Oracle Linux Security Advisory ELSA-2022-5819

https://linux.oracle.com/errata/ELSA-2022-5819.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
kernel-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
kernel-abi-stablelists-4.18.0-372.19.1.0.1.el8_6.noarch.rpm
kernel-core-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
kernel-cross-headers-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
kernel-debug-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
kernel-debug-core-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
kernel-debug-devel-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
kernel-debug-modules-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
kernel-debug-modules-extra-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
kernel-devel-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
kernel-doc-4.18.0-372.19.1.0.1.el8_6.noarch.rpm
kernel-headers-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
kernel-modules-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
kernel-modules-extra-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
kernel-tools-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
kernel-tools-libs-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
perf-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
python3-perf-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm
kernel-tools-libs-devel-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm

aarch64:
bpftool-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm
kernel-cross-headers-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm
kernel-headers-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm
kernel-tools-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm
kernel-tools-libs-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm
perf-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm
python3-perf-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm
kernel-tools-libs-devel-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm


SRPMS:
https://oss.oracle.com:443/ol8/SRPMS-updates/kernel-4.18.0-372.19.1.0.1.el8_6.src.rpm

Related CVEs:

CVE-2022-1012
CVE-2022-32250




Description of changes:

[4.18.0-372.19.1.0.1.el8_6.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-11.0.5.el8
- debug: lockdown kgdb [Orabug: 34270802] {CVE-2022-21499}

[4.18.0-372.19.1.el8_6]
- net/mlx5: CT: Fix header-rewrite re-use for tupels (Amir Tzin) [2104013 2101162]
- net/mlx5e: TC, Fix ct_clear overwriting ct action metadata (Amir Tzin) [2104012 2100474]
- netfilter: flowtable: fix TCP flow teardown (Florian Westphal) [2104002 2088234]
- netfilter: conntrack: annotate data-races around ct->timeout (Florian Westphal) [2104002 2088234]
- netfilter: conntrack: initialize ct->timeout (Florian Westphal) [2104002 2088234]
- net/sched: act_police: more accurate MTU policing (Davide Caratti) [2102333 2100893]
- bpf: Fix request_sock leak in sk lookup helpers (Antoine Tenart) [2104670 2085313]

[4.18.0-372.18.1.el8_6]
- redhat: flesh out rpminspect config file (Jarod Wilson)
- powerpc/pseries/ddw: Revert "Extend upper limit for huge DMA window for persistent memory" (Steve Best) [2100150 2056080]
- vdpa: mlx5: synchronize driver status with CVQ (Jason Wang) [2093416 2048009]
- vdpa: mlx5: prevent cvq work from hogging CPU (Jason Wang) [2093416 2048009]
- vdpa/mlx5: Avoid processing works if workqueue was destroyed (Cindy Lu) [2093416 2048009]
- cifs: fix potential double free during failed mount (Ronnie Sahlberg) [2102251 2088799]

[4.18.0-372.17.1.el8_6]
- tcp: drop the hash_32() part from the index calculation (Guillaume Nault) [2087130 2064876] {CVE-2022-1012}
- tcp: increase source port perturb table to 2^16 (Guillaume Nault) [2087130 2064876] {CVE-2022-1012}
- tcp: dynamically allocate the perturb table used by source ports (Guillaume Nault) [2087130 2064876] {CVE-2022-1012}
- tcp: add small random increments to the source port (Guillaume Nault) [2087130 2064876] {CVE-2022-1012}
- tcp: resalt the secret every 10 seconds (Guillaume Nault) [2087130 2064876] {CVE-2022-1012}
- tcp: use different parts of the port_offset for index and offset (Guillaume Nault) [2087130 2064876] {CVE-2022-1012}
- secure_seq: use the 64 bits of the siphash for port offset calculation (Guillaume Nault) [2087130 2064876] {CVE-2022-1012}
- tcp: add some entropy in __inet_hash_connect() (Guillaume Nault) [2087130 2064876] {CVE-2022-1012}
- tcp: change source port randomizarion at connect() time (Guillaume Nault) [2087130 2064876] {CVE-2022-1012}
- hrtimer: Unbreak hrtimer_force_reprogram() (Fernando Pacheco) [2090484 2071776]
- hrtimer: Use raw_cpu_ptr() in clock_was_set() (Fernando Pacheco) [2090484 2071776]
- hrtimer: Avoid more SMP function calls in clock_was_set() (Fernando Pacheco) [2090484 2071776]
- hrtimer: Avoid unnecessary SMP function calls in clock_was_set() (Fernando Pacheco) [2090484 2071776]
- hrtimer: Add bases argument to clock_was_set() (Fernando Pacheco) [2090484 2071776]
- time/timekeeping: Avoid invoking clock_was_set() twice (Fernando Pacheco) [2090484 2071776]
- timekeeping: Distangle resume and clock-was-set events (Fernando Pacheco) [2090484 2071776]
- timerfd: Provide timerfd_resume() (Fernando Pacheco) [2090484 2071776]
- hrtimer: Force clock_was_set() handling for the HIGHRES=n, NOHZ=y case (Fernando Pacheco) [2090484 2071776]
- hrtimer: Ensure timerfd notification for HIGHRES=n (Fernando Pacheco) [2090484 2071776]
- hrtimer: Consolidate reprogramming code (Fernando Pacheco) [2090484 2071776]
- hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns() (Fernando Pacheco) [2090484 2071776]
- hrtimer: Update softirq_expires_next correctly after __hrtimer_get_next_event() (Fernando Pacheco) [2090484 2071776]
- hrtimer: Annotate lockless access to timer->state (Fernando Pacheco) [2090484 2071776]
- mm, compaction: fast_find_migrateblock() should return pfn in the target zone (Rafael Aquini) [2100529 2067130]
- lib/sbitmap: fix sb->map leak (Ming Lei) [2100254 2093549]
- scsi: core: Fix sbitmap depth in scsi_realloc_sdev_budget_map() (Ewan D. Milne) [2100254 2071831]
- lib/sbitmap: allocate sb->map via kvzalloc_node (Ewan D. Milne) [2100254 2071831]
- mm: move kvmalloc-related functions to slab.h (Ewan D. Milne) [2100254 2071831]
- scsi: core: Reallocate device's budget map on queue depth change (Ewan D. Milne) [2100254 2071831]
- scsi: core: Fix scsi_device_max_queue_depth() (Ewan D. Milne) [2100254 2071831]
- netfilter: nf_tables: disallow non-stateful expression in sets earlier (Phil Sutter) [2092986 2092987] {CVE-2022-32250}
- audit: improve audit queue handling when "audit=1" on cmdline (Richard Guy Briggs) [2095434 2035123]
- audit: improve robustness of the audit queue handling (Richard Guy Briggs) [2095434 2035123]


