Описание
ELSA-2021-4647: kernel security update (IMPORTANT)
[4.18.0-348.2.1_5.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-11.0.5
[4.18.0-348.2.1_5]
- tipc: fix size validations for the MSG_CRYPTO type (Bruno Meneguele) [2020506 2020507] {CVE-2021-43267}
- net: Fix skb->csum update in inet_proto_csum_replace16(). (Balazs Nemeth) [2005981 1975193]
[4.18.0-348.1.1_5]
- lib/timerqueue: Rely on rbtree semantics for next timer (Phil Auld) [2014677 2007099] {CVE-2021-20317}
- mm/hmm: make HMM_MIRROR an implicit option (Rafael Aquini) [2017519 1998534]
- mm/hmm: allow HMM_MIRROR on all architectures with MMU (Rafael Aquini) [2017519 1998534]
- mm: don't select MIGRATE_VMA_HELPER from HMM_MIRROR (Rafael Aquini) [2017519 1998534]
- mm: sort out the DEVICE_PRIVATE Kconfig mess (Rafael Aquini) [2017519 1998534]
- ceph: skip existing superblocks that are blocklisted or shut down when mounting (Jeffrey Layton) [2017071 2011462]
- redhat: switch release to zstream (Bruno Meneguele)
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
bpftool
4.18.0-348.2.1.el8_5
kernel-cross-headers
4.18.0-348.2.1.el8_5
kernel-headers
4.18.0-348.2.1.el8_5
kernel-tools
4.18.0-348.2.1.el8_5
kernel-tools-libs
4.18.0-348.2.1.el8_5
kernel-tools-libs-devel
4.18.0-348.2.1.el8_5
perf
4.18.0-348.2.1.el8_5
python3-perf
4.18.0-348.2.1.el8_5
Oracle Linux x86_64
bpftool
4.18.0-348.2.1.el8_5
kernel
4.18.0-348.2.1.el8_5
kernel-abi-stablelists
4.18.0-348.2.1.el8_5
kernel-core
4.18.0-348.2.1.el8_5
kernel-cross-headers
4.18.0-348.2.1.el8_5
kernel-debug
4.18.0-348.2.1.el8_5
kernel-debug-core
4.18.0-348.2.1.el8_5
kernel-debug-devel
4.18.0-348.2.1.el8_5
kernel-debug-modules
4.18.0-348.2.1.el8_5
kernel-debug-modules-extra
4.18.0-348.2.1.el8_5
kernel-devel
4.18.0-348.2.1.el8_5
kernel-doc
4.18.0-348.2.1.el8_5
kernel-headers
4.18.0-348.2.1.el8_5
kernel-modules
4.18.0-348.2.1.el8_5
kernel-modules-extra
4.18.0-348.2.1.el8_5
kernel-tools
4.18.0-348.2.1.el8_5
kernel-tools-libs
4.18.0-348.2.1.el8_5
kernel-tools-libs-devel
4.18.0-348.2.1.el8_5
perf
4.18.0-348.2.1.el8_5
python3-perf
4.18.0-348.2.1.el8_5
Связанные CVE
Связанные уязвимости
An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
