ELSA-2024-6997

ELSA-2024-6997 - kernel security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2024-09-24

Description

[5.14.0-427.37.1_4.OL9]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates

[5.14.0-427.37.1_4]
- ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses (CKI Backport Bot) [RHEL-42783] {CVE-2024-26947}
- powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (Mamatha Inamdar) [RHEL-45537 RHEL-25055]
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Steve Best) [RHEL-40517 RHEL-39354] {CVE-2024-36016}
- smb: client: set correct id, uid and cruid for multiuser automounts (Jay Shin) [RHEL-47260 RHEL-31245]
- printk: printk.c: Disable per_console_kthreads on !CONFIG_PREEMPT_RT (Derek Barbosa) [RHEL-39064]
- uio: Fix use-after-free in uio_open (Ricardo Robaina) [RHEL-41275 RHEL-26233] {CVE-2023-52439}
- gpiolib: cdev: Fix use after free in lineinfo_changed_notify (Steve Best) [RHEL-43192 RHEL-39849] {CVE-2024-36899}
- wifi: mac80211: Avoid address calculations via out of bounds array indexing (CKI Backport Bot) [RHEL-51287 RHEL-51285] {CVE-2024-41071}
- Input: cyapa - add missing input core locking to suspend/resume functions (cki-backport-bot) [RHEL-44455] {CVE-2023-52884}
- net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
- lan78xx: Limit number of driver warning messages (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
- lan78xx: Fix race condition in disconnect handling (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
- lan78xx: Fix race conditions in suspend/resume handling (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
- lan78xx: Fix partial packet errors on suspend/resume (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
- lan78xx: Fix exception on link speed change (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
- lan78xx: Add missing return code checks (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
- lan78xx: Remove unused pause frame queue (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
- lan78xx: Set flow control threshold to prevent packet loss (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
- lan78xx: Remove unused timer (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
- lan78xx: Fix white space and style issues (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
- sctp: fix association labeling in the duplicate COOKIE-ECHO case (CKI Backport Bot) [RHEL-56745 RHEL-48647]
- ice: xsk: fix txq interrupt mapping (Petr Oros) [RHEL-52771 RHEL-15670]
- ice: add missing WRITE_ONCE when clearing ice_rx_ring::xdp_prog (Petr Oros) [RHEL-52771 RHEL-15670]
- ice: improve updating ice_{t,r}x_ring::xsk_pool (Petr Oros) [RHEL-52771 RHEL-15670]
- ice: toggle netif_carrier when setting up XSK pool (Petr Oros) [RHEL-52771 RHEL-15670]
- ice: modify error handling when setting XSK pool in ndo_bpf (Petr Oros) [RHEL-52771 RHEL-15670]
- ice: replace synchronize_rcu with synchronize_net (Petr Oros) [RHEL-52771 RHEL-15670]
- ice: don't busy wait for Rx queue disable in ice_qp_dis() (Petr Oros) [RHEL-52771 RHEL-15670]
- ice: respect netif readiness in AF_XDP ZC related ndo's (Petr Oros) [RHEL-52771 RHEL-15670]
- ice: remove af_xdp_zc_qps bitmap (Petr Oros) [RHEL-52771 RHEL-17486]
- ice: reorder disabling IRQ and NAPI in ice_qp_dis (Petr Oros) [RHEL-52771 RHEL-17486]
- ice: make ice_vsi_cfg_txq() static (Petr Oros) [RHEL-52771 RHEL-17486]
- ice: make ice_vsi_cfg_rxq() static (Petr Oros) [RHEL-52771 RHEL-17486]
- ice: make use of DEFINE_FLEX() for struct ice_aqc_add_tx_qgrp (Petr Oros) [RHEL-52771 RHEL-17486]
- xdp: reflect tail increase for MEM_TYPE_XSK_BUFF_POOL (Petr Oros) [RHEL-52771 RHEL-38863]
- ice: update xdp_rxq_info::frag_size for ZC enabled Rx queue (Petr Oros) [RHEL-52771 RHEL-38863]
- intel: xsk: initialize skb_frag_t::bv_offset in ZC drivers (Petr Oros) [RHEL-52771 RHEL-38863]
- ice: remove redundant xdp_rxq_info registration (Petr Oros) [RHEL-52771 RHEL-38863]
- ice: work on pre-XDP prog frag count (Petr Oros) [RHEL-52771 RHEL-38863]
- xsk: fix usage of multi-buffer BPF helpers for ZC XDP (Petr Oros) [RHEL-52771 RHEL-38863]
- xsk: make xsk_buff_pool responsible for clearing xdp_buff::flags (Petr Oros) [RHEL-52771 RHEL-38863]
- xsk: recycle buffer in case Rx queue was full (Petr Oros) [RHEL-52771 RHEL-38863]
- overflow: add DEFINE_FLEX() for on-stack allocs (Petr Oros) [RHEL-52771 RHEL-30138]
- overflow: Add struct_size_t() helper (Petr Oros) [RHEL-52771 RHEL-30138]
- bpf, sockmap: Prevent lock inversion deadlock in map delete elem (Felix Maurer) [RHEL-41479 RHEL-30107] {CVE-2024-35895}
- xfs: allow SECURE namespace xattrs to use reserved block pool (CKI Backport Bot) [RHEL-54443 RHEL-49806]
- platform/x86/intel-uncore-freq: Don't present root domain on error (David Arcari) [RHEL-43291 RHEL-38558]
- platform/x86/intel-uncore-freq: Increase minor number support (David Arcari) [RHEL-43291 RHEL-38558]
- platform/x86/intel-uncore-freq: Process read/write blocked feature status (David Arcari) [RHEL-43291 RHEL-38558]
- platform/x86/intel/tpmi: Move TPMI ID definition (Steve Best) [RHEL-43291 RHEL-35956]
- ice: fix VSI lists confusion when adding VLANs (CKI Backport Bot) [RHEL-57778 RHEL-20571]
- ice: fix accounting for filters shared by multiple VSIs (CKI Backport Bot) [RHEL-57778 RHEL-20571]
- ice: fix accounting if a VLAN already exists (CKI Backport Bot) [RHEL-57778 RHEL-17486]

[5.14.0-427.36.1_4]
- scsi: qla2xxx: Fix double free of fcport (Nilesh Javali) [RHEL-39547 RHEL-40034 RHEL-25184 RHEL-35020] {CVE-2024-26929}
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer (Nilesh Javali) [RHEL-39547 RHEL-41325 RHEL-25184 RHEL-35016] {CVE-2024-26930}
- scsi: qla2xxx: Fix command flush on cable pull (Nilesh Javali) [RHEL-39547 RHEL-40029 RHEL-25184 RHEL-35012] {CVE-2024-26931}
- net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (Benjamin Coddington) [RHEL-53708 RHEL-53004] {CVE-2024-42246}
- ice: Add netif_device_attach/detach into PF reset flow (CKI Backport Bot) [RHEL-56275 RHEL-56084]
- wifi: mt76: replace skb_put with skb_put_zero (CKI Backport Bot) [RHEL-52368] {CVE-2024-42225}
- cppc_cpufreq: Fix possible null pointer dereference (cki-backport-bot) [RHEL-44145] {CVE-2024-38573}
- ring-buffer: Fix a race between readers and resize checks (cki-backport-bot) [RHEL-43920] {CVE-2024-38601}
- fork: defer linking file vma until vma is fully initialized (Rafael Aquini) [RHEL-35617 RHEL-35022] {CVE-2024-27022}
- ACPICA: Revert 'ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.' (CKI Backport Bot) [RHEL-48393 RHEL-48391] {CVE-2024-40984}
- KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes (Maxim Levitsky) [RHEL-41345 RHEL-32430] {CVE-2024-26991}
- net/sched: act_mirred: don't override retval if we already lost the skb (Davide Caratti) [RHEL-42644 RHEL-31724] {CVE-2024-26739}
- net/sched: act_mirred: Create function tcf_mirred_to_dev and improve readability (Davide Caratti) [RHEL-42644 RHEL-32137]
- cpufreq: exit() callback is optional (cki-backport-bot) [RHEL-43848] {CVE-2024-38615}
- gfs2: Fix potential glock use-after-free on unmount (Andreas Gruenbacher) [RHEL-44157 RHEL-44155] {CVE-2024-38570}
- gfs2: simplify gdlm_put_lock with out_free label (Andreas Gruenbacher) [RHEL-44157 RHEL-44155] {CVE-2024-38570}
- gfs2: Remove ill-placed consistency check (Andreas Gruenbacher) [RHEL-44157 RHEL-44155] {CVE-2024-38570}
- wifi: nl80211: Avoid address calculations via out of bounds array indexing (Jose Ignacio Tornos Martinez) [RHEL-46505 RHEL-34696] {CVE-2024-38562}

Related CVEs

CVE-2024-38573

CVE-2024-26931

CVE-2024-40984

CVE-2024-26991

CVE-2024-26929

CVE-2024-26930

CVE-2024-38615

CVE-2024-26739

CVE-2024-26947

CVE-2024-36899

CVE-2024-38601

CVE-2024-42246

CVE-2024-27022

CVE-2024-36016

CVE-2024-38562

CVE-2024-38570

CVE-2024-42225

CVE-2023-52884

CVE-2023-52439

CVE-2024-35895

CVE-2024-41071

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label
Oracle Linux 9 (aarch64)	kernel-5.14.0-427.37.1.el9_4.src.rpm	e7fb669ace8eaaf0dbb74200b7f85448	-	ol9_aarch64_appstream
	kernel-5.14.0-427.37.1.el9_4.src.rpm	e7fb669ace8eaaf0dbb74200b7f85448	-	ol9_aarch64_baseos_latest
	kernel-5.14.0-427.37.1.el9_4.src.rpm	e7fb669ace8eaaf0dbb74200b7f85448	-	ol9_aarch64_codeready_builder
	kernel-5.14.0-427.37.1.el9_4.src.rpm	e7fb669ace8eaaf0dbb74200b7f85448	-	ol9_aarch64_u4_baseos_patch
	bpftool-7.3.0-427.37.1.el9_4.aarch64.rpm	89160fc62ff10359a5facf6ece120583	-	ol9_aarch64_baseos_latest
	bpftool-7.3.0-427.37.1.el9_4.aarch64.rpm	89160fc62ff10359a5facf6ece120583	-	ol9_aarch64_u4_baseos_patch
	kernel-cross-headers-5.14.0-427.37.1.el9_4.aarch64.rpm	a994909a6af0378e8027ff92b2baf93b	-	ol9_aarch64_codeready_builder
	kernel-headers-5.14.0-427.37.1.el9_4.aarch64.rpm	cbde88e6cd44179f69b5afe3c5cec091	-	ol9_aarch64_appstream
	kernel-tools-5.14.0-427.37.1.el9_4.aarch64.rpm	cef188701d647814d67afb6d39709756	-	ol9_aarch64_baseos_latest
	kernel-tools-5.14.0-427.37.1.el9_4.aarch64.rpm	cef188701d647814d67afb6d39709756	-	ol9_aarch64_u4_baseos_patch
	kernel-tools-libs-5.14.0-427.37.1.el9_4.aarch64.rpm	c00a688b3ad55b52011a244a3cb80186	-	ol9_aarch64_baseos_latest
	kernel-tools-libs-5.14.0-427.37.1.el9_4.aarch64.rpm	c00a688b3ad55b52011a244a3cb80186	-	ol9_aarch64_u4_baseos_patch
	kernel-tools-libs-devel-5.14.0-427.37.1.el9_4.aarch64.rpm	f4418d429f60704c18828636291a4e15	-	ol9_aarch64_codeready_builder
	perf-5.14.0-427.37.1.el9_4.aarch64.rpm	81d1796682ac630fb8ecad33eb22ec13	-	ol9_aarch64_appstream
	python3-perf-5.14.0-427.37.1.el9_4.aarch64.rpm	30e03513277dfb10c8314583e2e1a938	-	ol9_aarch64_baseos_latest
	python3-perf-5.14.0-427.37.1.el9_4.aarch64.rpm	30e03513277dfb10c8314583e2e1a938	-	ol9_aarch64_u4_baseos_patch
Oracle Linux 9 (x86_64)	kernel-5.14.0-427.37.1.el9_4.src.rpm	e7fb669ace8eaaf0dbb74200b7f85448	-	ol9_x86_64_appstream
	kernel-5.14.0-427.37.1.el9_4.src.rpm	e7fb669ace8eaaf0dbb74200b7f85448	-	ol9_x86_64_baseos_latest
	kernel-5.14.0-427.37.1.el9_4.src.rpm	e7fb669ace8eaaf0dbb74200b7f85448	-	ol9_x86_64_codeready_builder
	kernel-5.14.0-427.37.1.el9_4.src.rpm	e7fb669ace8eaaf0dbb74200b7f85448	-	ol9_x86_64_u4_baseos_patch
	bpftool-7.3.0-427.37.1.el9_4.x86_64.rpm	5847981b0abf054cc036684af1a0982a	-	ol9_x86_64_baseos_latest
	bpftool-7.3.0-427.37.1.el9_4.x86_64.rpm	5847981b0abf054cc036684af1a0982a	-	ol9_x86_64_u4_baseos_patch
	kernel-5.14.0-427.37.1.el9_4.x86_64.rpm	0567d6b4d0507c1643899d0cbadcb114	-	ol9_x86_64_baseos_latest
	kernel-5.14.0-427.37.1.el9_4.x86_64.rpm	0567d6b4d0507c1643899d0cbadcb114	-	ol9_x86_64_u4_baseos_patch
	kernel-abi-stablelists-5.14.0-427.37.1.el9_4.noarch.rpm	ad0bea122ad87852778b89d1b51b0761	-	ol9_x86_64_baseos_latest
	kernel-abi-stablelists-5.14.0-427.37.1.el9_4.noarch.rpm	ad0bea122ad87852778b89d1b51b0761	-	ol9_x86_64_u4_baseos_patch
	kernel-core-5.14.0-427.37.1.el9_4.x86_64.rpm	5f890e31b9d590dde97439b935f423ef	-	ol9_x86_64_baseos_latest
	kernel-core-5.14.0-427.37.1.el9_4.x86_64.rpm	5f890e31b9d590dde97439b935f423ef	-	ol9_x86_64_u4_baseos_patch
	kernel-cross-headers-5.14.0-427.37.1.el9_4.x86_64.rpm	5cfb0bd891a278b8e85efac6a98c985c	-	ol9_x86_64_codeready_builder
	kernel-debug-5.14.0-427.37.1.el9_4.x86_64.rpm	2b2e9f9502fcd68db27d118d5641571a	-	ol9_x86_64_baseos_latest
	kernel-debug-5.14.0-427.37.1.el9_4.x86_64.rpm	2b2e9f9502fcd68db27d118d5641571a	-	ol9_x86_64_u4_baseos_patch
	kernel-debug-core-5.14.0-427.37.1.el9_4.x86_64.rpm	6e42803c827716ca68b2ce64978944da	-	ol9_x86_64_baseos_latest
	kernel-debug-core-5.14.0-427.37.1.el9_4.x86_64.rpm	6e42803c827716ca68b2ce64978944da	-	ol9_x86_64_u4_baseos_patch
	kernel-debug-devel-5.14.0-427.37.1.el9_4.x86_64.rpm	f2ce5293bda74c1d3caa9dfe5f9a1be3	-	ol9_x86_64_appstream
	kernel-debug-devel-matched-5.14.0-427.37.1.el9_4.x86_64.rpm	91eac78ad602c1306680bef83bc799e2	-	ol9_x86_64_appstream
	kernel-debug-modules-5.14.0-427.37.1.el9_4.x86_64.rpm	5a5c5d9570983eadd5c6b7a1c64f6c86	-	ol9_x86_64_baseos_latest
	kernel-debug-modules-5.14.0-427.37.1.el9_4.x86_64.rpm	5a5c5d9570983eadd5c6b7a1c64f6c86	-	ol9_x86_64_u4_baseos_patch
	kernel-debug-modules-core-5.14.0-427.37.1.el9_4.x86_64.rpm	c69ba60e225277be3db5ff319452a0d4	-	ol9_x86_64_baseos_latest
	kernel-debug-modules-core-5.14.0-427.37.1.el9_4.x86_64.rpm	c69ba60e225277be3db5ff319452a0d4	-	ol9_x86_64_u4_baseos_patch
	kernel-debug-modules-extra-5.14.0-427.37.1.el9_4.x86_64.rpm	d6cd9029ec0a7e2d84de87dbb7804590	-	ol9_x86_64_baseos_latest
	kernel-debug-modules-extra-5.14.0-427.37.1.el9_4.x86_64.rpm	d6cd9029ec0a7e2d84de87dbb7804590	-	ol9_x86_64_u4_baseos_patch
	kernel-debug-uki-virt-5.14.0-427.37.1.el9_4.x86_64.rpm	fb82165cdfd58731a53b5337f897a993	-	ol9_x86_64_baseos_latest
	kernel-debug-uki-virt-5.14.0-427.37.1.el9_4.x86_64.rpm	fb82165cdfd58731a53b5337f897a993	-	ol9_x86_64_u4_baseos_patch
	kernel-devel-5.14.0-427.37.1.el9_4.x86_64.rpm	bb759cdfd70feb4687d3c77602aa0b27	-	ol9_x86_64_appstream
	kernel-devel-matched-5.14.0-427.37.1.el9_4.x86_64.rpm	bb671fe87049237ffa904bde89591d20	-	ol9_x86_64_appstream
	kernel-doc-5.14.0-427.37.1.el9_4.noarch.rpm	0439984260d0a7f3b361130ea1c4888f	-	ol9_x86_64_appstream
	kernel-headers-5.14.0-427.37.1.el9_4.x86_64.rpm	afc06fb38d7b0ad6cfe19dd760195695	-	ol9_x86_64_appstream
	kernel-modules-5.14.0-427.37.1.el9_4.x86_64.rpm	940f270971dcfc0a211a25f45b8f1850	-	ol9_x86_64_baseos_latest
	kernel-modules-5.14.0-427.37.1.el9_4.x86_64.rpm	940f270971dcfc0a211a25f45b8f1850	-	ol9_x86_64_u4_baseos_patch
	kernel-modules-core-5.14.0-427.37.1.el9_4.x86_64.rpm	ddfe6e2e0c915c59f3089c7401bc0ab7	-	ol9_x86_64_baseos_latest
	kernel-modules-core-5.14.0-427.37.1.el9_4.x86_64.rpm	ddfe6e2e0c915c59f3089c7401bc0ab7	-	ol9_x86_64_u4_baseos_patch
	kernel-modules-extra-5.14.0-427.37.1.el9_4.x86_64.rpm	8544e557e45329d3c4838b3d50005c98	-	ol9_x86_64_baseos_latest
	kernel-modules-extra-5.14.0-427.37.1.el9_4.x86_64.rpm	8544e557e45329d3c4838b3d50005c98	-	ol9_x86_64_u4_baseos_patch
	kernel-tools-5.14.0-427.37.1.el9_4.x86_64.rpm	c69c6c2a189e3a65fdb9c021cb1d453f	-	ol9_x86_64_baseos_latest
	kernel-tools-5.14.0-427.37.1.el9_4.x86_64.rpm	c69c6c2a189e3a65fdb9c021cb1d453f	-	ol9_x86_64_u4_baseos_patch
	kernel-tools-libs-5.14.0-427.37.1.el9_4.x86_64.rpm	60dafa0370eb2c86de6db7365963087a	-	ol9_x86_64_baseos_latest
	kernel-tools-libs-5.14.0-427.37.1.el9_4.x86_64.rpm	60dafa0370eb2c86de6db7365963087a	-	ol9_x86_64_u4_baseos_patch
	kernel-tools-libs-devel-5.14.0-427.37.1.el9_4.x86_64.rpm	d3a5ce3f44e0a4f2b42f7f48d1f70147	-	ol9_x86_64_codeready_builder
	kernel-uki-virt-5.14.0-427.37.1.el9_4.x86_64.rpm	9531eca716f8a61c55e0240fd46300b0	-	ol9_x86_64_baseos_latest
	kernel-uki-virt-5.14.0-427.37.1.el9_4.x86_64.rpm	9531eca716f8a61c55e0240fd46300b0	-	ol9_x86_64_u4_baseos_patch
	libperf-5.14.0-427.37.1.el9_4.x86_64.rpm	f84d81c7bf52ea6a64c005d4e4b0d065	-	ol9_x86_64_codeready_builder
	perf-5.14.0-427.37.1.el9_4.x86_64.rpm	c5754019a062465c86fb3583adbe3452	-	ol9_x86_64_appstream
	python3-perf-5.14.0-427.37.1.el9_4.x86_64.rpm	c6ef309f03d45132e17947ae1a0bb497	-	ol9_x86_64_baseos_latest
	python3-perf-5.14.0-427.37.1.el9_4.x86_64.rpm	c6ef309f03d45132e17947ae1a0bb497	-	ol9_x86_64_u4_baseos_patch
	rtla-5.14.0-427.37.1.el9_4.x86_64.rpm	fda74cff62d5d312b9a9631eb9fcd0fa	-	ol9_x86_64_appstream
	rv-5.14.0-427.37.1.el9_4.x86_64.rpm	19fac4cdb94553596140ccb961e73287	-	ol9_x86_64_appstream