What Are You Looking For?

Sign Up
Oracle Linux Security Advisory ELSA-2022-9486

https://linux.oracle.com/errata/ELSA-2022-9486.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-container-5.4.17-2136.308.9.el8.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.308.9.el8.x86_64.rpm


SRPMS:
https://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-container-5.4.17-2136.308.9.el8.src.rpm

Related CVEs:

CVE-2022-21123
CVE-2022-21125
CVE-2022-21127
CVE-2022-21166




Description of changes:

[5.4.17-2136.308.9.el8]
- x86/speculation/mmio: Fix late microcode loading (Patrick Colp)  [Orabug:
  34276099]

[5.4.17-2136.308.8.el8]
- Add debugfs for controlling MMIO state data (Kanth Ghatraju)  [Orabug: 34202259]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- KVM: x86/speculation: Disable Fill buffer clear within guests (Pawan Gupta)  [Orabug: 34202259]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/mmio: Reuse SRBDS mitigation for SBDS (Pawan Gupta)  [Orabug: 34202259]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/srbds: Update SRBDS mitigation selection (Pawan Gupta)  [Orabug: 34202259]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data (Pawan Gupta)  [Orabug: 34202259]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/mmio: Enable CPU Fill buffer clearing on idle (Pawan Gupta)  [Orabug: 34202259]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations (Pawan Gupta)  [Orabug: 34202259]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data (Pawan Gupta)  [Orabug: 34202259]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation: Add a common function for MD_CLEAR mitigation update (Pawan Gupta)  [Orabug: 34202259]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug (Pawan Gupta)  [Orabug: 34202259]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- Documentation: Add documentation for Processor MMIO Stale Data (Pawan Gupta)  [Orabug: 34202259]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}

_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle8: ELSA-2022-9486: kernel Important Security Update

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

[5.4.17-2136.308.9.el8] - x86/speculation/mmio: Fix late microcode loading (Patrick Colp) [Orabug: 34276099] [5.4.17-2136.308.8.el8] - Add debugfs for controlling MMIO state data (Kanth Ghatraju) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166} - KVM: x86/speculation: Disable Fill buffer clear within guests (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166} - x86/speculation/mmio: Reuse SRBDS mitigation for SBDS (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166} - x86/speculation/srbds: Update SRBDS mitigation selection (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166} - x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166} - x86/speculation/mmio: Enable CPU Fill buffer clearing on idle (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166} - x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166} - x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166} - x86/speculation: Add a common function for MD_CLEAR mitigation update (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166} - x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166} - Documentation: Add documentation for Processor MMIO Stale Data (Pawan Gupta) [Orabug: 34202259] {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}

SRPMs

https://oss.oracle.com/ol8/SRPMS-updates/kernel-uek-container-5.4.17-2136.308.9.el8.src.rpm

x86_64

kernel-uek-container-5.4.17-2136.308.9.el8.x86_64.rpm kernel-uek-container-debug-5.4.17-2136.308.9.el8.x86_64.rpm

aarch64

i386

Severity
Related CVEs: CVE-2022-21123 CVE-2022-21125 CVE-2022-21127 CVE-2022-21166

Related News

How Kali Linux Can Help Security Test Your Network

Nov 21, 2023

Tails 5.20 Brings Latest Tor Browser, Ditches AdGuard Filter List

Nov 29, 2023

CISA Orders Federal Agencies to Patch Looney Tunables Linux Bug

Nov 25, 2023

How Meta Patches Linux at Hyperscale

Dec 2, 2023

News

Advisories

HOWTOs

Features

Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses

About Us

Powered By

Footer Logo