[ELSA-2023-7549] kernel security and bug fix update
Severity
Important
Affected Packages
20
CVEs
7
[4.18.0-513.9.1_9.OL8]
- media: dvb-core: Fix use-after-free due to race at dvb_register_device() (Mauro Carvalho Chehab) {CVE-2022-45884}
- cifs: Fix UAF in cifs_demultiplex_thread() (Zhang Xiaoxu) {CVE-2023-1192}
- nvmet-tcp: Fix a possible UAF in queue intialization setup (Sagi Grimberg) {CVE-2023-5178}
- net: tun: fix bugs for oversize packet when napi frags enabled (Ziyang Xuan) {CVE-2023-3812}
- bpf: Fix incorrect verifier pruning due to missing register precision taints (Daniel Borkmann) (Andrii Nakryiko) {CVE-2023-2163}
- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (Hyunwoo Kim) {CVE-2022-45919}
- media: dvbdev: fix error logic at dvb_register_device() (Mauro Carvalho Chehab)
- media: dvbdev: Fix memleak in dvb_register_device (Dinghao Liu)
- media: dvb-core: Fix use-after-free due on race condition at dvb_net (Hyunwoo Kim} {CVE-2022-45886}
[4.18.0-513.5.1_9.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- Drop not needed patch
- ID
- ELSA-2023-7549
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2023-7549.html
- Published
-
2023-12-01T00:00:00
(9 months ago) - Modified
-
2023-12-01T00:00:00
(9 months ago) - Rights
- Copyright 2023 Oracle, Inc.
- Other Advisories
-
-
ALSA-2023:7549
-
DSA-5594-1
-
ELSA-2023-12199
-
ELSA-2023-12200
-
ELSA-2023-12206
-
ELSA-2023-12207
-
ELSA-2023-13043
-
ELSA-2023-13044
-
ELSA-2023-13047
-
ELSA-2023-13048
-
ELSA-2023-13049
-
ELSA-2023-7749
-
ELSA-2024-0461
-
ELSA-2024-12094
-
MS:CVE-2023-1192
-
MS:CVE-2023-3812
-
MS:CVE-2023-5178
-
RHSA-2023:7548
-
RHSA-2023:7549
-
RHSA-2023:7554
-
RHSA-2024:0340
-
RLSA-2023:7549
-
SSA:2023-325-01
-
SUSE-SU-2023:2500-1
-
SUSE-SU-2023:2501-1
-
SUSE-SU-2023:2502-1
-
SUSE-SU-2023:2507-1
-
SUSE-SU-2023:2534-1
-
SUSE-SU-2023:2537-1
-
SUSE-SU-2023:2538-1
-
SUSE-SU-2023:2611-1
-
SUSE-SU-2023:2646-1
-
SUSE-SU-2023:2651-1
-
SUSE-SU-2023:2653-1
-
SUSE-SU-2023:2782-1
-
SUSE-SU-2023:2805-1
-
SUSE-SU-2023:2809-1
-
SUSE-SU-2023:2871-1
-
SUSE-SU-2023:3171-1
-
SUSE-SU-2023:3172-1
-
SUSE-SU-2023:3180-1
-
SUSE-SU-2023:3182-1
-
SUSE-SU-2023:3302-1
-
SUSE-SU-2023:3318-1
-
SUSE-SU-2023:3333-1
-
SUSE-SU-2023:3390-1
-
SUSE-SU-2023:3391-1
-
SUSE-SU-2023:3421-1
-
SUSE-SU-2023:3601-1
-
SUSE-SU-2023:3680-1
-
SUSE-SU-2023:3681-1
-
SUSE-SU-2023:3705-1
-
SUSE-SU-2023:3748-1
-
SUSE-SU-2023:3749-1
-
SUSE-SU-2023:3768-1
-
SUSE-SU-2023:3772-1
-
SUSE-SU-2023:3783-1
-
SUSE-SU-2023:3786-1
-
SUSE-SU-2023:3788-1
-
SUSE-SU-2023:3809-1
-
SUSE-SU-2023:3811-1
-
SUSE-SU-2023:3812-1
-
SUSE-SU-2023:3838-1
-
SUSE-SU-2023:3844-1
-
SUSE-SU-2023:3846-1
-
SUSE-SU-2023:3889-1
-
SUSE-SU-2023:3892-1
-
SUSE-SU-2023:3893-1
-
SUSE-SU-2023:3928-1
-
SUSE-SU-2023:3988-1
-
SUSE-SU-2023:4028-1
-
SUSE-SU-2023:4030-1
-
SUSE-SU-2023:4031-1
-
SUSE-SU-2023:4032-1
-
SUSE-SU-2023:4033-1
-
SUSE-SU-2023:4057-1
-
SUSE-SU-2023:4058-1
-
SUSE-SU-2023:4071-1
-
SUSE-SU-2023:4072-1
-
SUSE-SU-2023:4072-2
-
SUSE-SU-2023:4093-1
-
SUSE-SU-2023:4095-1
-
SUSE-SU-2023:4142-1
-
SUSE-SU-2023:4343-1
-
SUSE-SU-2023:4345-1
-
SUSE-SU-2023:4347-1
-
SUSE-SU-2023:4348-1
-
SUSE-SU-2023:4351-1
-
SUSE-SU-2023:4358-1
-
SUSE-SU-2023:4375-1
-
SUSE-SU-2023:4377-1
-
SUSE-SU-2023:4378-1
-
SUSE-SU-2023:4414-1
-
SUSE-SU-2023:4766-1
-
SUSE-SU-2023:4775-1
-
SUSE-SU-2023:4776-1
-
SUSE-SU-2023:4796-1
-
SUSE-SU-2023:4801-1
-
SUSE-SU-2023:4802-1
-
SUSE-SU-2023:4805-1
-
SUSE-SU-2023:4817-1
-
SUSE-SU-2023:4820-1
-
SUSE-SU-2023:4822-1
-
SUSE-SU-2023:4833-1
-
SUSE-SU-2023:4835-1
-
SUSE-SU-2023:4836-1
-
SUSE-SU-2023:4839-1
-
SUSE-SU-2023:4841-1
-
SUSE-SU-2023:4848-1
-
SUSE-SU-2023:4849-1
-
SUSE-SU-2023:4862-1
-
SUSE-SU-2023:4863-1
-
SUSE-SU-2023:4866-1
-
SUSE-SU-2023:4867-1
-
SUSE-SU-2023:4871-1
-
SUSE-SU-2023:4872-1
-
SUSE-SU-2024:0331-1
-
SUSE-SU-2024:0348-1
-
SUSE-SU-2024:0352-1
-
SUSE-SU-2024:0378-1
-
SUSE-SU-2024:0395-1
-
SUSE-SU-2024:0414-1
-
SUSE-SU-2024:0421-1
-
SUSE-SU-2024:1454-1
-
SUSE-SU-2024:1489-1
-
USN-6300-1
-
USN-6311-1
-
USN-6332-1
-
USN-6340-1
-
USN-6340-2
-
USN-6347-1
-
USN-6349-1
-
USN-6357-1
-
USN-6385-1
-
USN-6397-1
-
USN-6412-1
-
USN-6466-1
-
USN-6497-1
-
USN-6534-1
-
USN-6534-2
-
USN-6534-3
-
USN-6536-1
-
USN-6537-1
-
USN-6548-1
-
USN-6548-2
-
USN-6548-3
-
USN-6548-4
-
USN-6548-5
-
USN-6549-1
-
USN-6549-2
-
USN-6549-3
-
USN-6549-4
-
USN-6549-5
-
USN-6573-1
-
USN-6635-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2023-7549 |
|
|
| CVE | CVE-2023-2163 |
|
|
| CVE | CVE-2023-3812 |
|
|
| CVE | CVE-2022-45884 |
|
|
| CVE | CVE-2023-1192 |
|
|
| CVE | CVE-2022-45919 |
|
|
| CVE | CVE-2022-45886 |
|
|
| CVE | CVE-2023-5178 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/python3-perf?distro=oraclelinux-8.9 | oraclelinux |
 python3-perf
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-8.9 | oraclelinux |
perf
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-8.9 | oraclelinux |
kernel
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-8.9 | oraclelinux |
kernel-tools
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-8.9 | oraclelinux |
kernel-tools-libs
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-8.9 | oraclelinux |
kernel-tools-libs-devel
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-modules?distro=oraclelinux-8.9 | oraclelinux |
kernel-modules
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-modules-extra?distro=oraclelinux-8.9 | oraclelinux |
kernel-modules-extra
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-8.9 | oraclelinux |
kernel-headers
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-8.9 | oraclelinux |
kernel-doc
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-8.9 | oraclelinux |
kernel-devel
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-8.9 | oraclelinux |
kernel-debug
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-debug-modules?distro=oraclelinux-8.9 | oraclelinux |
kernel-debug-modules
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-debug-modules-extra?distro=oraclelinux-8.9 | oraclelinux |
kernel-debug-modules-extra
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-8.9 | oraclelinux |
kernel-debug-devel
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-debug-core?distro=oraclelinux-8.9 | oraclelinux |
kernel-debug-core
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-cross-headers?distro=oraclelinux-8.9 | oraclelinux |
kernel-cross-headers
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-core?distro=oraclelinux-8.9 | oraclelinux |
kernel-core
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-abi-stablelists?distro=oraclelinux-8.9 | oraclelinux |
kernel-abi-stablelists
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 | ||
| Affected | pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-8.9 | oraclelinux |
bpftool
|
< 4.18.0-513.9.1.el8_9 | oraclelinux-8.9 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |