[El-errata] ELSA-2024-3619 Moderate: Oracle Linux 9 kernel security and bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Fri Jun 7 04:55:35 UTC 2024


Oracle Linux Security Advisory ELSA-2024-3619

http://linux.oracle.com/errata/ELSA-2024-3619.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-7.3.0-427.20.1.el9_4.x86_64.rpm
kernel-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-abi-stablelists-5.14.0-427.20.1.el9_4.noarch.rpm
kernel-core-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-debug-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-debug-core-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-debug-devel-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-debug-devel-matched-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-debug-modules-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-debug-modules-core-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-debug-modules-extra-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-devel-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-devel-matched-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-doc-5.14.0-427.20.1.el9_4.noarch.rpm
kernel-headers-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-modules-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-modules-core-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-modules-extra-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-tools-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-tools-libs-5.14.0-427.20.1.el9_4.x86_64.rpm
perf-5.14.0-427.20.1.el9_4.x86_64.rpm
python3-perf-5.14.0-427.20.1.el9_4.x86_64.rpm
rtla-5.14.0-427.20.1.el9_4.x86_64.rpm
rv-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-cross-headers-5.14.0-427.20.1.el9_4.x86_64.rpm
kernel-tools-libs-devel-5.14.0-427.20.1.el9_4.x86_64.rpm
libperf-5.14.0-427.20.1.el9_4.x86_64.rpm

aarch64:
bpftool-7.3.0-427.20.1.el9_4.aarch64.rpm
kernel-tools-5.14.0-427.20.1.el9_4.aarch64.rpm
kernel-tools-libs-5.14.0-427.20.1.el9_4.aarch64.rpm
kernel-tools-libs-devel-5.14.0-427.20.1.el9_4.aarch64.rpm
python3-perf-5.14.0-427.20.1.el9_4.aarch64.rpm
kernel-headers-5.14.0-427.20.1.el9_4.aarch64.rpm
perf-5.14.0-427.20.1.el9_4.aarch64.rpm
kernel-cross-headers-5.14.0-427.20.1.el9_4.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-427.20.1.el9_4.src.rpm

Related CVEs:

CVE-2024-26735
CVE-2024-26993




Description of changes:

- [5.14.0-427.20.1.el9_4.OL9]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates

[5.14.0-427.20.1.el9_4]
- ipv6: sr: fix possible use-after-free and null-ptr-deref (Hangbin Liu) [RHEL-33968 RHEL-31732] {CVE-2024-26735}
- idpf: fix kernel panic on unknown packet types (Michal Schmidt) [RHEL-36145 RHEL-29035]
- idpf: refactor some missing field get/prep conversions (Michal Schmidt) [RHEL-36145 RHEL-29035]
- PCI: Fix pci_rh_check_status() call semantics (Luiz Capitulino) [RHEL-36541 RHEL-35032]
- cxgb4: Properly lock TX queue for the selftest. (John B. Wyatt IV) [RHEL-36530 RHEL-31990 RHEL-9354]

[5.14.0-427.19.1.el9_4]
- x86/mce: Cleanup mce_usable_address() (Prarit Bhargava) [RHEL-33810 RHEL-25415]
- x86/mce: Define amd_mce_usable_address() (Prarit Bhargava) [RHEL-33810 RHEL-25415]
- x86/MCE/AMD: Split amd_mce_is_memory_error() (Prarit Bhargava) [RHEL-33810 RHEL-25415]
- fs: sysfs: Fix reference leak in sysfs_break_active_protection() (Ewan D. Milne) [RHEL-35302 RHEL-35078] {CVE-2024-26993}




More information about the El-errata mailing list