[El-errata] ELSA-2024-12094 Important: Oracle Linux 9 kernel security update

Sat Jan 27 06:13:04 UTC 2024

Oracle Linux Security Advisory ELSA-2024-12094

http://linux.oracle.com/errata/ELSA-2024-12094.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-7.2.0-362.18.0.1.el9_3.x86_64.rpm
kernel-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-abi-stablelists-5.14.0-362.18.0.1.el9_3.noarch.rpm
kernel-core-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-debug-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-debug-core-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-debug-modules-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-debug-modules-extra-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-modules-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-modules-extra-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-tools-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-tools-libs-5.14.0-362.18.0.1.el9_3.x86_64.rpm
python3-perf-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-debug-devel-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-debug-devel-matched-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-devel-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-devel-matched-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-doc-5.14.0-362.18.0.1.el9_3.noarch.rpm
kernel-headers-5.14.0-362.18.0.1.el9_3.x86_64.rpm
perf-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-cross-headers-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-tools-libs-devel-5.14.0-362.18.0.1.el9_3.x86_64.rpm
libperf-5.14.0-362.18.0.1.el9_3.x86_64.rpm
rtla-5.14.0-362.18.0.1.el9_3.x86_64.rpm
rv-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-debug-modules-core-5.14.0-362.18.0.1.el9_3.x86_64.rpm
kernel-modules-core-5.14.0-362.18.0.1.el9_3.x86_64.rpm

aarch64:
bpftool-7.2.0-362.18.0.1.el9_3.aarch64.rpm
kernel-tools-5.14.0-362.18.0.1.el9_3.aarch64.rpm
kernel-tools-libs-5.14.0-362.18.0.1.el9_3.aarch64.rpm
python3-perf-5.14.0-362.18.0.1.el9_3.aarch64.rpm
kernel-headers-5.14.0-362.18.0.1.el9_3.aarch64.rpm
perf-5.14.0-362.18.0.1.el9_3.aarch64.rpm
kernel-cross-headers-5.14.0-362.18.0.1.el9_3.aarch64.rpm
kernel-tools-libs-devel-5.14.0-362.18.0.1.el9_3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-362.18.0.1.el9_3.src.rpm

Related CVEs:

CVE-2022-3545
CVE-2022-41858
CVE-2023-2166
CVE-2023-2176
CVE-2023-3777
CVE-2023-3812
CVE-2023-4015
CVE-2023-4622
CVE-2023-5178
CVE-2023-38409
CVE-2023-40283
CVE-2023-42753
CVE-2023-46813

Description of changes:

- [5.14.0-362.18.0.1.el9_3.OL9]
- nfp: fix use-after-free in area_cache_get() (Jialiang Wang) {CVE-2022-3545}
- drivers: net: slip: fix NPD bug in sl_tx_timeout() (Duoming Zhou) {CVE-2022-41858}
- can: af_can: fix NULL pointer dereference in can_rcv_filter (Oliver Hartkopp) {CVE-2023-2166}
- RDMA/core: Fix resolve_prepare_src error cleanup (Patrisious Haddad) {CVE-2023-2176}
- netfilter: nf_tables: skip bound chain on rule flush (Pablo Neira Ayuso} {CVE-2023-3777}
- net: tun: fix bugs for oversize packet when napi frags enabled (Ziyang Xuan) {CVE-2023-3812}
- netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR (Pablo Neira Ayuso) {CVE-2023-4015}
- af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (Kuniyuki Iwashima) {CVE-2023-4622}
- nvmet-tcp: Fix a possible UAF in queue intialization setup (Sagi Grimberg) {CVE-2023-5178}
- fbcon: set_con2fb_map needs to set con2fb_map! (Daniel Vetter) {CVE-2023-38409}
- fbcon: Fix error paths in set_con2fb_map (Daniel Vetter) {CVE-2023-38409}
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb (Sungwoo Kim) {CVE-2023-40283)
- netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c (Kyle Zeng) {CVE-2023-42753}
- x86/sev: Check IOBM for IOIO exceptions from user-space (Joerg Roedel) {CVE-2023-46813}
- x86/sev: Disable MMIO emulation from user mode (Borislav Petkov) {CVE-2023-46813}
- x86/sev: Check for user-space IOIO pointing to kernel space (Joerg Roedel) {CVE-2023-46813}