[ELSA-2022-1198] kernel security, bug fix, and enhancement update
[3.10.0-1160.62.1.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)
[3.10.0-1160.62.1]
- cifs: fix handling of DFS links where we can not access all components (Ronnie Sahlberg) [1937304]
- redhat: kernel.spec: install new kernel boot entry in posttrans, not post (Denys Vlasenko) [1893756]
- [s390] s390/cpumf: Support for CPU Measurement Facility CSVN 7 (Mete Durlu) [2048920]
- dm table: fix iterate_devices based device capability checks (Mike Snitzer) [2054743]
- buffer: eliminate the need to call free_more_memory() in __getblk_slow() (Carlos Maiolino) [2030609]
- buffer: grow_dev_page() should use __GFP_NOFAIL for all cases (Carlos Maiolino) [2030609]
- buffer: have alloc_page_buffers() use __GFP_NOFAIL (Carlos Maiolino) [2030609]
- mm: memcg: do not fail __GFP_NOFAIL charges (Rafael Aquini) [2054345]
- mm: filemap: do not drop action modifier flags from the gfp_mask passed to __add_to_page_cache_locked() (Rafael Aquini) [2054345]
- Added ZSTREAM=yes to makefile (Lucas Zampieri)
[3.10.0-1160.61.1]
- x86/efi: reset the correct tlb_state when returning from efi_switch_mm() (Rafael Aquini) [2055587]
[3.10.0-1160.60.1]
- svcrdma: Fix leak of svc_rdma_recv_ctxt objects (Benjamin Coddington) [2028740]
- sunrpc: Remove unneeded pointer dereference (Benjamin Coddington) [2028740]
- x86/platform/uv: Add more to secondary CPU kdump info (Frank Ramsay) [2042462]
- [s390] s390/AP: support new dynamic AP bus size limit (Claudio Imbrenda) [1997156]
- CI: Enable baseline realtime checks (Veronika Kabatova)
- CI: Rename pipelines to include release names (Veronika Kabatova)
- RDMA/cma: Do not change route.addr.src_addr.ss_family (Kamal Heib) [2032075] {CVE-2021-4028}
- fget: clarify and improve __fget_files() implementation (Miklos Szeredi) [2032478] {CVE-2021-4083}
- fget: check that the fd still exists after getting a ref to it (Miklos Szeredi) [2032478] {CVE-2021-4083}
- net: Set fput_needed iff FDPUT_FPUT is set (Miklos Szeredi) [2032478] {CVE-2021-4083}
- vfs, fdtable: Add fget_task helper (Miklos Szeredi) [2032478] {CVE-2021-4083}
- fs: add fget_many() and fput_many() (Miklos Szeredi) [2032478] {CVE-2021-4083}
- fs/file.c: __fget() and dup2() atomicity rules (Miklos Szeredi) [2032478] {CVE-2021-4083}
- vfs: Don't let __fdget_pos() get FMODE_PATH files (Miklos Szeredi) [2032478] {CVE-2021-4083}
- get rid of fget_light() (Miklos Szeredi) [2032478] {CVE-2021-4083}
- sockfd_lookup_light(): switch to fdgetWWaway from fget_light (Miklos Szeredi) [2032478] {CVE-2021-4083}
- fs: __fget_light() can use __fget() in slow path (Miklos Szeredi) [2032478] {CVE-2021-4083}
- fs: factor out common code in fget_light() and fget_raw_light() (Miklos Szeredi) [2032478] {CVE-2021-4083}
- fs: factor out common code in fget() and fget_raw() (Miklos Szeredi) [2032478] {CVE-2021-4083}
- introduce __fcheck_files() to fix rcu_dereference_check_fdtable(), kill rcu_my_thread_group_empty() (Miklos Szeredi) [2032478] {CVE-2021-4083}
- ID
- ELSA-2022-1198
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2022-1198.html
- Published
-
2022-04-06T00:00:00
(2 years ago) - Modified
-
2022-04-06T00:00:00
(2 years ago) - Rights
- Copyright 2022 Oracle, Inc.
- Other Advisories
-
- ALAS2-2022-1749
- ALSA-2022:1550
- ALSA-2022:1988
- ASB-A-216408350
- DSA-5096-1
- ELSA-2022-1550
- ELSA-2022-1988
- MS:CVE-2021-4083
- openSUSE-SU-2022:0169-1
- openSUSE-SU-2022:0198-1
- openSUSE-SU-2022:0366-1
- RHSA-2022:1185
- RHSA-2022:1198
- RHSA-2022:1199
- RHSA-2022:1535
- RHSA-2022:1550
- RHSA-2022:1555
- RHSA-2022:1975
- RHSA-2022:1988
- RLSA-2022:1988
- SSA:2022-031-01
- SUSE-SU-2022:0080-1
- SUSE-SU-2022:0169-1
- SUSE-SU-2022:0197-1
- SUSE-SU-2022:0198-1
- SUSE-SU-2022:0257-1
- SUSE-SU-2022:0270-1
- SUSE-SU-2022:0288-1
- SUSE-SU-2022:0289-1
- SUSE-SU-2022:0293-1
- SUSE-SU-2022:0295-1
- SUSE-SU-2022:0362-1
- SUSE-SU-2022:0364-1
- SUSE-SU-2022:0366-1
- SUSE-SU-2022:0367-1
- SUSE-SU-2022:0371-1
- SUSE-SU-2022:0372-1
- SUSE-SU-2022:0418-1
- SUSE-SU-2022:0436-1
- SUSE-SU-2022:0463-1
- SUSE-SU-2022:0477-1
- SUSE-SU-2022:0552-1
- SUSE-SU-2022:0555-1
- USN-5278-1
- USN-5294-1
- USN-5294-2
- USN-5295-1
- USN-5295-2
- USN-5297-1
- USN-5298-1
- USN-5361-1
- USN-5362-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2022-1198 | https://linux.oracle.com/errata/ELSA-2022-1198.html | |
CVE | CVE-2021-4028 | https://linux.oracle.com/cve/CVE-2021-4028.html | |
CVE | CVE-2021-4083 | https://linux.oracle.com/cve/CVE-2021-4083.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux | python-perf | < 3.10.0-1160.62.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux | perf | < 3.10.0-1160.62.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 | oraclelinux | kernel | < 3.10.0-1160.62.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 | oraclelinux | kernel-tools | < 3.10.0-1160.62.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs | < 3.10.0-1160.62.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs-devel | < 3.10.0-1160.62.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 | oraclelinux | kernel-headers | < 3.10.0-1160.62.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 | oraclelinux | kernel-doc | < 3.10.0-1160.62.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 | oraclelinux | kernel-devel | < 3.10.0-1160.62.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 | oraclelinux | kernel-debug | < 3.10.0-1160.62.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-debug-devel | < 3.10.0-1160.62.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 | oraclelinux | kernel-abi-whitelists | < 3.10.0-1160.62.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-7 | oraclelinux | bpftool | < 3.10.0-1160.62.1.el7 | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |