Описание
ELSA-2024-0346: kernel security and bug fix update (IMPORTANT)
[3.10.0-1160.108.1.0.1.OL7]
- debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499}
[3.10.0-1160.108.1.OL7]
- Update Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)
[3.10.0-1160.108.1]
- net: usb: ax88179_178a: fix failed operations during ax88179_reset (Jose Ignacio Tornos Martinez) [RHEL-6302]
[3.10.0-1160.107.1]
- netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c (Phil Sutter) [RHEL-8433] {CVE-2023-42753}
[3.10.0-1160.106.1]
- gfs2: Fix quota=quiet oversight (Bob Peterson) [2196280]
- gfs2: Free quota data objects synchronously (Andreas Gruenbacher) [2196280]
- gfs2: Fix initial quota data refcount (Andreas Gruenbacher) [2196280]
- gfs2: Factor out duplicate quota data disposal code (Andreas Gruenbacher) [2196280]
- gfs2: Use gfs2_qd_dispose in gfs2_quota_cleanup (Andreas Gruenbacher) [2196280]
- gfs2: Fix wrong quota shrinker return value (Andreas Gruenbacher) [2196280]
- gfs2: ignore negated quota changes (Bob Peterson) [2196280]
- gfs2: Introduce new quota=quiet mount option (Bob Peterson) [2196280]
- gfs2: Add quota_change type (Bob Peterson) [2196280]
- gfs2: Rename sd_{ glock => kill }_wait (Andreas Gruenbacher) [2196280]
- gfs2: Wake up when sd_glock_disposal becomes zero (Alexander Aring) [2196280]
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
bpftool
3.10.0-1160.108.1.0.1.el7
kernel
3.10.0-1160.108.1.0.1.el7
kernel-abi-whitelists
3.10.0-1160.108.1.0.1.el7
kernel-debug
3.10.0-1160.108.1.0.1.el7
kernel-debug-devel
3.10.0-1160.108.1.0.1.el7
kernel-devel
3.10.0-1160.108.1.0.1.el7
kernel-doc
3.10.0-1160.108.1.0.1.el7
kernel-headers
3.10.0-1160.108.1.0.1.el7
kernel-tools
3.10.0-1160.108.1.0.1.el7
kernel-tools-libs
3.10.0-1160.108.1.0.1.el7
kernel-tools-libs-devel
3.10.0-1160.108.1.0.1.el7
perf
3.10.0-1160.108.1.0.1.el7
python-perf
3.10.0-1160.108.1.0.1.el7
Связанные CVE
Связанные уязвимости
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.
An array indexing vulnerability was found in the netfilter subsystem o ...