Oracle Linux Security Advisory ELSA-2023-3723
https://linux.oracle.com/errata/ELSA-2023-3723.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
bpftool-7.0.0-284.18.1.el9_2.x86_64.rpm
kernel-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-abi-stablelists-5.14.0-284.18.1.el9_2.noarch.rpm
kernel-core-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-debug-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-debug-core-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-debug-devel-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-debug-devel-matched-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-debug-modules-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-debug-modules-core-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-debug-modules-extra-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-debug-uki-virt-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-devel-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-devel-matched-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-doc-5.14.0-284.18.1.el9_2.noarch.rpm
kernel-headers-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-modules-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-modules-core-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-modules-extra-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-tools-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-tools-libs-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-uki-virt-5.14.0-284.18.1.el9_2.x86_64.rpm
perf-5.14.0-284.18.1.el9_2.x86_64.rpm
python3-perf-5.14.0-284.18.1.el9_2.x86_64.rpm
rtla-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-cross-headers-5.14.0-284.18.1.el9_2.x86_64.rpm
kernel-tools-libs-devel-5.14.0-284.18.1.el9_2.x86_64.rpm
aarch64:
bpftool-7.0.0-284.18.1.el9_2.aarch64.rpm
kernel-headers-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-tools-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-tools-libs-5.14.0-284.18.1.el9_2.aarch64.rpm
perf-5.14.0-284.18.1.el9_2.aarch64.rpm
python3-perf-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-cross-headers-5.14.0-284.18.1.el9_2.aarch64.rpm
kernel-tools-libs-devel-5.14.0-284.18.1.el9_2.aarch64.rpm
SRPMS:
https://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-284.18.1.el9_2.src.rpm
Related CVEs:
CVE-2023-2002
CVE-2023-2124
CVE-2023-2194
CVE-2023-2235
CVE-2023-28466
CVE-2023-32233
Description of changes:
[5.14.0-284.18.1.el9_2.OL9]
- cifs: fix wrong unlock before return from cifs_tree_connect()
- docs: Remove the unnecessary unicode character
- perf vendor events intel: Refresh ivytown metrics and events
- perf vendor events: Update Intel ivytown
- perf vendor events intel: Refresh jaketown metrics and events
- perf vendor events: Update Intel jaketown
- NFSD: RHEL-only bug introduced in fix for COMMIT and NFS4ERR_DELAY loop
- NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop
- workqueue: Fix isolated CPUs interference problem
- sched/core: Fix arch_scale_freq_tick() on tickless systems
- ice: no busy waiting in GNSS thread and for SQ commands
- wdat_wdt: avoid watchdog timeout during reboot
- hugetlbfs: don't delete error page from pagecache
- mm/filemap: fix page end in filemap_get_read_batch
- isched/deadline: Add more reschedule cases to prio_changed_dl()
- sched/rt: Fix bad task migration for rt tasks
- blk-mq: directly poll requests
- KVM: VMX: Fix crash due to uninitialized current_vmcs
- wifi: iwlwifi: mvm: protect TXQ list manipulation
- crypto: jitter - permanent and intermittent health errors
- cpufreq: intel_pstate: hybrid: Use known scaling factor for P-cores
- cpufreq: intel_pstate: Read all MSRs on the target CPU
- cpufreq: intel_pstate: Enable HWP IO boost for all servers
- crypto: qat: Update QAT drivers upto v6.2
- info/owners.yaml: Adjust intel_qat subsystem entry
- net: tls: fix possible race condition between do_tls_getsockopt_conf and do_tls_setsockopt_conf() {CVE-2023-28466}
- i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() {CVE-2023-2194}
- xfs: verify buffer contents when we skip log replay {CVE-2023-2124}
- bluetooth: Perform careful capability checks in hci_sock_ioctl() {CVE-2023-2002}
- netfilter: nf_tables: deactivate anonymous set from preparation phase {CVE-2023-32233}
- perf: Fix check before add_event_to_groups() in perf_group_detach() {CVE-2023-2235}
[5.14.0-284.11.1.el9_2.OL9]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove nmap references from kernel (Mridula Shastry) [Orabug: 34313944]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
_______________________________________________
El-errata mailing list
