[ELSA-2024-2004] kernel security and bug fix update
[3.10.0-1160.118.1.0.1]
- debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499}
[3.10.0-1160.118.1]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)
[3.10.0-1160.118.1]
- iommu/amd: Fix NULL dereference bug in match_hid_uid (Jerry Snitselaar) [RHEL-8721]
[3.10.0-1160.117.1]
- tracing/perf: Fix double put of trace event when init fails (Michael Petlan) [RHEL-18052]
- tracing: Fix race in perf_trace_buf initialization (Michael Petlan) [RHEL-18052]
- net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve (Davide Caratti) [RHEL-16458] {CVE-2023-4623}
- net/sched: sch_hfsc: Ensure inner classes have fsc curve (Davide Caratti) [RHEL-16458] {CVE-2023-4623}
- gfs2: Fix invalid metadata access in punch_hole (Andrew Price) [RHEL-28785]
- vt: vt_ioctl: fix race in VT_RESIZEX (Jay Shin) [RHEL-28639] {CVE-2020-36558}
- selinux: cleanup and consolidate the XFRM alloc/clone/delete/free code (Ondrej Mosnacek) [RHEL-27751]
- bluetooth: Add cmd validity checks at the start of hci_sock_ioctl() (David Marlin) [RHEL-3682] {CVE-2023-2002}
- bluetooth: Perform careful capability checks in hci_sock_ioctl() (David Marlin) [RHEL-3682] {CVE-2023-2002}
- cifs: fix panic in smb2_reconnect (Jay Shin) [RHEL-26301]
- af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (Guillaume Nault) [RHEL-16144] {CVE-2023-4622}
- NFS: Set the stable writes BDI capability (Benjamin Coddington) [RHEL-22193]
- RDMA/i40iw: Prevent zero-length STAG registration (Kamal Heib) [RHEL-6299] {CVE-2023-25775}
- sched/membarrier: reduce the ability to hammer on sys_membarrier (Wander Lairson Costa) [RHEL-26402] {CVE-2024-26602}
[3.10.0-1160.116.1]
- bluetooth: Add cmd validity checks at the start of hci_sock_ioctl() (David Marlin) [RHEL-3682] {CVE-2023-2002}
- bluetooth: Perform careful capability checks in hci_sock_ioctl() (David Marlin) [RHEL-3682] {CVE-2023-2002}
- cifs: fix panic in smb2_reconnect (Jay Shin) [RHEL-26301]
[3.10.0-1160.115.1]
- af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (Guillaume Nault) [RHEL-16144] {CVE-2023-4622}
- NFS: Set the stable writes BDI capability (Benjamin Coddington) [RHEL-22193]
- ID
- ELSA-2024-2004
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2024-2004.html
- Published
-
2024-04-23T00:00:00
(4 months ago) - Modified
-
2024-04-23T00:00:00
(4 months ago) - Rights
- Copyright 2024 Oracle, Inc.
- Other Advisories
-
- ALAS-2023-1838
- ALAS2-2023-2027
- ALAS2-2023-2264
- ALSA-2022:7683
- ALSA-2023:3723
- ALSA-2023:5244
- ALSA-2024:0113
- ALSA-2024:0897
- ALSA-2024:3138
- DSA-5480-1
- DSA-5492-1
- DSA-5594-1
- ELSA-2022-7683
- ELSA-2022-9761
- ELSA-2023-13039
- ELSA-2023-13043
- ELSA-2023-3723
- ELSA-2023-5244
- ELSA-2024-0461
- ELSA-2024-0897
- ELSA-2024-12069
- ELSA-2024-12094
- ELSA-2024-12149
- ELSA-2024-12150
- ELSA-2024-12151
- ELSA-2024-12153
- ELSA-2024-12154
- ELSA-2024-12159
- ELSA-2024-12187
