Описание
ELSA-2024-11161: tuned security update (MODERATE)
[2.22.1-5.0.1]
- Fix RPS/XPS and busy polling optimization not getting applied [Orabug: 32153315]
- Fix error in uninstalling tuned [Orabug: 351528377]
- Updated patch with the more recent version [Orabug: 30730976]
- Set AMD CPU freq governor to ondemand when unapplying cpu tunings [Orabug: 30033199]
- Restored the system rules in recommend.conf [Orabug: 29962987]
- Added oci-nic profile and updated profiles-oci-recommend [Orabug: 29869969] for increasing combined channels to 16 on NICs with bnxt_en driver on BM
- Do not access xps_cpus on single queue devices [Orabug: 29894296]
- OL8 does not support System Purpose [Orabug: 29443881] Remove syspurpose_role option in recommend.conf.
- Added profiles-oci-recommend package [Orabug: 29632202]
- Modified the patch for ol8 [Orabug: 29560068] (james.cheng@oracle.com)
- Added iscsi plugin, and
- added oci-rps-xps profile [Orabug: 28397039]
- added oci-busy-polling profile [Orabug: 28748149]
- added oci-cpu-power profile
[2.22.1-5]
- Added sanity checks for API methods parameters, (CVE-2024-52337) Resolves: RHEL-66614
[2.22.1-4.1]
- sap-netweaver: increase vm.max_map_count resolves: RHEL-32124
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
tuned-gtk
2.22.1-5.0.1.el8_10
tuned-profiles-postgresql
2.22.1-5.0.1.el8_10
tuned-utils
2.22.1-5.0.1.el8_10
tuned-utils-systemtap
2.22.1-5.0.1.el8_10
tuned-profiles-atomic
2.22.1-5.0.1.el8_10
tuned-profiles-compat
2.22.1-5.0.1.el8_10
tuned
2.22.1-5.0.1.el8_10
tuned-profiles-cpu-partitioning
2.22.1-5.0.1.el8_10
tuned-profiles-mssql
2.22.1-5.0.1.el8_10
tuned-profiles-oracle
2.22.1-5.0.1.el8_10
tuned-profiles-oci
2.22.1-5.0.1.el8_10
tuned-profiles-oci-recommend
2.22.1-5.0.1.el8_10
Oracle Linux x86_64
tuned-profiles-atomic
2.22.1-5.0.1.el8_10
tuned-profiles-cpu-partitioning
2.22.1-5.0.1.el8_10
tuned-profiles-oracle
2.22.1-5.0.1.el8_10
tuned-gtk
2.22.1-5.0.1.el8_10
tuned-profiles-postgresql
2.22.1-5.0.1.el8_10
tuned-utils
2.22.1-5.0.1.el8_10
tuned-utils-systemtap
2.22.1-5.0.1.el8_10
tuned-profiles-oci
2.22.1-5.0.1.el8_10
tuned-profiles-oci-recommend
2.22.1-5.0.1.el8_10
tuned
2.22.1-5.0.1.el8_10
tuned-profiles-compat
2.22.1-5.0.1.el8_10
tuned-profiles-mssql
2.22.1-5.0.1.el8_10
Связанные CVE
Связанные уязвимости
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick the administrator. The quotes '' are usually used in TuneD logs citing raw user input, so there will always be the ' character ending the spoofed input, and the administrator can easily overlook this. This logged string is later used in logging and in the output of utilities, for example, `tuned-adm get_instances` or other third-party programs that use Tuned's D-Bus interface for such operations.
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick the administrator. The quotes '' are usually used in TuneD logs citing raw user input, so there will always be the ' character ending the spoofed input, and the administrator can easily overlook this. This logged string is later used in logging and in the output of utilities, for example, `tuned-adm get_instances` or other third-party programs that use Tuned's D-Bus interface for such operations.
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick the administrator. The quotes '' are usually used in TuneD logs citing raw user input, so there will always be the ' character ending the spoofed input, and the administrator can easily overlook this. This logged string is later used in logging and in the output of utilities, for example, `tuned-adm get_instances` or other third-party programs that use Tuned's D-Bus interface for such operations.
A log spoofing flaw was found in the Tuned package due to improper san ...