[email protected]
https://oss.oracle.com/mailman/listinfo/el-errata
Oracle9: ELSA-2023-3723: kernel Important Security Update
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Summary
[5.14.0-284.18.1.el9_2.OL9] - cifs: fix wrong unlock before return from cifs_tree_connect() - docs: Remove the unnecessary unicode character - perf vendor events intel: Refresh ivytown metrics and events - perf vendor events: Update Intel ivytown - perf vendor events intel: Refresh jaketown metrics and events - perf vendor events: Update Intel jaketown - NFSD: RHEL-only bug introduced in fix for COMMIT and NFS4ERR_DELAY loop - NFSD: Fix problem of COMMIT and NFS4ERR_DELAY in infinite loop - workqueue: Fix isolated CPUs interference problem - sched/core: Fix arch_scale_freq_tick() on tickless systems - ice: no busy waiting in GNSS thread and for SQ commands - wdat_wdt: avoid watchdog timeout during reboot - hugetlbfs: don't delete error page from pagecache - mm/filemap: fix page end in filemap_get_read_batch - isched/deadline: Add more reschedule cases to prio_changed_dl() - sched/rt: Fix bad task migration for rt tasks - blk-mq: directly poll requests - KVM: VMX: Fix crash due to uninitialized current_vmcs - wifi: iwlwifi: mvm: protect TXQ list manipulation - crypto: jitter - permanent and intermittent health errors - cpufreq: intel_pstate: hybrid: Use known scaling factor for P-cores - cpufreq: intel_pstate: Read all MSRs on the target CPU - cpufreq: intel_pstate: Enable HWP IO boost for all servers - crypto: qat: Update QAT drivers upto v6.2 - info/owners.yaml: Adjust intel_qat subsystem entry - net: tls: fix possible race condition between do_tls_getsockopt_conf and do_tls_setsockopt_conf() {CVE-2023-28466} - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() {CVE-2023-2194} - xfs: verify buffer contents when we skip log replay {CVE-2023-2124} - bluetooth: Perform careful capability checks in hci_sock_ioctl() {CVE-2023-2002} - netfilter: nf_tables: deactivate anonymous set from preparation phase {CVE-2023-32233} - perf: Fix check before add_event_to_groups() in perf_group_detach() {CVE-2023-2235} [5.14.0-284.11.1.el9_2.OL9] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5] - Remove nmap references from kernel (Mridula Shastry) [Orabug: 34313944] - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
SRPMs
https://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-284.18.1.el9_2.src.rpm
x86_64
bpftool-7.0.0-284.18.1.el9_2.x86_64.rpm kernel-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-abi-stablelists-5.14.0-284.18.1.el9_2.noarch.rpm kernel-core-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-debug-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-debug-core-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-debug-devel-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-debug-devel-matched-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-debug-modules-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-debug-modules-core-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-debug-modules-extra-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-debug-uki-virt-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-devel-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-devel-matched-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-doc-5.14.0-284.18.1.el9_2.noarch.rpm kernel-headers-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-modules-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-modules-core-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-modules-extra-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-tools-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-tools-libs-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-uki-virt-5.14.0-284.18.1.el9_2.x86_64.rpm perf-5.14.0-284.18.1.el9_2.x86_64.rpm python3-perf-5.14.0-284.18.1.el9_2.x86_64.rpm rtla-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-cross-headers-5.14.0-284.18.1.el9_2.x86_64.rpm kernel-tools-libs-devel-5.14.0-284.18.1.el9_2.x86_64.rpm
aarch64
bpftool-7.0.0-284.18.1.el9_2.aarch64.rpm kernel-headers-5.14.0-284.18.1.el9_2.aarch64.rpm kernel-tools-5.14.0-284.18.1.el9_2.aarch64.rpm kernel-tools-libs-5.14.0-284.18.1.el9_2.aarch64.rpm perf-5.14.0-284.18.1.el9_2.aarch64.rpm python3-perf-5.14.0-284.18.1.el9_2.aarch64.rpm kernel-cross-headers-5.14.0-284.18.1.el9_2.aarch64.rpm kernel-tools-libs-devel-5.14.0-284.18.1.el9_2.aarch64.rpm
i386
Severity
Related CVEs:
CVE-2023-2002
CVE-2023-2124
CVE-2023-2194
CVE-2023-2235
CVE-2023-28466
CVE-2023-32233
News
HOWTOs
Features
About Us
Powered By
