Описание
ELSA-2023-13047: kernel security update (IMPORTANT)
-
[5.14.0-362.13.0.1_3.OL9]
-
cifs: Fix UAF in cifs_demultiplex_thread() (Zhang Xiaoxu) (Steve French) {CVE-2023-1192}
-
fs/smb/client: Reset password pointer to NULL (Quang Le) (Steve French) {CVE-2023-5345}
-
igb: set max size RX buffer when store bad packet is enabled (Tony Nguyen) (David S. Miller) {CVE-2023-45871}
-
[5.14.0-362.8.1_3.OL9]
-
Update Oracle Linux certificates (Kevin Lyons)
-
Disable signing for aarch64 (Ilya Okomin)
-
Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
-
Update x509.genkey [Orabug: 24817676]
-
Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5
-
Remove nmap references from kernel (Mridula Shastry) [Orabug: 34313944]
-
Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
-
Disable unified kernel image package build
-
Add Oracle Linux IMA certificates
-
5.14.0
-
Debranding patches copied from Rocky Linux (Louis Abel and Sherif Nagy from RESF)
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
bpftool
7.2.0-362.13.0.1.el9_3
kernel-cross-headers
5.14.0-362.13.0.1.el9_3
kernel-headers
5.14.0-362.13.0.1.el9_3
kernel-tools
5.14.0-362.13.0.1.el9_3
kernel-tools-libs
5.14.0-362.13.0.1.el9_3
kernel-tools-libs-devel
5.14.0-362.13.0.1.el9_3
perf
5.14.0-362.13.0.1.el9_3
python3-perf
5.14.0-362.13.0.1.el9_3
Oracle Linux x86_64
bpftool
7.2.0-362.13.0.1.el9_3
kernel
5.14.0-362.13.0.1.el9_3
kernel-abi-stablelists
5.14.0-362.13.0.1.el9_3
kernel-core
5.14.0-362.13.0.1.el9_3
kernel-cross-headers
5.14.0-362.13.0.1.el9_3
kernel-debug
5.14.0-362.13.0.1.el9_3
kernel-debug-core
5.14.0-362.13.0.1.el9_3
kernel-debug-devel
5.14.0-362.13.0.1.el9_3
kernel-debug-devel-matched
5.14.0-362.13.0.1.el9_3
kernel-debug-modules
5.14.0-362.13.0.1.el9_3
kernel-debug-modules-core
5.14.0-362.13.0.1.el9_3
kernel-debug-modules-extra
5.14.0-362.13.0.1.el9_3
kernel-devel
5.14.0-362.13.0.1.el9_3
kernel-devel-matched
5.14.0-362.13.0.1.el9_3
kernel-doc
5.14.0-362.13.0.1.el9_3
kernel-headers
5.14.0-362.13.0.1.el9_3
kernel-modules
5.14.0-362.13.0.1.el9_3
kernel-modules-core
5.14.0-362.13.0.1.el9_3
kernel-modules-extra
5.14.0-362.13.0.1.el9_3
kernel-tools
5.14.0-362.13.0.1.el9_3
kernel-tools-libs
5.14.0-362.13.0.1.el9_3
kernel-tools-libs-devel
5.14.0-362.13.0.1.el9_3
perf
5.14.0-362.13.0.1.el9_3
python3-perf
5.14.0-362.13.0.1.el9_3
rtla
5.14.0-362.13.0.1.el9_3
Связанные CVE
Связанные уязвимости
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.
A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.
