Oracle Linux Security Advisory ELSA-2022-9999

https://linux.oracle.com/errata/ELSA-2022-9999.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-container-5.4.17-2136.313.6.el7.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.313.6.el7.x86_64.rpm



SRPMS:
https://oss.oracle.com:443/ol7/SRPMS-updates/kernel-uek-container-5.4.17-2136.313.6.el7.src.rpm

Related CVEs:

CVE-2022-3028




Description of changes:

[5.4.17-2136.313.6.el7]
- Uninitialized variable image_ext in fixup_vdso_exception of extable.c (Alok Tiwari)  [Orabug: 33000550]
- NFSD: fix use-after-free on source server when doing inter-server copy (Dai Ngo)  [Orabug: 34475857]
- EDAC/mce_amd: Do not load edac_mce_amd module on guests (Smita Koralahalli)  [Orabug: 34484268]
- uek: kabi: update kABI files for new symbol (Saeed Mirzamohammadi)  [Orabug: 34595589]
- RDS/IB Fix allocation warning (Hans Westgaard Ry)  [Orabug: 34684322]
- uek-rpm: Add support for building a kdump kernel on MIPS64 (Dave Kleikamp)  [Orabug: 34696261]
- hwmon: (opbmc) AST2600 SP reset driver adjustment (Jan Zdarek)  [Orabug: 34710682]
- hwmon: (opbmc) Driver message prefixes (Jan Zdarek)  [Orabug: 34710682]
- Revert "fs: check FMODE_LSEEK to control internal pipe splicing" (Saeed Mirzamohammadi)  [Orabug: 34724694]
- Revert "sched/deadline: Fix priority inheritance with multiple scheduling classes" (Sherry Yang)  [Orabug: 34700434]

