Oracle Linux Security Advisory ELSA-2022-9010

https://linux.oracle.com/errata/ELSA-2022-9010.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-4.14.35-2047.510.5.2.el7uek.aarch64.rpm
kernel-uek-debug-4.14.35-2047.510.5.2.el7uek.aarch64.rpm
kernel-uek-debug-devel-4.14.35-2047.510.5.2.el7uek.aarch64.rpm
kernel-uek-devel-4.14.35-2047.510.5.2.el7uek.aarch64.rpm
kernel-uek-tools-4.14.35-2047.510.5.2.el7uek.aarch64.rpm
kernel-uek-tools-libs-4.14.35-2047.510.5.2.el7uek.aarch64.rpm
kernel-uek-tools-libs-devel-4.14.35-2047.510.5.2.el7uek.aarch64.rpm
perf-4.14.35-2047.510.5.2.el7uek.aarch64.rpm
python-perf-4.14.35-2047.510.5.2.el7uek.aarch64.rpm
kernel-uek-headers-4.14.35-2047.510.5.2.el7uek.aarch64.rpm


SRPMS:
https://oss.oracle.com:443/ol7/SRPMS-updates/kernel-uek-4.14.35-2047.510.5.2.el7uek.src.rpm

Related CVEs:

CVE-2021-0920
CVE-2021-4155




Description of changes:

[4.14.35-2047.510.5.2.el7uek]
- xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate (Darrick J. Wong)  [Orabug: 33722441]  {CVE-2021-4155}

[4.14.35-2047.510.5.1.el7uek]
- fget: check that the fd still exists after getting a ref to it (Linus Torvalds)  [Orabug: 33679805]  {CVE-2021-0920}
- fs: add fget_many() and fput_many() (Jens Axboe)  [Orabug: 33679805]

[4.14.35-2047.510.5.el7uek]
- net/rds: RDS connection shutdown stuck after CQ access violation error (aru kolappan)  [Orabug: 33585476]
- ocfs2: fix race between searching chunks and release journal_head from buffer_head (Gautham Ananthakrishna)  [Orabug: 33501677]
- rds: ib: Ack seq not always received in monotonic increasing order (H=E5kon Bugge)  [Orabug: 33620419] 
- net/rds: Refactor rds_ib_recv_refill_one (Freddy Carrillo)  [Orabug: 33265955]
- arm64: pcie: Intercept Pensando specific SError (Henry Willard)  [Orabug: 33590080]  
- arm64: pcie: Change bad_mode hook to cap_pciep_access_in_progress() (Henry Willard)  [Orabug: 33590080] 
- arm64: pcie: Remove Pensando SError trapping patch (Henry Willard)  [Orabug: 33590080]
- take care multiple extents in CoW extent converting (Wengang Wang)  [Orabug: 33473949]  
- net/mlx5e: ethtool, Add support for EEPROM high pages query (Erez Alfasi)  [Orabug: 33525560]
- ethtool: Add SFF-8436 and SFF-8636 max EEPROM length definitions (Erez Alfasi)  [Orabug: 33525560] 
- net/mlx5: Remove unnecessary prints from mlx5_enter_error_state. (Anand Khoje)  [Orabug: 33651549] 
- uek-rpm: Add _raw_spin_trylock to KABI (John Donnelly)  [Orabug: 33651431]
- x86/clear_page: add alternative for clear_page_clzero() (Ankur Arora)  [Orabug: 33651433] 
- x86/asm: add clzero based page clearing (Ankur Arora)  [Orabug: 33580825]
- x86/cpu/amd: enable X86_FEATURE_NT_GOOD on all AMD Zen models (Ankur Arora)  [Orabug: 33580825]
- x86/cpu/amd: Call init_amd_zn() om Family 19h processors too (Kim Phillips)  [Orabug: 33580825] 
- cpufreq: intel_pstate: Add Icelake servers support in no-HWP mode (Giovanni Gherdovich)  [Orabug: 33651434]


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle7: ELSA-2022-9010: kernel Important Security Update

The following updated rpms for Oracle Linux 7 have been uploaded to the Unb= reakable Linux Network:

Summary

[4.14.35-2047.510.5.2.el7uek] - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate (Darrick J. Wong) [Orabug: 33722441] {CVE-2021-4155} [4.14.35-2047.510.5.1.el7uek] - fget: check that the fd still exists after getting a ref to it (Linus Torvalds) [Orabug: 33679805] {CVE-2021-0920} - fs: add fget_many() and fput_many() (Jens Axboe) [Orabug: 33679805] [4.14.35-2047.510.5.el7uek] - net/rds: RDS connection shutdown stuck after CQ access violation error (aru kolappan) [Orabug: 33585476] - ocfs2: fix race between searching chunks and release journal_head from buffer_head (Gautham Ananthakrishna) [Orabug: 33501677] - rds: ib: Ack seq not always received in monotonic increasing order (H=E5kon Bugge) [Orabug: 33620419] - net/rds: Refactor rds_ib_recv_refill_one (Freddy Carrillo) [Orabug: 33265955] - arm64: pcie: Intercept Pensando specific SError (Henry Willard) [Orabug: 33590080] - arm64: pcie: Change bad_mode hook to cap_pciep_access_in_progress() (Henry Willard) [Orabug: 33590080] - arm64: pcie: Remove Pensando SError trapping patch (Henry Willard) [Orabug: 33590080] - take care multiple extents in CoW extent converting (Wengang Wang) [Orabug: 33473949] - net/mlx5e: ethtool, Add support for EEPROM high pages query (Erez Alfasi) [Orabug: 33525560] - ethtool: Add SFF-8436 and SFF-8636 max EEPROM length definitions (Erez Alfasi) [Orabug: 33525560] - net/mlx5: Remove unnecessary prints from mlx5_enter_error_state. (Anand Khoje) [Orabug: 33651549] - uek-rpm: Add _raw_spin_trylock to KABI (John Donnelly) [Orabug: 33651431] - x86/clear_page: add alternative for clear_page_clzero() (Ankur Arora) [Orabug: 33651433] - x86/asm: add clzero based page clearing (Ankur Arora) [Orabug: 33580825] - x86/cpu/amd: enable X86_FEATURE_NT_GOOD on all AMD Zen models (Ankur Arora) [Orabug: 33580825] - x86/cpu/amd: Call init_amd_zn() om Family 19h processors too (Kim Phillips) [Orabug: 33580825] - cpufreq: intel_pstate: Add Icelake servers support in no-HWP mode (Giovanni Gherdovich) [Orabug: 33651434]

SRPMs

https://oss.oracle.com:443/ol7/SRPMS-updates/kernel-uek-4.14.35-2047.510.5.2.el7uek.src.rpm

x86_64

aarch64

kernel-uek-4.14.35-2047.510.5.2.el7uek.aarch64.rpm kernel-uek-debug-4.14.35-2047.510.5.2.el7uek.aarch64.rpm kernel-uek-debug-devel-4.14.35-2047.510.5.2.el7uek.aarch64.rpm kernel-uek-devel-4.14.35-2047.510.5.2.el7uek.aarch64.rpm kernel-uek-tools-4.14.35-2047.510.5.2.el7uek.aarch64.rpm kernel-uek-tools-libs-4.14.35-2047.510.5.2.el7uek.aarch64.rpm kernel-uek-tools-libs-devel-4.14.35-2047.510.5.2.el7uek.aarch64.rpm perf-4.14.35-2047.510.5.2.el7uek.aarch64.rpm python-perf-4.14.35-2047.510.5.2.el7uek.aarch64.rpm kernel-uek-headers-4.14.35-2047.510.5.2.el7uek.aarch64.rpm

i386

Severity
Related CVEs: CVE-2021-0920 CVE-2021-4155

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved