Описание
ELSA-2023-5622: kernel security and bug fix update (IMPORTANT)
[3.10.0-1160.102.1.0.1.OL7]
- debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499}
[3.10.0-1160.102.1.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)
[3.10.0-1160.102.1]
- net/sched: cls_u32: Fix reference counter leak leading to overflow (Davide Caratti) [2225486] {CVE-2023-3609}
- NFSv4.1: fix handling of backchannel binding in BIND_CONN_TO_SESSION (Benjamin Coddington) [2219604]
[3.10.0-1160.101.1]
- cifs: fix a buffer leak in smb2_query_symlink (Jay Shin) [2166706]
- kernfs: Improve kernfs_notify() poll notification latency (Ian Kent) [1703180]
- netfilter: nf_tables: prevent OOB access in nft_byteorder_eval (Florian Westphal) [2221720] {CVE-2023-35001}
[3.10.0-1160.100.1]
- bnxt: count Tx drops (Jamie Bainbridge) [2175062]
- bnxt: make sure xmit_more + errors does not miss doorbells (Jamie Bainbridge) [2175062]
- netfilter: nf_tables: skip deactivated anonymous sets during lookups (Florian Westphal) [2196159] {CVE-2023-32233}
- netfilter: nf_tables: do not allow SET_ID to refer to another table (Florian Westphal) [2196159]
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
bpftool
3.10.0-1160.102.1.0.1.el7
kernel
3.10.0-1160.102.1.0.1.el7
kernel-abi-whitelists
3.10.0-1160.102.1.0.1.el7
kernel-debug
3.10.0-1160.102.1.0.1.el7
kernel-debug-devel
3.10.0-1160.102.1.0.1.el7
kernel-devel
3.10.0-1160.102.1.0.1.el7
kernel-doc
3.10.0-1160.102.1.0.1.el7
kernel-headers
3.10.0-1160.102.1.0.1.el7
kernel-tools
3.10.0-1160.102.1.0.1.el7
kernel-tools-libs
3.10.0-1160.102.1.0.1.el7
kernel-tools-libs-devel
3.10.0-1160.102.1.0.1.el7
perf
3.10.0-1160.102.1.0.1.el7
python-perf
3.10.0-1160.102.1.0.1.el7
Связанные CVE
Связанные уязвимости
A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 04c55383fa5689357bcdd2c8036725a55ed632bc.
A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 04c55383fa5689357bcdd2c8036725a55ed632bc.
A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_change_indev() fails, u32_set_parms() will immediately return an error after incrementing or decrementing the reference counter in tcf_bind_filter(). If an attacker can control the reference counter and set it to zero, they can cause the reference to be freed, leading to a use-after-free vulnerability. We recommend upgrading past commit 04c55383fa5689357bcdd2c8036725a55ed632bc.
A use-after-free vulnerability in the Linux kernel's net/sched: cls_u3 ...