- ELSA-2024-2394
- ELSA-2024-3138
- MS:CVE-2023-4622
- RHSA-2022:7444
- RHSA-2022:7683
- RHSA-2023:3708
- RHSA-2023:3723
- RHSA-2023:5244
- RHSA-2023:5255
- RHSA-2024:0089
- RHSA-2024:0113
- RHSA-2024:0134
- RHSA-2024:0340
- RHSA-2024:0876
- RHSA-2024:0881
- RHSA-2024:0897
- RHSA-2024:1960
- RHSA-2024:2003
- RHSA-2024:2004
- RHSA-2024:2950
- RHSA-2024:3138
- RLSA-2022:7683
- RLSA-2023:5244
- RLSA-2024:3138
- SSA:2023-172-02
- SSA:2023-325-01
- SUSE-SU-2022:2719-1
- SUSE-SU-2022:2720-1
- SUSE-SU-2022:2721-1
- SUSE-SU-2022:2723-1
- SUSE-SU-2022:2741-1
- SUSE-SU-2022:2809-1
- SUSE-SU-2022:2827-1
- SUSE-SU-2022:2840-1
- SUSE-SU-2022:2875-1
- SUSE-SU-2022:2875-2
- SUSE-SU-2022:2892-1
- SUSE-SU-2022:2892-2
- SUSE-SU-2022:2910-1
- SUSE-SU-2022:3274-1
- SUSE-SU-2022:4027-1
- SUSE-SU-2022:4129-1
- SUSE-SU-2023:0416-1
- SUSE-SU-2023:2500-1
- SUSE-SU-2023:2646-1
- SUSE-SU-2023:2653-1
- SUSE-SU-2023:2782-1
- SUSE-SU-2023:2804-1
- SUSE-SU-2023:2808-1
- SUSE-SU-2023:2809-1
- SUSE-SU-2023:2810-1
- SUSE-SU-2023:2822-1
- SUSE-SU-2023:2830-1
- SUSE-SU-2023:2834-1
- SUSE-SU-2023:2859-1
- SUSE-SU-2023:2871-1
- SUSE-SU-2023:3035-1
- SUSE-SU-2023:3036-1
- SUSE-SU-2023:3046-1
- SUSE-SU-2023:3055-1
- SUSE-SU-2023:3063-1
- SUSE-SU-2023:3069-1
- SUSE-SU-2023:3073-1
- SUSE-SU-2023:3075-1
- SUSE-SU-2023:3076-1
- SUSE-SU-2023:3079-1
- SUSE-SU-2023:3081-1
- SUSE-SU-2023:3083-1
- SUSE-SU-2023:3104-1
- SUSE-SU-2023:3107-1
- SUSE-SU-2023:3111-1
- SUSE-SU-2023:3116-1
- SUSE-SU-2023:3153-1
- SUSE-SU-2023:4028-1
- SUSE-SU-2023:4030-1
- SUSE-SU-2023:4031-1
- SUSE-SU-2023:4032-1
- SUSE-SU-2023:4033-1
- SUSE-SU-2023:4035-1
- SUSE-SU-2023:4057-1
- SUSE-SU-2023:4058-1
- SUSE-SU-2023:4071-1
- SUSE-SU-2023:4072-1
- SUSE-SU-2023:4072-2
- SUSE-SU-2023:4093-1
- SUSE-SU-2023:4095-1
- SUSE-SU-2023:4142-1
- SUSE-SU-2023:4164-1
- SUSE-SU-2023:4165-1
- SUSE-SU-2023:4166-1
- SUSE-SU-2023:4175-1
- SUSE-SU-2023:4201-1
- SUSE-SU-2023:4204-1
- SUSE-SU-2023:4208-1
- SUSE-SU-2023:4219-1
- SUSE-SU-2023:4239-1
- SUSE-SU-2023:4243-1
- SUSE-SU-2023:4244-1
- SUSE-SU-2023:4245-1
- SUSE-SU-2023:4260-1
- SUSE-SU-2023:4261-1
- SUSE-SU-2023:4267-1
- SUSE-SU-2023:4273-1
- SUSE-SU-2023:4278-1
- SUSE-SU-2023:4279-1
- SUSE-SU-2023:4280-1
- SUSE-SU-2023:4285-1
- SUSE-SU-2023:4300-1
- SUSE-SU-2023:4301-1
- SUSE-SU-2023:4308-1
- SUSE-SU-2023:4313-1
- SUSE-SU-2023:4321-1
- SUSE-SU-2023:4322-1
- SUSE-SU-2023:4325-1
- SUSE-SU-2023:4326-1
- SUSE-SU-2023:4328-1
- SUSE-SU-2023:4347-1
- SUSE-SU-2023:4730-1
- SUSE-SU-2023:4731-1
- SUSE-SU-2023:4732-1
- SUSE-SU-2023:4734-1
- SUSE-SU-2023:4766-1
- SUSE-SU-2023:4775-1
- SUSE-SU-2023:4782-1
- SUSE-SU-2023:4795-1
- SUSE-SU-2023:4796-1
- SUSE-SU-2023:4799-1
- SUSE-SU-2023:4801-1
- SUSE-SU-2023:4802-1
- SUSE-SU-2023:4805-1
- SUSE-SU-2023:4810-1
- SUSE-SU-2023:4817-1
- SUSE-SU-2023:4820-1
- SUSE-SU-2023:4822-1
- SUSE-SU-2023:4831-1
- SUSE-SU-2023:4833-1
- SUSE-SU-2023:4836-1
- SUSE-SU-2023:4841-1
- SUSE-SU-2023:4847-1
- SUSE-SU-2023:4848-1
- SUSE-SU-2023:4849-1
- SUSE-SU-2023:4862-1
- SUSE-SU-2023:4863-1
- SUSE-SU-2023:4866-1
- SUSE-SU-2023:4871-1
- SUSE-SU-2023:4872-1
- USN-6173-1
- USN-6283-1
- USN-6300-1
- USN-6311-1
- USN-6332-1
- USN-6340-1
- USN-6340-2
- USN-6347-1
- USN-6349-1
- USN-6357-1
- USN-6385-1
- USN-6397-1
- USN-6415-1
- USN-6439-1
- USN-6439-2
- USN-6440-1
- USN-6440-2
- USN-6440-3
- USN-6441-1
- USN-6441-2
- USN-6441-3
- USN-6442-1
- USN-6444-1
- USN-6444-2
- USN-6445-1
- USN-6445-2
- USN-6446-1
- USN-6446-2
- USN-6446-3
- USN-6460-1
- USN-6466-1
- USN-6496-1
- USN-6496-2
- USN-6502-1
- USN-6502-2
- USN-6502-3
- USN-6502-4
- USN-6516-1
- USN-6520-1
- USN-6701-1
- USN-6701-2
- USN-6701-3
- USN-6701-4
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2024-2004 | https://linux.oracle.com/errata/ELSA-2024-2004.html | |
CVE | CVE-2023-4623 | https://linux.oracle.com/cve/CVE-2023-4623.html | |
CVE | CVE-2023-2002 | https://linux.oracle.com/cve/CVE-2023-2002.html | |
CVE | CVE-2023-4622 | https://linux.oracle.com/cve/CVE-2023-4622.html | |
CVE | CVE-2023-25775 | https://linux.oracle.com/cve/CVE-2023-25775.html | |
CVE | CVE-2020-36558 | https://linux.oracle.com/cve/CVE-2020-36558.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/python-perf?distro=oraclelinux-7 | oraclelinux | python-perf | < 3.10.0-1160.118.1.0.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/perf?distro=oraclelinux-7 | oraclelinux | perf | < 3.10.0-1160.118.1.0.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel?distro=oraclelinux-7 | oraclelinux | kernel | < 3.10.0-1160.118.1.0.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools?distro=oraclelinux-7 | oraclelinux | kernel-tools | < 3.10.0-1160.118.1.0.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs | < 3.10.0-1160.118.1.0.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-tools-libs-devel?distro=oraclelinux-7 | oraclelinux | kernel-tools-libs-devel | < 3.10.0-1160.118.1.0.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-headers?distro=oraclelinux-7 | oraclelinux | kernel-headers | < 3.10.0-1160.118.1.0.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-doc?distro=oraclelinux-7 | oraclelinux | kernel-doc | < 3.10.0-1160.118.1.0.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-devel?distro=oraclelinux-7 | oraclelinux | kernel-devel | < 3.10.0-1160.118.1.0.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug?distro=oraclelinux-7 | oraclelinux | kernel-debug | < 3.10.0-1160.118.1.0.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-debug-devel | < 3.10.0-1160.118.1.0.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-abi-whitelists?distro=oraclelinux-7 | oraclelinux | kernel-abi-whitelists | < 3.10.0-1160.118.1.0.1.el7 | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-7 | oraclelinux | bpftool | < 3.10.0-1160.118.1.0.1.el7 | oraclelinux-7 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |