Oracle Linux Security Advisory ELSA-2023-12875

https://linux.oracle.com/errata/ELSA-2023-12875.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-4.14.35-2047.530.5.1.el7uek.aarch64.rpm
kernel-uek-debug-4.14.35-2047.530.5.1.el7uek.aarch64.rpm
kernel-uek-debug-devel-4.14.35-2047.530.5.1.el7uek.aarch64.rpm
kernel-uek-devel-4.14.35-2047.530.5.1.el7uek.aarch64.rpm
kernel-uek-tools-4.14.35-2047.530.5.1.el7uek.aarch64.rpm
kernel-uek-tools-libs-4.14.35-2047.530.5.1.el7uek.aarch64.rpm
kernel-uek-tools-libs-devel-4.14.35-2047.530.5.1.el7uek.aarch64.rpm
perf-4.14.35-2047.530.5.1.el7uek.aarch64.rpm
python-perf-4.14.35-2047.530.5.1.el7uek.aarch64.rpm
kernel-uek-headers-4.14.35-2047.530.5.1.el7uek.aarch64.rpm


SRPMS:
https://oss.oracle.com:443/ol7/SRPMS-updates//kernel-uek-4.14.35-2047.530.5.1.el7uek.src.rpm

Related CVEs:

CVE-2023-22024
CVE-2023-42753




Description of changes:

[4.14.35-2047.530.5.1.el7uek]
- Revert "rtnetlink: Reject negative ifindexes in RTM_NEWLINK" (Saeed Mirzamohammadi)  [Orabug: 35896831]

[4.14.35-2047.530.5.el7uek]
- netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c (Kyle Zeng)  [Orabug: 35824288]  {CVE-2023-42753}
- netfilter: xt_u32: validate user space input (Wander Lairson Costa) 
- netfilter: xt_sctp: validate the flag_info count (Wander Lairson Costa)

[4.14.35-2047.530.4.el7uek]
- rds: Fix lack of reentrancy for connection reset with dst addr zero (HÃ¥kon Bugge)  [Orabug: 35819110]  {CVE-2023-22024}
- kernfs: fix missing kernfs_iattr_rwsem locking (Ian Kent)  [Orabug: 35796772]
- uek-rpm: Removing pre scriptlet to not allow firmware downgrade (Samasth Norway Ananda)  [Orabug: 35756463]
- scsi: megaraid_sas: Fix deadlock on firmware crashdump (Junxiao Bi)  [Orabug: 35702793]

[4.14.35-2047.530.3.el7uek]
- Add the new PCI Device IDs to support new generation of AMD 19h processors. (Partha Sarathi Satapathy)  [Orabug: 35773822]
- hwmon: (k10temp) Add support for AMD Family 19h Models 10h-1Fh and A0h-AFh (Babu Moger)  [Orabug: 35773822]

[4.14.35-2047.530.2.el7uek]
- LTS version: v4.14.325 (Saeed Mirzamohammadi) 
- Revert "ARM: ep93xx: fix missing-prototype warnings" (Greg Kroah-Hartman) 
- Revert "MIPS: Alchemy: fix dbdma2" (Greg Kroah-Hartman) 
- LTS version: v4.14.324 (Saeed Mirzamohammadi) 
- dma-buf/sw_sync: Avoid recursive lock during fence signal (Rob Clark) 
- scsi: core: raid_class: Remove raid_component_add() (Zhu Wang) 
- scsi: snic: Fix double free in snic_tgt_create() (Zhu Wang) 
- rtnetlink: Reject negative ifindexes in RTM_NEWLINK (Ido Schimmel) 
- x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4 (Feng Tang) 
- media: vcodec: Fix potential array out-of-bounds in encoder queue_setup (Wei Chen) 
- lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels (Helge Deller) 
- batman-adv: Fix batadv_v_ogm_aggr_send memory leak (Remi Pommarel) 
- batman-adv: Fix TT global entry leak when client roamed back (Remi Pommarel) 
- batman-adv: Do not get eth header before batadv_check_management_packet (Remi Pommarel) 
- batman-adv: Trigger events for auto adjusted MTU (Sven Eckelmann) 
- ibmveth: Use dcbf rather than dcbfl (Michael Ellerman) 
- ipvs: fix racy memcpy in proc_do_sync_threshold (Sishuai Gong) 
- ipvs: Improve robustness to the ipvs sysctl (Junwei Hu) 
- igb: Avoid starting unnecessary workqueues (Alessio Igor Bogani) 
- sock: annotate data-races around prot->memory_pressure (Eric Dumazet) 
- tracing: Fix memleak due to race between current_tracer and trace (Zheng Yejian) 
- net: phy: broadcom: stub c45 read/write for 54810 (Justin Chen) 
- net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure (Lin Ma) 
- net: fix the RTO timer retransmitting skb every 1ms if linear option is enabled (Jason Xing) 
- af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (Kuniyuki Iwashima) 
- ASoC: rt5665: add missed regulator_bulk_disable (Zhang Shurong) 
- netfilter: set default timeout to 3 secs for sctp shutdown send and recv state (Xin Long) 
- test_firmware: prevent race conditions by a correct implementation of locking (Mirsad Goran Todorovac) 
- binder: fix memory leak in binder_init() (Qi Zheng) 
- serial: 8250: Fix oops for port->pm on uart_change_pm() (Tony Lindgren) 
- mmc: wbsd: fix double mmc_free_host() in wbsd_init() (Yang Yingliang) 
- cifs: Release folio lock on fscache read hit. (Russell Harmon via samba-technical) 
- ALSA: usb-audio: Add support for Mythware XA001AU capture and playback interfaces. (dengxiang) 
- net: do not allow gso_size to be set to GSO_BY_FRAGS (Eric Dumazet) 
- sock: Fix misuse of sk_under_memory_pressure() (Abel Wu) 
- i40e: fix misleading debug logs (Andrii Staikov) 
- team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves (Ziyang Xuan) 
- netfilter: nft_dynset: disallow object maps (Pablo Neira Ayuso) 
- xfrm: add NULL check in xfrm_update_ae_params (Lin Ma) 
- ip_vti: fix potential slab-use-after-free in decode_session6 (Zhengchao Shao) 
- ip6_vti: fix slab-use-after-free in decode_session6 (Zhengchao Shao) 
- net: af_key: fix sadb_x_filter validation (Lin Ma) 
- net: xfrm: Fix xfrm_address_filter OOB read (Lin Ma) 
- fbdev: mmp: fix value check in mmphw_probe() (Yuanjun Gong) 
- drm/amdgpu: Fix potential fence use-after-free v2 (shanzhulig) 
- Bluetooth: L2CAP: Fix use-after-free (Zhengping Jiang) 
- pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() (Armin Wolf) 
- gfs2: Fix possible data races in gfs2_show_options() (Tuo Li) 
- media: platform: mediatek: vpu: fix NULL ptr dereference (Hans Verkuil) 
- media: v4l2-mem2mem: add lock to protect parameter num_rdy (Yunfei Dong) 
- FS: JFS: Check for read-only mounted filesystem in txBegin (Immad Mir) 
- FS: JFS: Fix null-ptr-deref Read in txBegin (Immad Mir) 
- MIPS: dec: prom: Address -Warray-bounds warning (Gustavo A. R. Silva) 
- fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev (Yogesh) 
- udf: Fix uninitialized array access for some pathnames (Jan Kara) 
- quota: fix warning in dqgrab() (Ye Bin) 
- quota: Properly disable quotas when add_dquot_ref() fails (Jan Kara) 
- ALSA: emu10k1: roll up loops in DSP setup code for Audigy (Oswald Buddenhagen) 
- drm/radeon: Fix integer overflow in radeon_cs_parser_init (hackyzh002) 
- lib/mpi: Eliminate unused umul_ppmm definitions for MIPS (Nathan Chancellor) 
- LTS version: v4.14.323 (Saeed Mirzamohammadi) 
- alpha: remove __init annotation from exported page_is_ram() (Masahiro Yamada) 
- scsi: core: Fix possible memory leak if device_add() fails (Zhu Wang) 
- scsi: snic: Fix possible memory leak if device_add() fails (Zhu Wang) 
- scsi: 53c700: Check that command slot is not NULL (Alexandra Diupina) 
- scsi: storvsc: Fix handling of virtual Fibre Channel timeouts (Michael Kelley) 
- scsi: core: Fix legacy /proc parsing buffer overflow (Tony Battersby) 
- netfilter: nf_tables: report use refcount overflow (Pablo Neira Ayuso) 
- btrfs: don't stop integrity writeback too early (Christoph Hellwig) 
- IB/hfi1: Fix possible panic during hotplug remove (Douglas Miller) 
- drivers: net: prevent tun_build_skb() to exceed the packet size limit (Andrew Kanner) 
- dccp: fix data-race around dp->dccps_mss_cache (Eric Dumazet) 
- bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves (Ziyang Xuan) 
- net/packet: annotate data-races around tp->status (Eric Dumazet) 
- drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes (Karol Herbst) 
- x86/mm: Fix VDSO and VVAR placement on 5-level paging machines (Kirill A. Shutemov) 
- usb: dwc3: Properly handle processing of pending events (Elson Roy Serrao) 
- usb-storage: alauda: Fix uninit-value in alauda_check_media() (Alan Stern) 
- iio: cros_ec: Fix the allocation size for cros_ec_command (Yiyuan Guo) 
- test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation (Mirsad Goran Todorovac) 
- nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput (Ryusuke Konishi) 
- radix tree test suite: fix incorrect allocation size for pthreads (Colin Ian King) 
- dmaengine: pl330: Return DMA_PAUSED when transaction is paused (Ilpo Järvinen) 
- ipv6: adjust ndisc_is_useropt() to also return true for PIO (Maciej Żenczykowski) 
- mmc: moxart: read scr register without changing byte order (Sergei Antonov) 
- sparc: fix up arch_cpu_finalize_init() build breakage. (Greg Kroah-Hartman)

[4.14.35-2047.530.1.el7uek]
- rds: Remove gratuitous include of time.h from rds.h (Mark Haywood)  [Orabug: 35742762]
- smp: Reduce NMI traffic from CSD waiters to CSD destination (Imran Khan)  [Orabug: 35236407]
- smp: Reduce logging due to dump_stack of CSD waiters (Imran Khan)  [Orabug: 35236407]


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle7: ELSA-2023-12875: kernel Important (aarch64) Security Update

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

Summary

[4.14.35-2047.530.5.1.el7uek] - Revert "rtnetlink: Reject negative ifindexes in RTM_NEWLINK" (Saeed Mirzamohammadi) [Orabug: 35896831] [4.14.35-2047.530.5.el7uek] - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c (Kyle Zeng) [Orabug: 35824288] {CVE-2023-42753} - netfilter: xt_u32: validate user space input (Wander Lairson Costa) - netfilter: xt_sctp: validate the flag_info count (Wander Lairson Costa) [4.14.35-2047.530.4.el7uek] - rds: Fix lack of reentrancy for connection reset with dst addr zero (Håkon Bugge) [Orabug: 35819110] {CVE-2023-22024} - kernfs: fix missing kernfs_iattr_rwsem locking (Ian Kent) [Orabug: 35796772] - uek-rpm: Removing pre scriptlet to not allow firmware downgrade (Samasth Norway Ananda) [Orabug: 35756463] - scsi: megaraid_sas: Fix deadlock on firmware crashdump (Junxiao Bi) [Orabug: 35702793] [4.14.35-2047.530.3.el7uek] - Add the new PCI Device IDs to support new generation of AMD 19h processors. (Partha Sarathi Satapathy) [Orabug: 35773822] - hwmon: (k10temp) Add support for AMD Family 19h Models 10h-1Fh and A0h-AFh (Babu Moger) [Orabug: 35773822] [4.14.35-2047.530.2.el7uek] - LTS version: v4.14.325 (Saeed Mirzamohammadi) - Revert "ARM: ep93xx: fix missing-prototype warnings" (Greg Kroah-Hartman) - Revert "MIPS: Alchemy: fix dbdma2" (Greg Kroah-Hartman) - LTS version: v4.14.324 (Saeed Mirzamohammadi) - dma-buf/sw_sync: Avoid recursive lock during fence signal (Rob Clark) - scsi: core: raid_class: Remove raid_component_add() (Zhu Wang) - scsi: snic: Fix double free in snic_tgt_create() (Zhu Wang) - rtnetlink: Reject negative ifindexes in RTM_NEWLINK (Ido Schimmel) - x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4 (Feng Tang) - media: vcodec: Fix potential array out-of-bounds in encoder queue_setup (Wei Chen) - lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels (Helge Deller) - batman-adv: Fix batadv_v_ogm_aggr_send memory leak (Remi Pommarel) - batman-adv: Fix TT global entry leak when client roamed back (Remi Pommarel) - batman-adv: Do not get eth header before batadv_check_management_packet (Remi Pommarel) - batman-adv: Trigger events for auto adjusted MTU (Sven Eckelmann) - ibmveth: Use dcbf rather than dcbfl (Michael Ellerman) - ipvs: fix racy memcpy in proc_do_sync_threshold (Sishuai Gong) - ipvs: Improve robustness to the ipvs sysctl (Junwei Hu) - igb: Avoid starting unnecessary workqueues (Alessio Igor Bogani) - sock: annotate data-races around prot->memory_pressure (Eric Dumazet) - tracing: Fix memleak due to race between current_tracer and trace (Zheng Yejian) - net: phy: broadcom: stub c45 read/write for 54810 (Justin Chen) - net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure (Lin Ma) - net: fix the RTO timer retransmitting skb every 1ms if linear option is enabled (Jason Xing) - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (Kuniyuki Iwashima) - ASoC: rt5665: add missed regulator_bulk_disable (Zhang Shurong) - netfilter: set default timeout to 3 secs for sctp shutdown send and recv state (Xin Long) - test_firmware: prevent race conditions by a correct implementation of locking (Mirsad Goran Todorovac) - binder: fix memory leak in binder_init() (Qi Zheng) - serial: 8250: Fix oops for port->pm on uart_change_pm() (Tony Lindgren) - mmc: wbsd: fix double mmc_free_host() in wbsd_init() (Yang Yingliang) - cifs: Release folio lock on fscache read hit. (Russell Harmon via samba-technical) - ALSA: usb-audio: Add support for Mythware XA001AU capture and playback interfaces. (dengxiang) - net: do not allow gso_size to be set to GSO_BY_FRAGS (Eric Dumazet) - sock: Fix misuse of sk_under_memory_pressure() (Abel Wu) - i40e: fix misleading debug logs (Andrii Staikov) - team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves (Ziyang Xuan) - netfilter: nft_dynset: disallow object maps (Pablo Neira Ayuso) - xfrm: add NULL check in xfrm_update_ae_params (Lin Ma) - ip_vti: fix potential slab-use-after-free in decode_session6 (Zhengchao Shao) - ip6_vti: fix slab-use-after-free in decode_session6 (Zhengchao Shao) - net: af_key: fix sadb_x_filter validation (Lin Ma) - net: xfrm: Fix xfrm_address_filter OOB read (Lin Ma) - fbdev: mmp: fix value check in mmphw_probe() (Yuanjun Gong) - drm/amdgpu: Fix potential fence use-after-free v2 (shanzhulig) - Bluetooth: L2CAP: Fix use-after-free (Zhengping Jiang) - pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() (Armin Wolf) - gfs2: Fix possible data races in gfs2_show_options() (Tuo Li) - media: platform: mediatek: vpu: fix NULL ptr dereference (Hans Verkuil) - media: v4l2-mem2mem: add lock to protect parameter num_rdy (Yunfei Dong) - FS: JFS: Check for read-only mounted filesystem in txBegin (Immad Mir) - FS: JFS: Fix null-ptr-deref Read in txBegin (Immad Mir) - MIPS: dec: prom: Address -Warray-bounds warning (Gustavo A. R. Silva) - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev (Yogesh) - udf: Fix uninitialized array access for some pathnames (Jan Kara) - quota: fix warning in dqgrab() (Ye Bin) - quota: Properly disable quotas when add_dquot_ref() fails (Jan Kara) - ALSA: emu10k1: roll up loops in DSP setup code for Audigy (Oswald Buddenhagen) - drm/radeon: Fix integer overflow in radeon_cs_parser_init (hackyzh002) - lib/mpi: Eliminate unused umul_ppmm definitions for MIPS (Nathan Chancellor) - LTS version: v4.14.323 (Saeed Mirzamohammadi) - alpha: remove __init annotation from exported page_is_ram() (Masahiro Yamada) - scsi: core: Fix possible memory leak if device_add() fails (Zhu Wang) - scsi: snic: Fix possible memory leak if device_add() fails (Zhu Wang) - scsi: 53c700: Check that command slot is not NULL (Alexandra Diupina) - scsi: storvsc: Fix handling of virtual Fibre Channel timeouts (Michael Kelley) - scsi: core: Fix legacy /proc parsing buffer overflow (Tony Battersby) - netfilter: nf_tables: report use refcount overflow (Pablo Neira Ayuso) - btrfs: don't stop integrity writeback too early (Christoph Hellwig) - IB/hfi1: Fix possible panic during hotplug remove (Douglas Miller) - drivers: net: prevent tun_build_skb() to exceed the packet size limit (Andrew Kanner) - dccp: fix data-race around dp->dccps_mss_cache (Eric Dumazet) - bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves (Ziyang Xuan) - net/packet: annotate data-races around tp->status (Eric Dumazet) - drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes (Karol Herbst) - x86/mm: Fix VDSO and VVAR placement on 5-level paging machines (Kirill A. Shutemov) - usb: dwc3: Properly handle processing of pending events (Elson Roy Serrao) - usb-storage: alauda: Fix uninit-value in alauda_check_media() (Alan Stern) - iio: cros_ec: Fix the allocation size for cros_ec_command (Yiyuan Guo) - test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation (Mirsad Goran Todorovac) - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput (Ryusuke Konishi) - radix tree test suite: fix incorrect allocation size for pthreads (Colin Ian King) - dmaengine: pl330: Return DMA_PAUSED when transaction is paused (Ilpo Järvinen) - ipv6: adjust ndisc_is_useropt() to also return true for PIO (Maciej Żenczykowski) - mmc: moxart: read scr register without changing byte order (Sergei Antonov) - sparc: fix up arch_cpu_finalize_init() build breakage. (Greg Kroah-Hartman) [4.14.35-2047.530.1.el7uek] - rds: Remove gratuitous include of time.h from rds.h (Mark Haywood) [Orabug: 35742762] - smp: Reduce NMI traffic from CSD waiters to CSD destination (Imran Khan) [Orabug: 35236407] - smp: Reduce logging due to dump_stack of CSD waiters (Imran Khan) [Orabug: 35236407]

SRPMs

https://oss.oracle.com:443/ol7/SRPMS-updates//kernel-uek-4.14.35-2047.530.5.1.el7uek.src.rpm

x86_64

aarch64

kernel-uek-4.14.35-2047.530.5.1.el7uek.aarch64.rpm kernel-uek-debug-4.14.35-2047.530.5.1.el7uek.aarch64.rpm kernel-uek-debug-devel-4.14.35-2047.530.5.1.el7uek.aarch64.rpm kernel-uek-devel-4.14.35-2047.530.5.1.el7uek.aarch64.rpm kernel-uek-tools-4.14.35-2047.530.5.1.el7uek.aarch64.rpm kernel-uek-tools-libs-4.14.35-2047.530.5.1.el7uek.aarch64.rpm kernel-uek-tools-libs-devel-4.14.35-2047.530.5.1.el7uek.aarch64.rpm perf-4.14.35-2047.530.5.1.el7uek.aarch64.rpm python-perf-4.14.35-2047.530.5.1.el7uek.aarch64.rpm kernel-uek-headers-4.14.35-2047.530.5.1.el7uek.aarch64.rpm

i386

Severity
Related CVEs: CVE-2023-22024 CVE-2023-42753

Related News

Linux Mint 22: Elevating Security and Usability for Admins
3 - 5 min read
Linux Mint has has long been recognized as a versatile and user-friendly distribution and has earned great popularity among administrators and
Exim 4.98 Addresses Critical Vulnerabilities, Bolsters Email Server Security
2 - 4 min read
Exim is one of Unix-like systems' most widely used mail transfer agents. It's essential for email delivery and handling and is a significant part of
Recent OpenSSH RCE Bug Explained: Impact & Mitigations
2 - 4 min read
In an era where cybersecurity threats loom larger than ever, the discovery of a Remote Code Execution (RCE) vulnerability in OpenSSH by Qualys’
CVE-2024-4577: A Swiftly Weaponized Vulnerability for Ransomware Distribution
2 - 4 min read
Security researchers recently issued an update detailing how attackers are exploiting a PHP code execution vulnerability to spread TellYouThePass
Play Ransomware Group Unleashes New Threat on ESXi Environments: Analysis & Mitigation Strategies
3 - 5 min read
The Play ransomware group, well-known for its double-extortion tactics, recently unveiled a Linux variant targeting ESXi environments. This
Critical Linux Kernel Vulnerabilities Patched in Ubuntu Azure Systems
2 - 4 min read
Canonical has fixed several recently identified critical Linux kernel vulnerabilities in July 2024. These vulnerabilities primarily affect Microsoft
The Urgent Need for Secure Software Development: New Report Serves as a Wake-Up Call for the Industry
3 - 5 min read
The Linux Foundation and Open Source Security Foundation recently published a report entitled "Secure Software Development Education 2024
Severe Linux Kernel Privilege Escalation Bugs Could Compromise Entire Systems
2 - 4 min read
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved