ELSA-2024-1249

ULN >
Oracle Linux Errata repository >
ELSA-2024-1249

ELSA-2024-1249 - kernel security and bug fix update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2024-03-20

Description

[3.10.0-1160.114.2.0.1.OL7]
- debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499}

[3.10.0-1160.114.2.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)

[3.10.0-1160.114.2]
- sched/membarrier: reduce the ability to hammer on sys_membarrier (Wander Lairson Costa) [RHEL-26402] {CVE-2024-26602}

[3.10.0-1160.114.1]
- netfilter: nf_tables: reject QUEUE/DROP verdict parameters (Florian Westphal) [RHEL-23500] {CVE-2024-1086}

[3.10.0-1160.113.1]
- igb: set max size RX buffer when store bad packet is enabled (Wander Lairson Costa) [RHEL-15181] {CVE-2023-45871}
- Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm (David Marlin) [RHEL-2742] {CVE-2022-42896}
- Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM (David Marlin) [RHEL-2742] {CVE-2022-42896}
- Bluetooth: Use separate L2CAP LE credit based connection result values (David Marlin) [RHEL-2742] {CVE-2022-42896}
- Bluetooth: L2CAP: Fix L2CAP_CR_SCID_IN_USE value (David Marlin) [RHEL-2742] {CVE-2022-42896}

[3.10.0-1160.112.1]
- net: sched: sch_qfq: Use non-work-conserving warning handler (Davide Caratti) [RHEL-14397]
- net: sched: sch_qfq: Fix UAF in qfq_dequeue() (Davide Caratti) [RHEL-14397] {CVE-2023-4921}
- cpufreq: Initialize policy->kobj while allocating policy (Waiman Long) [2161654]
- net: bonding: fix possible NULL deref in rlb code (Hangbin Liu) [RHEL-17227]
- net: bonding: fix use-after-free after 802.3ad slave unbind (Hangbin Liu) [RHEL-17227]

[3.10.0-1160.111.1]
- redhat: rewrite genlog and support Y- tags (Jan Stancek)
- scsi: zfcp: Fix double free of FSF request when qdio send fails (Tobias Huschle) [RHEL-16335]
- fbcon: set_con2fb_map needs to set con2fb_map! (Jocelyn Falempe) [RHEL-1204] {CVE-2023-38409}

[3.10.0-1160.110.1]
- gfs2: Fix glock recursion on withdraw during recovery (Andreas Gruenbacher) [RHEL-17223]

[3.10.0-1160.109.1]
- x86/speculation: Mark all Skylake CPUs as vulnerable to GDS (Waiman Long) [RHEL-17703]
- scsi: qedf: Do not touch __user pointer in qedf_dbg_fp_int_cmd_read() directly (Oleksandr Natalenko) [2224973]
- scsi: qedf: Do not touch __user pointer in qedf_dbg_debug_cmd_read() directly (Oleksandr Natalenko) [2224973]
- scsi: qedf: Do not touch __user pointer in qedf_dbg_stop_io_on_error_cmd_read() directly (Oleksandr Natalenko) [2224973]

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 7 (x86_64)	kernel-3.10.0-1160.114.2.0.1.el7.src.rpm	525ffac10b31d28778eb6b7713c3b52e7b1ca2089346b87ad38e2877111eef84	ELSA-2025-1281	ol7_x86_64_latest
	kernel-3.10.0-1160.114.2.0.1.el7.src.rpm	525ffac10b31d28778eb6b7713c3b52e7b1ca2089346b87ad38e2877111eef84	ELSA-2025-1281	ol7_x86_64_optional_latest
	kernel-3.10.0-1160.114.2.0.1.el7.src.rpm	525ffac10b31d28778eb6b7713c3b52e7b1ca2089346b87ad38e2877111eef84	ELSA-2025-1281	ol7_x86_64_u9_patch
	bpftool-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	826771c86edf02e19e4fc1821d14b8068892bb1df1b4f07eaef0e9e1a3b19042	ELSA-2025-1281	ol7_x86_64_latest
	bpftool-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	826771c86edf02e19e4fc1821d14b8068892bb1df1b4f07eaef0e9e1a3b19042	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	6123c8bba5405bcdc7de4190821c0d624a3cab7071593b7c0a7898e2c7627e82	ELSA-2025-1281	ol7_x86_64_latest
	kernel-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	6123c8bba5405bcdc7de4190821c0d624a3cab7071593b7c0a7898e2c7627e82	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-abi-whitelists-3.10.0-1160.114.2.0.1.el7.noarch.rpm	d03a5dab0f9f575a8a33ea211aac6eaf00ff03590d6c127338e864e11d398648	ELSA-2025-1281	ol7_x86_64_latest
	kernel-abi-whitelists-3.10.0-1160.114.2.0.1.el7.noarch.rpm	d03a5dab0f9f575a8a33ea211aac6eaf00ff03590d6c127338e864e11d398648	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-debug-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	e5181c575e3e36afc0aa73e712c968799eb8d1c29a2666f933536c96752c6aca	ELSA-2025-1281	ol7_x86_64_latest
	kernel-debug-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	e5181c575e3e36afc0aa73e712c968799eb8d1c29a2666f933536c96752c6aca	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-debug-devel-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	cbec768e11e72f0880132b1c18fea58b622f000fb8d7e250ffd5382dc89d7b23	ELSA-2025-1281	ol7_x86_64_latest
	kernel-debug-devel-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	cbec768e11e72f0880132b1c18fea58b622f000fb8d7e250ffd5382dc89d7b23	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-devel-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	3fe7796815f54a76aea2c565e98c55da174122169e67b2456a56a02b894c06dd	ELSA-2025-1281	ol7_x86_64_latest
	kernel-devel-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	3fe7796815f54a76aea2c565e98c55da174122169e67b2456a56a02b894c06dd	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-doc-3.10.0-1160.114.2.0.1.el7.noarch.rpm	6bcfec64a0a1d832f3a2e3042e2c464f48da0e173fc7ea83d3b0be8bd25c5839	ELSA-2025-1281	ol7_x86_64_latest
	kernel-doc-3.10.0-1160.114.2.0.1.el7.noarch.rpm	6bcfec64a0a1d832f3a2e3042e2c464f48da0e173fc7ea83d3b0be8bd25c5839	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-headers-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	5d471050e39600fb999fe4b0f0b270cd50cfe2c47ab994e77cfc9beedcaaab03	ELSA-2025-1281	exadata_dbserver_22.1.22.0.0_x86_64_base
	kernel-headers-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	5d471050e39600fb999fe4b0f0b270cd50cfe2c47ab994e77cfc9beedcaaab03	ELSA-2025-1281	ol7_x86_64_latest
	kernel-headers-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	5d471050e39600fb999fe4b0f0b270cd50cfe2c47ab994e77cfc9beedcaaab03	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-tools-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	c6dfe94a33163c2e92432cb5bb2e28e4c9656c2bc7ace280778dcb3f2a275aa6	ELSA-2025-1281	exadata_dbserver_22.1.22.0.0_x86_64_base
	kernel-tools-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	c6dfe94a33163c2e92432cb5bb2e28e4c9656c2bc7ace280778dcb3f2a275aa6	ELSA-2025-1281	ol7_x86_64_latest
	kernel-tools-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	c6dfe94a33163c2e92432cb5bb2e28e4c9656c2bc7ace280778dcb3f2a275aa6	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-tools-libs-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	0e0bb629a7b1c4c4ea8d75603d819c6b55d83480f9288238d671215cd389c245	ELSA-2025-1281	exadata_dbserver_22.1.22.0.0_x86_64_base
	kernel-tools-libs-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	0e0bb629a7b1c4c4ea8d75603d819c6b55d83480f9288238d671215cd389c245	ELSA-2025-1281	ol7_x86_64_latest
	kernel-tools-libs-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	0e0bb629a7b1c4c4ea8d75603d819c6b55d83480f9288238d671215cd389c245	ELSA-2025-1281	ol7_x86_64_u9_patch
	kernel-tools-libs-devel-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	4972fa85776c160e3dd32f59edf5cbd900f2dd16b38344a842f98ecaf98bb230	ELSA-2025-1281	ol7_x86_64_optional_latest
	perf-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	1ffe3ecbfb2640e46a7f9a7778685e904e1f7e2bd2c4387ab1566daeca79a260	ELSA-2025-20019	ol7_x86_64_latest
	perf-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	1ffe3ecbfb2640e46a7f9a7778685e904e1f7e2bd2c4387ab1566daeca79a260	ELSA-2025-20019	ol7_x86_64_u9_patch
	python-perf-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	cf1cd9cef775422442df71f88ecc479b6d721e939a8488c5efa1d3a6ce0cb019	ELSA-2025-20019	ol7_x86_64_latest
	python-perf-3.10.0-1160.114.2.0.1.el7.x86_64.rpm	cf1cd9cef775422442df71f88ecc479b6d721e939a8488c5efa1d3a6ce0cb019	ELSA-2025-20019	ol7_x86_64_u9_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691