baseos_latest
	kernel-devel-4.18.0-553.30.1.el8_10.x86_64.rpm	bb5d4ac008e880d404836f48463edc8a	-	ol8_x86_64_u10_baseos_patch
	kernel-doc-4.18.0-553.30.1.el8_10.noarch.rpm	bb13c7a6947a1eaccfebc63585bdf8ea	-	ol8_x86_64_baseos_latest
	kernel-doc-4.18.0-553.30.1.el8_10.noarch.rpm	bb13c7a6947a1eaccfebc63585bdf8ea	-	ol8_x86_64_u10_baseos_patch
	kernel-headers-4.18.0-553.30.1.el8_10.x86_64.rpm	4e8189bbba46f6a736eab0ee6736c48a	-	ol8_x86_64_baseos_latest
	kernel-headers-4.18.0-553.30.1.el8_10.x86_64.rpm	4e8189bbba46f6a736eab0ee6736c48a	-	ol8_x86_64_u10_baseos_patch
	kernel-modules-4.18.0-553.30.1.el8_10.x86_64.rpm	a0269c8fe5ca66020d55c9fe1148736e	-	ol8_x86_64_baseos_latest
	kernel-modules-4.18.0-553.30.1.el8_10.x86_64.rpm	a0269c8fe5ca66020d55c9fe1148736e	-	ol8_x86_64_u10_baseos_patch
	kernel-modules-extra-4.18.0-553.30.1.el8_10.x86_64.rpm	1eeaf8e6a86dc3c42ff1be3cf90cde83	-	ol8_x86_64_baseos_latest
	kernel-modules-extra-4.18.0-553.30.1.el8_10.x86_64.rpm	1eeaf8e6a86dc3c42ff1be3cf90cde83	-	ol8_x86_64_u10_baseos_patch
	kernel-tools-4.18.0-553.30.1.el8_10.x86_64.rpm	b11cd43aa9a525d6fc77fddd09906597	-	ol8_x86_64_baseos_latest
	kernel-tools-4.18.0-553.30.1.el8_10.x86_64.rpm	b11cd43aa9a525d6fc77fddd09906597	-	ol8_x86_64_u10_baseos_patch
	kernel-tools-libs-4.18.0-553.30.1.el8_10.x86_64.rpm	54fabbca907679b39debccf9a7f9c250	-	ol8_x86_64_baseos_latest
	kernel-tools-libs-4.18.0-553.30.1.el8_10.x86_64.rpm	54fabbca907679b39debccf9a7f9c250	-	ol8_x86_64_u10_baseos_patch
	kernel-tools-libs-devel-4.18.0-553.30.1.el8_10.x86_64.rpm	15ae58be15edb02bdfb0c2aa5e1955fa	-	ol8_x86_64_codeready_builder
	perf-4.18.0-553.30.1.el8_10.x86_64.rpm	a1558afb264c7dd925e61fd13da65bbb	-	ol8_x86_64_baseos_latest
	perf-4.18.0-553.30.1.el8_10.x86_64.rpm	a1558afb264c7dd925e61fd13da65bbb	-	ol8_x86_64_u10_baseos_patch
	python3-perf-4.18.0-553.30.1.el8_10.x86_64.rpm	ca0ff82e938e051401f255630eace905	-	ol8_x86_64_baseos_latest
	python3-perf-4.18.0-553.30.1.el8_10.x86_64.rpm	ca0ff82e938e051401f255630eace905	-	ol8_x86_64_u10_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

Oracle customers - enter a support request
Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691