Описание
ELSA-2023-4151: kernel security and bug fix update (IMPORTANT)
[3.10.0-1160.95.1.0.1.OL7]
- debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499}
[3.10.0-1160.95.1.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)
[3.10.0-1160.95.1]
- perf/s390x: Align the register list to what we support (Michael Petlan) [2207745]
- Revert '[tools] s390/perf: add perf register support for floating-point registers' (Michael Petlan) [2207745]
- s390/perf: add perf_regs support and user stack dump (Michael Petlan) [2207745]
- s390/zcrypt: handle new reply code FILTERED_BY_HYPERVISOR (Tobias Huschle) [2212672]
[3.10.0-1160.94.1]
- netfilter: nf_tables: deactivate anonymous set from preparation phase (Florian Westphal) [2196159] {CVE-2023-32233}
[3.10.0-1160.93.1]
- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu (Wander Lairson Costa) [2152941] {CVE-2022-3564}
- proc/pagemap: walk page tables under pte lock (Rafael Aquini) [2190338]
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
bpftool
3.10.0-1160.95.1.0.1.el7
kernel
3.10.0-1160.95.1.0.1.el7
kernel-abi-whitelists
3.10.0-1160.95.1.0.1.el7
kernel-debug
3.10.0-1160.95.1.0.1.el7
kernel-debug-devel
3.10.0-1160.95.1.0.1.el7
kernel-devel
3.10.0-1160.95.1.0.1.el7
kernel-doc
3.10.0-1160.95.1.0.1.el7
kernel-headers
3.10.0-1160.95.1.0.1.el7
kernel-tools
3.10.0-1160.95.1.0.1.el7
kernel-tools-libs
3.10.0-1160.95.1.0.1.el7
kernel-tools-libs-devel
3.10.0-1160.95.1.0.1.el7
perf
3.10.0-1160.95.1.0.1.el7
python-perf
3.10.0-1160.95.1.0.1.el7
Связанные CVE
Связанные уязвимости
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.
A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.
A vulnerability classified as critical was found in Linux Kernel. Affe ...
Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP2)