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle8: ELSA-2022-5819: kernel Important Security Update

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

[4.18.0-372.19.1.0.1.el8_6.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-11.0.5.el8 - debug: lockdown kgdb [Orabug: 34270802] {CVE-2022-21499} [4.18.0-372.19.1.el8_6] - net/mlx5: CT: Fix header-rewrite re-use for tupels (Amir Tzin) [2104013 2101162] - net/mlx5e: TC, Fix ct_clear overwriting ct action metadata (Amir Tzin) [2104012 2100474] - netfilter: flowtable: fix TCP flow teardown (Florian Westphal) [2104002 2088234] - netfilter: conntrack: annotate data-races around ct->timeout (Florian Westphal) [2104002 2088234] - netfilter: conntrack: initialize ct->timeout (Florian Westphal) [2104002 2088234] - net/sched: act_police: more accurate MTU policing (Davide Caratti) [2102333 2100893] - bpf: Fix request_sock leak in sk lookup helpers (Antoine Tenart) [2104670 2085313] [4.18.0-372.18.1.el8_6] - redhat: flesh out rpminspect config file (Jarod Wilson) - powerpc/pseries/ddw: Revert "Extend upper limit for huge DMA window for persistent memory" (Steve Best) [2100150 2056080] - vdpa: mlx5: synchronize driver status with CVQ (Jason Wang) [2093416 2048009] - vdpa: mlx5: prevent cvq work from hogging CPU (Jason Wang) [2093416 2048009] - vdpa/mlx5: Avoid processing works if workqueue was destroyed (Cindy Lu) [2093416 2048009] - cifs: fix potential double free during failed mount (Ronnie Sahlberg) [2102251 2088799] [4.18.0-372.17.1.el8_6] - tcp: drop the hash_32() part from the index calculation (Guillaume Nault) [2087130 2064876] {CVE-2022-1012} - tcp: increase source port perturb table to 2^16 (Guillaume Nault) [2087130 2064876] {CVE-2022-1012} - tcp: dynamically allocate the perturb table used by source ports (Guillaume Nault) [2087130 2064876] {CVE-2022-1012} - tcp: add small random increments to the source port (Guillaume Nault) [2087130 2064876] {CVE-2022-1012} - tcp: resalt the secret every 10 seconds (Guillaume Nault) [2087130 2064876] {CVE-2022-1012} - tcp: use different parts of the port_offset for index and offset (Guillaume Nault) [2087130 2064876] {CVE-2022-1012} - secure_seq: use the 64 bits of the siphash for port offset calculation (Guillaume Nault) [2087130 2064876] {CVE-2022-1012} - tcp: add some entropy in __inet_hash_connect() (Guillaume Nault) [2087130 2064876] {CVE-2022-1012} - tcp: change source port randomizarion at connect() time (Guillaume Nault) [2087130 2064876] {CVE-2022-1012} - hrtimer: Unbreak hrtimer_force_reprogram() (Fernando Pacheco) [2090484 2071776] - hrtimer: Use raw_cpu_ptr() in clock_was_set() (Fernando Pacheco) [2090484 2071776] - hrtimer: Avoid more SMP function calls in clock_was_set() (Fernando Pacheco) [2090484 2071776] - hrtimer: Avoid unnecessary SMP function calls in clock_was_set() (Fernando Pacheco) [2090484 2071776] - hrtimer: Add bases argument to clock_was_set() (Fernando Pacheco) [2090484 2071776] - time/timekeeping: Avoid invoking clock_was_set() twice (Fernando Pacheco) [2090484 2071776] - timekeeping: Distangle resume and clock-was-set events (Fernando Pacheco) [2090484 2071776] - timerfd: Provide timerfd_resume() (Fernando Pacheco) [2090484 2071776] - hrtimer: Force clock_was_set() handling for the HIGHRES=n, NOHZ=y case (Fernando Pacheco) [2090484 2071776] - hrtimer: Ensure timerfd notification for HIGHRES=n (Fernando Pacheco) [2090484 2071776] - hrtimer: Consolidate reprogramming code (Fernando Pacheco) [2090484 2071776] - hrtimer: Avoid double reprogramming in __hrtimer_start_range_ns() (Fernando Pacheco) [2090484 2071776] - hrtimer: Update softirq_expires_next correctly after __hrtimer_get_next_event() (Fernando Pacheco) [2090484 2071776] - hrtimer: Annotate lockless access to timer->state (Fernando Pacheco) [2090484 2071776] - mm, compaction: fast_find_migrateblock() should return pfn in the target zone (Rafael Aquini) [2100529 2067130] - lib/sbitmap: fix sb->map leak (Ming Lei) [2100254 2093549] - scsi: core: Fix sbitmap depth in scsi_realloc_sdev_budget_map() (Ewan D. Milne) [2100254 2071831] - lib/sbitmap: allocate sb->map via kvzalloc_node (Ewan D. Milne) [2100254 2071831] - mm: move kvmalloc-related functions to slab.h (Ewan D. Milne) [2100254 2071831] - scsi: core: Reallocate device's budget map on queue depth change (Ewan D. Milne) [2100254 2071831] - scsi: core: Fix scsi_device_max_queue_depth() (Ewan D. Milne) [2100254 2071831] - netfilter: nf_tables: disallow non-stateful expression in sets earlier (Phil Sutter) [2092986 2092987] {CVE-2022-32250} - audit: improve audit queue handling when "audit=1" on cmdline (Richard Guy Briggs) [2095434 2035123] - audit: improve robustness of the audit queue handling (Richard Guy Briggs) [2095434 2035123]

SRPMs

https://oss.oracle.com:443/ol8/SRPMS-updates/kernel-4.18.0-372.19.1.0.1.el8_6.src.rpm

x86_64

bpftool-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm kernel-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm kernel-abi-stablelists-4.18.0-372.19.1.0.1.el8_6.noarch.rpm kernel-core-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm kernel-cross-headers-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm kernel-debug-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm kernel-debug-core-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm kernel-debug-devel-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm kernel-debug-modules-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm kernel-debug-modules-extra-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm kernel-devel-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm kernel-doc-4.18.0-372.19.1.0.1.el8_6.noarch.rpm kernel-headers-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm kernel-modules-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm kernel-modules-extra-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm kernel-tools-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm kernel-tools-libs-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm perf-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm python3-perf-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm kernel-tools-libs-devel-4.18.0-372.19.1.0.1.el8_6.x86_64.rpm

aarch64

bpftool-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm kernel-cross-headers-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm kernel-headers-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm kernel-tools-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm kernel-tools-libs-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm perf-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm python3-perf-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm kernel-tools-libs-devel-4.18.0-372.19.1.0.1.el8_6.aarch64.rpm

i386

Severity
Related CVEs: CVE-2022-1012 CVE-2022-32250

Related News

Linux Mint 22: Elevating Security and Usability for Admins
3 - 5 min read
Linux Mint has has long been recognized as a versatile and user-friendly distribution and has earned great popularity among administrators and
Exim 4.98 Addresses Critical Vulnerabilities, Bolsters Email Server Security
2 - 4 min read
Exim is one of Unix-like systems' most widely used mail transfer agents. It's essential for email delivery and handling and is a significant part of
Recent OpenSSH RCE Bug Explained: Impact & Mitigations
2 - 4 min read
In an era where cybersecurity threats loom larger than ever, the discovery of a Remote Code Execution (RCE) vulnerability in OpenSSH by Qualys’
CVE-2024-4577: A Swiftly Weaponized Vulnerability for Ransomware Distribution
2 - 4 min read
Security researchers recently issued an update detailing how attackers are exploiting a PHP code execution vulnerability to spread TellYouThePass
Play Ransomware Group Unleashes New Threat on ESXi Environments: Analysis & Mitigation Strategies
3 - 5 min read
The Play ransomware group, well-known for its double-extortion tactics, recently unveiled a Linux variant targeting ESXi environments. This
Critical Linux Kernel Vulnerabilities Patched in Ubuntu Azure Systems
2 - 4 min read
Canonical has fixed several recently identified critical Linux kernel vulnerabilities in July 2024. These vulnerabilities primarily affect Microsoft
The Urgent Need for Secure Software Development: New Report Serves as a Wake-Up Call for the Industry
3 - 5 min read
The Linux Foundation and Open Source Security Foundation recently published a report entitled "Secure Software Development Education 2024
Severe Linux Kernel Privilege Escalation Bugs Could Compromise Entire Systems
2 - 4 min read
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved