Oracle7: ELSA-2023-13039: kernel Important (aarch64) Security Update
Summary
[4.14.35-2047.532.3.el7uek] - Revert "mmc: core: Capture correct oemid-bits for eMMC cards" (Dominique Martinet) - media: dvb-usb-v2: af9035: fix missing unlock (Hans Verkuil) - perf/core: Fix potential NULL deref (Peter Zijlstra) [4.14.35-2047.532.2.el7uek] - x86: change default to spec_store_bypass_disable=prctl spectre_v2_user=prctl (Andrea Arcangeli) [Orabug: 35905888] - LTS version: 4.14.328 (Saeed Mirzamohammadi) - Bluetooth: hci_event: Fix using memcmp when comparing keys (Luiz Augusto von Dentz) - Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name (Kees Cook) - Bluetooth: hci_sock: fix slab oob read in create_monitor_event (Edward AD) - gpio: vf610: set value before the direction to avoid a glitch (Haibo Chen) - s390/pci: fix iommu bitmap allocation (Niklas Schnelle) - perf: Disallow mis-matched inherited group reads (Saeed Mirzamohammadi) - USB: serial: option: add Fibocom to DELL custom modem FM101R-GL (Puliang Lu) - USB: serial: option: add entry for Sierra EM9191 with new firmware (Benoît Monin) - USB: serial: option: add Telit LE910C4-WWX 0x1035 composition (Fabio Porcedda) - ACPI: irq: Fix incorrect return value in acpi_register_gsi() (Sunil V L) - Revert "pinctrl: avoid unsafe code pattern in find_pinctrl()" (Andy Shevchenko) - mmc: core: Capture correct oemid-bits for eMMC cards (Avri Altman) - sky2: Make sure there is at least one frag_addr available (Kees Cook) - wifi: cfg80211: avoid leaking stack data into trace (Benjamin Berg) - wifi: mac80211: allow transmitting EAPOL frames with tainted key (Wen Gong) - Bluetooth: hci_core: Fix build warnings (Luiz Augusto von Dentz) - Bluetooth: Avoid redundant authentication (Ying Hsu) - HID: holtek: fix slab-out-of-bounds Write in holtek_kbd_input_event (Ma Ke) - tracing: relax trace_event_eval_update() execution with cond_resched() (Clément Léger) - ata: libata-eh: Fix compilation warning in ata_eh_link_report() (Damien Le Moal) - gpio: timberdale: Fix potential deadlock on &tgpio->lock (Chengfeng Ye) - overlayfs: set ctime when setting mtime and atime (Jeff Layton) - i2c: mux: Avoid potential false error message in i2c_mux_add_adapter (Heiner Kallweit) - btrfs: initialize start_slot in btrfs_log_prealloc_extents (Josef Bacik) - ARM: dts: ti: omap: Fix noisy serial with overrun-throttle-ms for mapphone (Tony Lindgren) - i40e: prevent crash on probe if hw registers have invalid values (Michal Schmidt) - net: usb: smsc95xx: Fix an error code in smsc95xx_reset() (Dan Carpenter) - net: rfkill: gpio: prevent value glitch during probe (Josua Mayer) - net: ipv6: fix return value check in esp_remove_trailer (Ma Ke) - net: ipv4: fix return value check in esp_remove_trailer (Ma Ke) - xfrm: fix a data-race in xfrm_gen_index() (Saeed Mirzamohammadi) - netfilter: nft_payload: fix wrong mac header matching (Florian Westphal) - KVM: x86: Mask LVTPC when handling a PMI (Jim Mattson) - regmap: fix NULL deref on lookup (Johan Hovold) - nfc: nci: fix possible NULL pointer dereference in send_acknowledge() (Krzysztof Kozlowski) - Bluetooth: avoid memcmp() out of bounds warning (Arnd Bergmann) - Bluetooth: hci_event: Fix coding style (Luiz Augusto von Dentz) - Bluetooth: vhci: Fix race when opening vhci device (Arkadiusz Bokowy) - Bluetooth: Fix a refcnt underflow problem for hci_conn (Ziyang Xuan) - Bluetooth: Reject connection with the device which has same BD_ADDR (Lee, Chun-Yi) - Bluetooth: hci_event: Ignore NULL link key (Lee, Chun-Yi) - usb: hub: Guard against accesses to uninitialized BOS descriptors (Ricardo Cañuelo) - x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs (Borislav Petkov (AMD)) - usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call (Krishna Kurapati) - usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (Piyush Mehta) - pinctrl: avoid unsafe code pattern in find_pinctrl() (Dmitry Torokhov) - cgroup: Remove duplicates in cgroup v1 tasks file (Michal Koutný) - Input: xpad - add PXN V900 support (Matthias Berndt) - Input: powermate - fix use-after-free in powermate_config_complete (Javier Carrasco) - ceph: fix incorrect revoked caps assert in ceph_fill_file_size() (Xiubo Li) - mcb: remove is_added flag from mcb_device struct (Jorge Sanjuan Garcia) - iio: pressure: ms5611: ms5611_prom_is_valid false negative bug (Alexander Zangerl) - iio: pressure: bmp280: Fix NULL pointer exception (Phil Elwell) - usb: musb: Modify the "HWVers" register address (Xingxing Luo) - usb: musb: Get the musb_qh poniter after musb_giveback (Xingxing Luo) - net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read (Javier Carrasco) - usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer (Wesley Cheng) - workqueue: Override implicit ordered attribute in workqueue_apply_unbound_cpumask() (Waiman Long) - nfc: nci: assert requested protocol is valid (Jeremy Cline) - ixgbe: fix crash with empty VF macvlan list (Dan Carpenter) - drm/vmwgfx: fix typo of sizeof argument (Konstantin Meskhidze) - ieee802154: ca8210: Fix a potential UAF in ca8210_probe (Dinghao Liu) - drm: etvnaviv: fix bad backport leading to warning (Martin Fuzzey) - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect (Hans de Goede) - RDMA/cxgb4: Check skb value for failure to allocate (Artem Chernyshev) - LTS version: 4.14.327 (Saeed Mirzamohammadi) - parisc: Restore __ldcw_align for PA-RISC 2.0 processors (John David Anglin) - RDMA/mlx5: Fix NULL string error (Shay Drory) - RDMA/cma: Fix truncation compilation warning in make_cma_ports (Leon Romanovsky) - gpio: aspeed: fix the GPIO number passed to pinctrl_gpio_set_config() (Bartosz Golaszewski) - IB/mlx4: Fix the size of a buffer in add_port_entries() (Christophe JAILLET) - cpupower: add Makefile dependencies for install targets (Ivan Babrou) - sctp: update hb timer immediately after users change hb_interval (Xin Long) - sctp: update transport state when processing a dupcook packet (Xin Long) - tcp: fix delayed ACKs for MSS boundary condition (Neal Cardwell) - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (Shigeru Yoshida) - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() (David Howells) - modpost: add missing else to the "of" check (Mauricio Faria de Oliveira) - scsi: target: core: Fix deadlock due to recursive locking (Junxiao Bi) - regmap: rbtree: Fix wrong register marked as in-cache when creating new node (Richard Fitzgerald) - drivers/net: process the result of hdlc_open() and add call of hdlc_close() in uhdlc_close() (Alexandra Diupina) - ubi: Refuse attaching if mtd's erasesize is 0 (Zhihao Cheng) - wifi: mwifiex: Fix tlv_buf_left calculation (Gustavo A. R. Silva) - scsi: zfcp: Fix a double put in zfcp_port_enqueue() (Dinghao Liu) - media: dvb: symbol fixup for dvb_attach() - again (Greg Kroah-Hartman) - ata: libata: disallow dev-initiated LPM transitions to unsupported states (Niklas Cassel) - net/sched: sch_hfsc: Ensure inner classes have fsc curve (Budimir Markovic) [Orabug: 35810543] {CVE-2023-4623} - ext4: fix rec_len verify error (Shida Zhang) - vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF (George Kennedy) - fs: binfmt_elf_efpic: fix personality for ELF-FDPIC (Greg Ungerer) - ata: libata-sata: increase PMP SRST timeout to 10s (Matthias Schiffer) - ata: libata-core: Fix port and device removal (Damien Le Moal) - ata: libata-core: Fix ata_port_request_pm() locking (Damien Le Moal) - btrfs: properly report 0 avail for very full file systems (Josef Bacik) - i2c: i801: unregister tco_pdev in i801_probe() error path (Heiner Kallweit) - ata: libata-scsi: ignore reserved bits for REPORT SUPPORTED OPERATION CODES (Niklas Cassel) - nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() (Pan Bian) - serial: 8250_port: Check IRQ data before use (Andy Shevchenko) - watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running (Mika Westerberg) - watchdog: iTCO_wdt: No need to stop the timer in probe (Mika Westerberg) - ata: libahci: clear pending interrupt status (Szuying Chen) - ata: ahci: Drop pointless VPRINTK() calls and convert the remaining ones (Hannes Reinecke) - fbdev/sh7760fb: Depend on FB=y (Thomas Zimmermann) - ata: libata-eh: do not clear ATA_PFLAG_EH_PENDING in ata_eh_reset() (Niklas Cassel) - ring-buffer: Avoid softlockup in ring_buffer_resize() (Zheng Yejian) - selftests/ftrace: Correctly enable event in instance-event.tc (Zheng Yejian) - parisc: irq: Make irq_stack_union static to avoid sparse warning (Helge Deller) - parisc: iosapic.c: Fix sparse warnings (Helge Deller) - parisc: sba: Fix compile warning wrt list of SBA devices (Helge Deller) - xtensa: boot/lib: fix function prototypes (Max Filippov) - xtensa: boot: don't add include-dirs (Randy Dunlap) - clk: tegra: fix error return case for recalc_rate (Timo Alho) - i2c: mux: demux-pinctrl: check the return value of devm_kstrdup() (Xiaoke Wang) - gpio: tb10x: Fix an error handling path in tb10x_gpio_probe() (Christophe JAILLET) - team: fix null-ptr-deref when team device type is changed (Ziyang Xuan) - powerpc/perf/hv-24x7: Update domain value check (Kajol Jain) - ipv4: fix null-deref in ipv4_link_failure (Kyle Zeng) - NFS/pNFS: Report EINVAL errors from connect() to the server (Trond Myklebust) [4.14.35-2047.532.1.el7uek] - rds/ib: Preserve dest qp num in the connect request (Arumugam Kolappan) [Orabug: 35649849] - rds: Provision to allow all trace points at module load time (Arumugam Kolappan) [Orabug: 35355776]
SRPMs
https://oss.oracle.com:443/ol7/SRPMS-updates//kernel-uek-4.14.35-2047.532.3.el7uek.src.rpm
x86_64
aarch64
kernel-uek-4.14.35-2047.532.3.el7uek.aarch64.rpm kernel-uek-debug-4.14.35-2047.532.3.el7uek.aarch64.rpm kernel-uek-debug-devel-4.14.35-2047.532.3.el7uek.aarch64.rpm kernel-uek-devel-4.14.35-2047.532.3.el7uek.aarch64.rpm kernel-uek-tools-4.14.35-2047.532.3.el7uek.aarch64.rpm kernel-uek-tools-libs-4.14.35-2047.532.3.el7uek.aarch64.rpm kernel-uek-tools-libs-devel-4.14.35-2047.532.3.el7uek.aarch64.rpm perf-4.14.35-2047.532.3.el7uek.aarch64.rpm python-perf-4.14.35-2047.532.3.el7uek.aarch64.rpm kernel-uek-headers-4.14.35-2047.532.3.el7uek.aarch64.rpm
i386
