Oracle Linux Security Advisory ELSA-2022-9365

http://linux.oracle.com/errata/ELSA-2022-9365.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-5.4.17-2136.307.3.1.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.307.3.1.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.307.3.1.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.307.3.1.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.307.3.1.el8uek.noarch.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-5.4.17-2136.307.3.1.el8uek.src.rpm

Related CVEs:

CVE-2020-24502
CVE-2020-245024
CVE-2020-24503
CVE-2021-45095
CVE-2022-1016
CVE-2022-1055
CVE-2022-1158
CVE-2022-27666




Description of changes:

[5.4.17-2136.307.3.1.el8uek]
- Revert "rds/ib: recover rds connection from stuck tx path" (Nagappan Ramasamy Palaniappan)  [Orabug: 34124233]
- Revert "rds/ib: reap tx completions during connection shutdown" (Nagappan Ramasamy Palaniappan)  [Orabug: 34124233]
- Revert "rds/ib: handle posted ACK during connection shutdown" (Nagappan Ramasamy Palaniappan)  [Orabug: 34124233]

[5.4.17-2136.307.3.el8uek]
- kvm: debugfs: fix memory leak in kvm_create_vm_debugfs (Pavel Skripkin)  [Orabug: 33099019]
- KVM: debugfs: Reuse binary stats descriptors (Jing Zhang)  [Orabug: 33099019]
- KVM: selftests: Add selftest for KVM statistics data binary interface (Jing Zhang)  [Orabug: 33099019]
- KVM: stats: Add documentation for binary statistics interface (Jing Zhang)  [Orabug: 33099019]
- KVM: stats: Support binary stats retrieval for a VCPU (Jing Zhang)  [Orabug: 33099019]
- KVM: stats: Support binary stats retrieval for a VM (Jing Zhang)  [Orabug: 33099019]
- KVM: stats: Add fd-based API to read binary stats data (Jing Zhang)  [Orabug: 33099019]
- KVM: stats: Separate generic stats from architecture specific ones (Jing Zhang)  [Orabug: 33099019]
- KVM: switch per-VM stats to u64 (Paolo Bonzini)  [Orabug: 33099019]
- kvm_host: unify VM_STAT and VCPU_STAT definitions in a single place (Emanuele Giuseppe Esposito)  [Orabug: 33099019]
- kvm: Refactor handling of VM debugfs files (Milan Pandurov)  [Orabug: 33099019]
- mpt3sas: avoid SOFT_RESET on shutdown (John Donnelly)  [Orabug: 33666018]
- scsi: mpt3sas: Clean up some inconsistent indenting (Colin Ian King)  [Orabug: 33666018]
- scsi: mpt3sas: Fix incorrectly assigned error return and check (Colin Ian King)  [Orabug: 33666018]
- scsi: mpt3sas: Introduce sas_ncq_prio_supported sysfs sttribute (Damien Le Moal)  [Orabug: 33666018]
- scsi: mpt3sas: Update driver version to 39.100.00.00 (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Use firmware recommended queue depth (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Bump driver version to 38.100.00.00 (Sreekanth Reddy)  [Orabug: 33666018]
- scsi: mpt3sas: Transition IOC to Ready state during shutdown (Sreekanth Reddy)  [Orabug: 33666018]
- scsi: mpt3sas: Fix Coverity reported issue (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Fix fall-through warnings for Clang (Gustavo A. R. Silva)  [Orabug: 33666018]
- scsi: mpt3sas: Handle firmware faults during second (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Handle firmware faults during first half of IOC init (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Fix deadlock while cancelling the running firmware event (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Documentation cleanup (Randy Dunlap)  [Orabug: 33666018]
- scsi: mpt3sas: Fix two kernel-doc headers (Bart Van Assche)  [Orabug: 33666018]
- scsi: mpt3sas: Fix out-of-bounds warnings in _ctl_addnl_diag_query (Gustavo A. R. Silva)  [Orabug: 33666018]
- scsi: mpt3sas: Fix endianness for ActiveCablePowerRequirement (Sreekanth Reddy)  [Orabug: 33666018]
- scsi: mpt3sas: Only one vSES is present even when IOC has multi vSES (Sreekanth Reddy)  [Orabug: 33666018]
- scsi: mpt3sas: Fix a typo (Bhaskar Chowdhury)  [Orabug: 33666018]
- scsi: mpt3sas: Fix a few kernel-doc issues (Lee Jones)  [Orabug: 33666018]
- scsi: mpt3sas: Update driver version to 37.101.00.00 (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Force reply post array allocations to be within same 4 GB region (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Force reply post buffer allocations to be within same 4 GB region (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Force reply buffer allocations to be within same 4 GB region (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Force sense buffer allocations to be within same 4 GB region (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Force chain buffer allocations to be within same 4 GB region (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Force PCIe scatterlist allocations to be within same 4 GB region (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Replace unnecessary dynamic allocation with a static one (Gustavo A. R. Silva)  [Orabug: 33666018]
- scsi: mpt3sas: Do not use GFP_KERNEL in atomic context (Christophe JAILLET)  [Orabug: 33666018]
- scsi: mpt3sas: Fix some kernel-doc misnaming issues (Lee Jones)  [Orabug: 33666018]
- scsi: mpt3sas: Fix a couple of misdocumented functions/params (Lee Jones)  [Orabug: 33666018]
- scsi: mpt3sas: Fix a bunch of potential naming doc-rot (Lee Jones)  [Orabug: 33666018]
- scsi: mpt3sas: Move a little data from the stack onto the heap (Lee Jones)  [Orabug: 33666018]
- scsi: mpt3sas: Fix misspelling of _base_put_smid_default_atomic() (Lee Jones)  [Orabug: 33666018]
- scsi: mpt3sas: Update driver version to 37.100.00.00 (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Additional diagnostic buffer query interface (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Fix ReplyPostFree pool allocation (Sreekanth Reddy)  [Orabug: 33666018]
- scsi: mpt3sas: Simplify bool comparison (YANG LI)  [Orabug: 33666018]
- scsi: mpt3sas: Fix spelling mistake in Kconfig "compatiblity" -> "compatibility" (Suganath Prabu S)  [Orabug: 33666018]
- scsi: mpt3sas: Signedness bug in _base_get_diag_triggers() (Dan Carpenter)  [Orabug: 33666018]
- mei: me: disable driver on the ign firmware (Alexander Usyskin)  [Orabug: 34018919]
- mei: add device kind to sysfs (Alexander Usyskin)  [Orabug: 34018919]
- mei: me: add MEI device for SPT with ITPS capability (Tomas Winkler)  [Orabug: 34018919]
- mei: me: make mei_me_fw_sku_sps_4() less cryptic (Tomas Winkler)  [Orabug: 34018919]
- mei: me: constify the device parameter to the probe quirk (Tomas Winkler)  [Orabug: 34018919]
- mei: me: disable mei interface on Mehlow server platforms (Tomas Winkler)  [Orabug: 34018919]
- mei: fix CNL itouch device number to match the spec. (Alexander Usyskin)  [Orabug: 34018919]
- mei: me: disable mei interface on LBG servers. (Tomas Winkler)  [Orabug: 34018919]
- mei: me: mei_me_dev_init() use struct device instead of struct pci_dev. (Tomas Winkler)  [Orabug: 34018919]
- x86/speculation: Restore speculation related MSRs during S3 resume (Pawan Gupta)  [Orabug: 34053700]
- net: bpf: Make bpf_ktime_get_ns() available to non GPL programs (Maciej Żenczykowski)  [Orabug: 34079481]

[5.4.17-2136.307.2.el8uek]
- net: sched: fix use-after-free in tc_new_tfilter() (Eric Dumazet)  [Orabug: 34027161]  {CVE-2022-1055}
- rds: ib: Initialize SG table properly (Håkon Bugge)  [Orabug: 34031913]
- Revert "rds/ib: recover rds connection from stuck rx path" (Rohit Nair)  [Orabug: 34039270]
- mm: memcontrol: slab: fix obtain a reference to a freeing memcg (Muchun Song)  [Orabug: 34045826]
- mm: memcg/slab: fix use after free in obj_cgroup_charge (Muchun Song)  [Orabug: 34045826]
- mm/page-writeback: Fix performance when BDI's share of ratio is 0. (Chi Wu)  [Orabug: 34050049]
- KVM: x86/mmu: do compare-and-exchange of gPTE via the user address (Paolo Bonzini)  [Orabug: 34034594]  {CVE-2022-1158}

[5.4.17-2136.307.1.el8uek]
- oracleasm: Fix block layer error conversion (Martin K. Petersen)  [Orabug: 33413872]
- oracleasm: Fix memory leak inadvertently caused by block layer changes (Martin K. Petersen)  [Orabug: 33413872]
- rds: Fix incorrect initialization order (Håkon Bugge)  [Orabug: 33519061]
- Fix switchdev transition after configuring 256 SFs (Mikhael Goikhman)  [Orabug: 33913142]
- net/mlx5: Remove all auxiliary devices at the unregister event (Leon Romanovsky)  [Orabug: 33913153]
- net/mlx5: E-Switch, handle devcom events only for ports on the same device (Roi Dayan)  [Orabug: 33913153]
- net/mlx5e: Don't create devices during unload flow (Dmytro Linkin)  [Orabug: 33913153]
- net/mlx5: Delete auxiliary bus driver eth-rep first (Maor Dickman)  [Orabug: 33913153]
- Fix deadlock with SFs created and devlink reload of parent PF (Mikhael Goikhman)  [Orabug: 33913153]
- phonet: refcount leak in pep_sock_accep (Hangyu Hua)  [Orabug: 33962760]  {CVE-2021-45095}
- bpf: Lift hashtab key_size limit (Florian Lehner)  [Orabug: 33968668]
- net/rds: Fix math on error code (Freddy Carrillo)  [Orabug: 33974713]
- rds: ib: Fix racy credit tracepoints (Håkon Bugge)  [Orabug: 33980855]
- mm: fix MADV_DONTEXEC to clear VM_EXEC_KEEP (Anthony Yznaga)  [Orabug: 33987399]
- ice: create scheduler aggregator node config and move VSIs (Kiran Patil)  [Orabug: 33993157]  {CVE-2020-24502} {CVE-2020-24503} {CVE-2020-245024}
- uek-rpm: update kABI lists for new symbols (Saeed Mirzamohammadi)  [Orabug: 33993775]
- sched/topology: Don't set SD_BALANCE_WAKE on cpuset domain relax (Valentin Schneider)  [Orabug: 33994395]
- esp: Fix possible buffer overflow in ESP transformation (Steffen Klassert)  [Orabug: 33997299]  {CVE-2022-27666}
- exec, elf: ignore invalid note data (Anthony Yznaga)  [Orabug: 34003080]
- netfilter: nf_tables: initialize registers in nft_do_chain() (Pablo Neira Ayuso)  [Orabug: 34012924]  {CVE-2022-1016}