[5.4.17-2136.313.5.el7]
- IB/mlx5: Move to fully dynamic UAR mode once user space supports it (Yishai Hadas)  [Orabug: 34430072]
- IB/mlx5: Extend QP creation to get uar page index from user space (Yishai Hadas)  [Orabug: 34430072]
- IB/mlx5: Extend CQ creation to get uar page index from user space (Yishai Hadas)  [Orabug: 34430072]
- IB/mlx5: Expose UAR object and its alloc/destroy commands (Yishai Hadas)  [Orabug: 34430072]
- IB/mlx5: Generally use the WC auto detection test result (Yishai Hadas)  [Orabug: 34430072]
- RDMA/mlx5: Use offsetofend() instead of duplicated variant (Leon Romanovsky)  [Orabug: 34430072]
- RDMA/mlx5: Remove duplicate definitions of SW_ICM macros (Erez Shitrit)  [Orabug: 34430072]
- IB/mlx5: Introduce UAPIs to manage packet pacing (Yishai Hadas)  [Orabug: 34430072]
- RDMA/mlx5: Prevent overflow in mmap offset calculations (Leon Romanovsky)  [Orabug: 34430072]
- RDMA/core: Make the entire API tree static (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/core: Ensure that rdma_user_mmap_entry_remove() is a fence (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/mlx5: Set relaxed ordering when requested (Michael Guralnik)  [Orabug: 34430072]
- RDMA/core: Add the core support field to METHOD_GET_CONTEXT (Michael Guralnik)  [Orabug: 34430072]
- RDMA/uverbs: Add new relaxed ordering memory region access flag (Michael Guralnik)  [Orabug: 34430072]
- RDMA/core: Add optional access flags range (Michael Guralnik)  [Orabug: 34430072]
- RDMA/uverbs: Add ioctl command to get a device context (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/core: Remove ucontext_lock from the uverbs_destry_ufile_hw() path (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/core: Add UVERBS_METHOD_ASYNC_EVENT_ALLOC (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/core: Use READ_ONCE for ib_ufile.async_file (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/core: Make ib_uverbs_async_event_file into a uobject (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/core: Remove the ufile arg from rdma_alloc_begin_uobject (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/core: Simplify type usage for ib_uverbs_async_handler() (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/core: Do not erase the type of ib_wq.uobject (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/core: Do not erase the type of ib_qp.uobject (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/core: Do not erase the type of ib_cq.uobject (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/core: Make ib_ucq_object use ib_uevent_object (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/core: Do not allow alloc_commit to fail (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/mlx5: Simplify devx async commands (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/core: Simplify destruction of FD uobjects (Jason Gunthorpe)  [Orabug: 34430072]
- RDMA/mlx5: Use RCU and direct refcounts to keep memory alive (Jason Gunthorpe)  [Orabug: 34430072]
- IB/mlx5: Add mmap support for VAR (Yishai Hadas)  [Orabug: 34430072]
- IB/mlx5: Introduce VAR object and its alloc/destroy methods (Yishai Hadas)  [Orabug: 34430072]
- IB/mlx5: Extend caps stage to handle VAR capabilities (Yishai Hadas)  [Orabug: 34430072]
- IB/mlx5: Fix device memory flows (Yishai Hadas)  [Orabug: 34430072]
- IB/core: Introduce rdma_user_mmap_entry_insert_range() API (Yishai Hadas)  [Orabug: 34430072]
- IB/mlx5: Support flow counters offset for bulk counters (Yevgeny Kliteynik)  [Orabug: 34430072]
- IB/mlx5: Rename profile and init methods (Michael Guralnik)  [Orabug: 34430072]
- RDMA: Connect between the mmap entry and the umap_priv structure (Michal Kalderon)  [Orabug: 34430072]
- RDMA/core: Create mmap database and cookie helper functions (Michal Kalderon)  [Orabug: 34430072]
- RDMA/core: Move core content from ib_uverbs to ib_core (Michal Kalderon)  [Orabug: 34430072]
- IB/mlx5: Test write combining support (Michael Guralnik)  [Orabug: 34430072]
- IB/mlx5: Align usage of QP1 create flags with rest of mlx5 defines (Michael Guralnik)  [Orabug: 34430072]
- IB/mlx5: Introduce and use mkey context setting helper routine (Parav Pandit)  [Orabug: 34430072]
- net/rds: Send congestion map updates only via path zero (Anand Khoje)  [Orabug: 34578051]
- Revert "RDS/IB: Fix RDS IB SRQ implementation and tune it" (Hans Westgaard Ry)  [Orabug: 34662431]
- net: vlan: Avoid using BUG() in vlan_proto_idx() (Florian Fainelli)  [Orabug: 34672449]
- KVM: x86: drop superfluous mmu_check_root() from fast_pgd_switch() (Vitaly Kuznetsov)  [Orabug: 34679770]
- KVM: SVM: Update cr3_lm_rsvd_bits for AMD SEV guests (Babu Moger)  [Orabug: 34679770]
- KVM: x86: Invoke vendor's vcpu_after_set_cpuid() after all common updates (Sean Christopherson)  [Orabug: 34679770]
- KVM: x86: Move kvm_x86_ops.vcpu_after_set_cpuid() into kvm_vcpu_after_set_cpuid() (Xiaoyao Li)  [Orabug: 34679770]
- KVM: x86: Rename cpuid_update() callback to vcpu_after_set_cpuid() (Xiaoyao Li)  [Orabug: 34679770]
- RDMA/cma: Use output interface for net_dev check (HÃ¥kon Bugge)  [Orabug: 34694980]

[5.4.17-2136.313.4.el7]
- arm64: pensando: Suppress tree-loop-distribute-patterns optimization (Henry Willard)  [Orabug: 34634974]
- uek-rpm: Disable floppy related configs (Saeed Mirzamohammadi)  [Orabug: 34644240]
- ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel systems (Dave Hansen)  [Orabug: 34671342]

Read the full advisory



_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle7: ELSA-2022-9999: kernel-container Important Security Update

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

Summary

[5.4.17-2136.313.6.el7] - Uninitialized variable image_ext in fixup_vdso_exception of extable.c (Alok Tiwari) [Orabug: 33000550] - NFSD: fix use-after-free on source server when doing inter-server copy (Dai Ngo) [Orabug: 34475857] - EDAC/mce_amd: Do not load edac_mce_amd module on guests (Smita Koralahalli) [Orabug: 34484268] - uek: kabi: update kABI files for new symbol (Saeed Mirzamohammadi) [Orabug: 34595589] - RDS/IB Fix allocation warning (Hans Westgaard Ry) [Orabug: 34684322] - uek-rpm: Add support for building a kdump kernel on MIPS64 (Dave Kleikamp) [Orabug: 34696261] - hwmon: (opbmc) AST2600 SP reset driver adjustment (Jan Zdarek) [Orabug: 34710682] - hwmon: (opbmc) Driver message prefixes (Jan Zdarek) [Orabug: 34710682] - Revert "fs: check FMODE_LSEEK to control internal pipe splicing" (Saeed Mirzamohammadi) [Orabug: 34724694] - Revert "sched/deadline: Fix priority inheritance with multiple scheduling classes" (Sherry Yang) [Orabug: 34700434] [5.4.17-2136.313.5.el7] - IB/mlx5: Move to fully dynamic UAR mode once user space supports it (Yishai Hadas) [Orabug: 34430072] - IB/mlx5: Extend QP creation to get uar page index from user space (Yishai Hadas) [Orabug: 34430072] - IB/mlx5: Extend CQ creation to get uar page index from user space (Yishai Hadas) [Orabug: 34430072] - IB/mlx5: Expose UAR object and its alloc/destroy commands (Yishai Hadas) [Orabug: 34430072] - IB/mlx5: Generally use the WC auto detection test result (Yishai Hadas) [Orabug: 34430072] - RDMA/mlx5: Use offsetofend() instead of duplicated variant (Leon Romanovsky) [Orabug: 34430072] - RDMA/mlx5: Remove duplicate definitions of SW_ICM macros (Erez Shitrit) [Orabug: 34430072] - IB/mlx5: Introduce UAPIs to manage packet pacing (Yishai Hadas) [Orabug: 34430072] - RDMA/mlx5: Prevent overflow in mmap offset calculations (Leon Romanovsky) [Orabug: 34430072] - RDMA/core: Make the entire API tree static (Jason Gunthorpe) [Orabug: 34430072] - RDMA/core: Ensure that rdma_user_mmap_entry_remove() is a fence (Jason Gunthorpe) [Orabug: 34430072] - RDMA/mlx5: Set relaxed ordering when requested (Michael Guralnik) [Orabug: 34430072] - RDMA/core: Add the core support field to METHOD_GET_CONTEXT (Michael Guralnik) [Orabug: 34430072] - RDMA/uverbs: Add new relaxed ordering memory region access flag (Michael Guralnik) [Orabug: 34430072] - RDMA/core: Add optional access flags range (Michael Guralnik) [Orabug: 34430072] - RDMA/uverbs: Add ioctl command to get a device context (Jason Gunthorpe) [Orabug: 34430072] - RDMA/core: Remove ucontext_lock from the uverbs_destry_ufile_hw() path (Jason Gunthorpe) [Orabug: 34430072] - RDMA/core: Add UVERBS_METHOD_ASYNC_EVENT_ALLOC (Jason Gunthorpe) [Orabug: 34430072] - RDMA/core: Use READ_ONCE for ib_ufile.async_file (Jason Gunthorpe) [Orabug: 34430072] - RDMA/core: Make ib_uverbs_async_event_file into a uobject (Jason Gunthorpe) [Orabug: 34430072] - RDMA/core: Remove the ufile arg from rdma_alloc_begin_uobject (Jason Gunthorpe) [Orabug: 34430072] - RDMA/core: Simplify type usage for ib_uverbs_async_handler() (Jason Gunthorpe) [Orabug: 34430072] - RDMA/core: Do not erase the type of ib_wq.uobject (Jason Gunthorpe) [Orabug: 34430072] - RDMA/core: Do not erase the type of ib_qp.uobject (Jason Gunthorpe) [Orabug: 34430072] - RDMA/core: Do not erase the type of ib_cq.uobject (Jason Gunthorpe) [Orabug: 34430072] - RDMA/core: Make ib_ucq_object use ib_uevent_object (Jason Gunthorpe) [Orabug: 34430072] - RDMA/core: Do not allow alloc_commit to fail (Jason Gunthorpe) [Orabug: 34430072] - RDMA/mlx5: Simplify devx async commands (Jason Gunthorpe) [Orabug: 34430072] - RDMA/core: Simplify destruction of FD uobjects (Jason Gunthorpe) [Orabug: 34430072] - RDMA/mlx5: Use RCU and direct refcounts to keep memory alive (Jason Gunthorpe) [Orabug: 34430072] - IB/mlx5: Add mmap support for VAR (Yishai Hadas) [Orabug: 34430072] - IB/mlx5: Introduce VAR object and its alloc/destroy methods (Yishai Hadas) [Orabug: 34430072] - IB/mlx5: Extend caps stage to handle VAR capabilities (Yishai Hadas) [Orabug: 34430072] - IB/mlx5: Fix device memory flows (Yishai Hadas) [Orabug: 34430072] - IB/core: Introduce rdma_user_mmap_entry_insert_range() API (Yishai Hadas) [Orabug: 34430072] - IB/mlx5: Support flow counters offset for bulk counters (Yevgeny Kliteynik) [Orabug: 34430072] - IB/mlx5: Rename profile and init methods (Michael Guralnik) [Orabug: 34430072] - RDMA: Connect between the mmap entry and the umap_priv structure (Michal Kalderon) [Orabug: 34430072] - RDMA/core: Create mmap database and cookie helper functions (Michal Kalderon) [Orabug: 34430072] - RDMA/core: Move core content from ib_uverbs to ib_core (Michal Kalderon) [Orabug: 34430072] - IB/mlx5: Test write combining support (Michael Guralnik) [Orabug: 34430072] - IB/mlx5: Align usage of QP1 create flags with rest of mlx5 defines (Michael Guralnik) [Orabug: 34430072] - IB/mlx5: Introduce and use mkey context setting helper routine (Parav Pandit) [Orabug: 34430072] - net/rds: Send congestion map updates only via path zero (Anand Khoje) [Orabug: 34578051] - Revert "RDS/IB: Fix RDS IB SRQ implementation and tune it" (Hans Westgaard Ry) [Orabug: 34662431] - net: vlan: Avoid using BUG() in vlan_proto_idx() (Florian Fainelli) [Orabug: 34672449] - KVM: x86: drop superfluous mmu_check_root() from fast_pgd_switch() (Vitaly Kuznetsov) [Orabug: 34679770] - KVM: SVM: Update cr3_lm_rsvd_bits for AMD SEV guests (Babu Moger) [Orabug: 34679770] - KVM: x86: Invoke vendor's vcpu_after_set_cpuid() after all common updates (Sean Christopherson) [Orabug: 34679770] - KVM: x86: Move kvm_x86_ops.vcpu_after_set_cpuid() into kvm_vcpu_after_set_cpuid() (Xiaoyao Li) [Orabug: 34679770] - KVM: x86: Rename cpuid_update() callback to vcpu_after_set_cpuid() (Xiaoyao Li) [Orabug: 34679770] - RDMA/cma: Use output interface for net_dev check (HÃ¥kon Bugge) [Orabug: 34694980] [5.4.17-2136.313.4.el7] - arm64: pensando: Suppress tree-loop-distribute-patterns optimization (Henry Willard) [Orabug: 34634974] - uek-rpm: Disable floppy related configs (Saeed Mirzamohammadi) [Orabug: 34644240] - ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel systems (Dave Hansen) [Orabug: 34671342] Read the full advisory

SRPMs

https://oss.oracle.com:443/ol7/SRPMS-updates/kernel-uek-container-5.4.17-2136.313.6.el7.src.rpm

x86_64

kernel-uek-container-5.4.17-2136.313.6.el7.x86_64.rpm kernel-uek-container-debug-5.4.17-2136.313.6.el7.x86_64.rpm

aarch64

i386

Severity
Related CVEs: CVE-2022-3028

Related News

Linux Mint 22: Elevating Security and Usability for Admins
3 - 5 min read
Linux Mint has has long been recognized as a versatile and user-friendly distribution and has earned great popularity among administrators and
Exim 4.98 Addresses Critical Vulnerabilities, Bolsters Email Server Security
2 - 4 min read
Exim is one of Unix-like systems' most widely used mail transfer agents. It's essential for email delivery and handling and is a significant part of
Recent OpenSSH RCE Bug Explained: Impact & Mitigations
2 - 4 min read
In an era where cybersecurity threats loom larger than ever, the discovery of a Remote Code Execution (RCE) vulnerability in OpenSSH by Qualys’
CVE-2024-4577: A Swiftly Weaponized Vulnerability for Ransomware Distribution
2 - 4 min read
Security researchers recently issued an update detailing how attackers are exploiting a PHP code execution vulnerability to spread TellYouThePass
Play Ransomware Group Unleashes New Threat on ESXi Environments: Analysis & Mitigation Strategies
3 - 5 min read
The Play ransomware group, well-known for its double-extortion tactics, recently unveiled a Linux variant targeting ESXi environments. This
Critical Linux Kernel Vulnerabilities Patched in Ubuntu Azure Systems
2 - 4 min read
Canonical has fixed several recently identified critical Linux kernel vulnerabilities in July 2024. These vulnerabilities primarily affect Microsoft
The Urgent Need for Secure Software Development: New Report Serves as a Wake-Up Call for the Industry
3 - 5 min read
The Linux Foundation and Open Source Security Foundation recently published a report entitled "Secure Software Development Education 2024
Severe Linux Kernel Privilege Escalation Bugs Could Compromise Entire Systems
2 - 4 min read
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved