ELSA-2024-11486

Опубликовано: 06 янв. 2025

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2024-11486: kernel security update (MODERATE)

[5.14.0-503.19.1_5.OL9]

Disable UKI signing [Orabug: 36571828]
Update Oracle Linux certificates (Kevin Lyons)
Disable signing for aarch64 (Ilya Okomin)
Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
Update x509.genkey [Orabug: 24817676]
Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5
Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
Add Oracle Linux IMA certificates

[5.14.0-503.19.1_5]

xfrm: validate new SA's prefixlen using SA family when sel.family is unset (Sabrina Dubroca) [RHEL-66462 RHEL-66461] {CVE-2024-50142}
xfrm: fix one more kernel-infoleak in algo dumping (CKI Backport Bot) [RHEL-65960] {CVE-2024-50110}
Revert 'Merge: [qed] softlockup triggered by ethtool -d [rhel-9.5.z]' (Lucas Zampieri) [RHEL-61705]
tracing/hwlat: Fix a race during cpuhp processing (Tomas Glozar) [RHEL-69468]
tracing/timerlat: Fix a race during cpuhp processing (Tomas Glozar) [RHEL-69468] {CVE-2024-49866}
tracing/timerlat: Drop interface_lock in stop_kthread() (Tomas Glozar) [RHEL-69468]
tracing/timerlat: Fix duplicated kthread creation due to CPU online/offline (Tomas Glozar) [RHEL-69468]
ceph: remove the incorrect Fw reference check when dirtying pages (Xiubo Li) [RHEL-61416 RHEL-60255]

[5.14.0-503.18.1_5]

bpf: Fix a kernel verifier crash in stacksafe() (CKI Backport Bot) [RHEL-66097 RHEL-66098] {CVE-2024-45020}
bpf: Fix a sdiv overflow issue (CKI Backport Bot) [RHEL-64598 RHEL-64597] {CVE-2024-49888}
bpf: Fix out-of-bounds write in trie_get_next_key() (CKI Backport Bot) [RHEL-66877] {CVE-2024-50262}
bpf: Fix use-after-free in bpf_uprobe_multi_link_attach() (CKI Backport Bot) [RHEL-63331] {CVE-2024-47675}
nfsd: ensure that nfsd4_fattr_args.context is zeroed out (Jay Shin) [RHEL-58884 RHEL-58883] {CVE-2024-46697}
KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory (Jon Maloy) [RHEL-65872] {CVE-2024-50115}
net: tighten bad gso csum offset check in virtio_net_hdr (Guillaume Nault) [RHEL-67683]
udp: fix receiving fraglist GSO packets (Guillaume Nault) [RHEL-67683]
Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs (CKI Backport Bot) [RHEL-66804] {CVE-2024-50255}
Bluetooth: ISO: Fix UAF on iso_sock_timeout (Bastien Nocera) [RHEL-66321] {CVE-2024-50124}
Bluetooth: SCO: Fix UAF on sco_sock_timeout (Bastien Nocera) [RHEL-65928] {CVE-2024-50125}
Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (Bastien Nocera) [RHEL-65928] {CVE-2024-27398}
bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (CKI Backport Bot) [RHEL-44173] {CVE-2024-38564}
Bluetooth: bnep: fix wild-memory-access in proto_unregister (CKI Backport Bot) [RHEL-66365] {CVE-2024-50148}
Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (CKI Backport Bot) [RHEL-57716 RHEL-36374] {CVE-2024-27399}

[5.14.0-503.17.1_5]

arm64: probes: Remove broken LDR (literal) uprobe support (CKI Backport Bot) [RHEL-66046] {CVE-2024-50099}
qed: put cond_resched() in qed_dmae_operation_wait() (Michal Schmidt) [RHEL-61705 RHEL-6372]
qed: allow the callee of qed_mcp_nvm_read() to sleep (Michal Schmidt) [RHEL-61705 RHEL-6372]
qed: put cond_resched() in qed_grc_dump_ctx_data() (Michal Schmidt) [RHEL-61705 RHEL-6372]
qed: make 'ethtool -d' 10 times faster (Michal Schmidt) [RHEL-61705 RHEL-6372]
qed: allow sleep in qed_mcp_trace_dump() (Michal Schmidt) [RHEL-61705 RHEL-6372]
sched/numa: Fix the potential null pointer dereference in task_numa_work() (CKI Backport Bot) [RHEL-66810] {CVE-2024-50223}
irqchip/gic-v4: Correctly deal with set_affinity on lazily-mapped VPEs (Charles Mirabile) [RHEL-66969] {CVE-2024-50192}
irqchip/gic-v4: Don't allow a VMOVP on a dying VPE (Charles Mirabile) [RHEL-66969] {CVE-2024-50192}
perf/x86/intel/uncore: Support HBM and CXL PMON counters (Michael Petlan) [RHEL-65856]
perf/x86/uncore: Cleanup unused unit structure (Michael Petlan) [RHEL-65856]
perf/x86/uncore: Apply the unit control RB tree to PCI uncore units (Michael Petlan) [RHEL-65856]
perf/x86/uncore: Apply the unit control RB tree to MSR uncore units (Michael Petlan) [RHEL-65856]
perf/x86/uncore: Apply the unit control RB tree to MMIO uncore units (Michael Petlan) [RHEL-65856]
perf/x86/uncore: Retrieve the unit ID from the unit control RB tree (Michael Petlan) [RHEL-65856]
perf/x86/uncore: Support per PMU cpumask (Michael Petlan) [RHEL-65856]
perf/x86/uncore: Save the unit control address of all units (Michael Petlan) [RHEL-65856]

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

bpftool

7.4.0-503.19.1.el9_5

kernel-tools

5.14.0-503.19.1.el9_5

kernel-tools-libs

5.14.0-503.19.1.el9_5

python3-perf

5.14.0-503.19.1.el9_5

kernel-cross-headers

5.14.0-503.19.1.el9_5

kernel-tools-libs-devel

5.14.0-503.19.1.el9_5

kernel-headers

5.14.0-503.19.1.el9_5

perf

5.14.0-503.19.1.el9_5

rtla

5.14.0-503.19.1.el9_5

Oracle Linux x86_64

bpftool

7.4.0-503.19.1.el9_5

kernel-abi-stablelists

5.14.0-503.19.1.el9_5

kernel-core

5.14.0-503.19.1.el9_5

kernel-debug-modules-core

5.14.0-503.19.1.el9_5

kernel-debug-modules-extra

5.14.0-503.19.1.el9_5

kernel-modules

5.14.0-503.19.1.el9_5

kernel-modules-core

5.14.0-503.19.1.el9_5

kernel-modules-extra

5.14.0-503.19.1.el9_5

kernel-tools

5.14.0-503.19.1.el9_5

kernel-tools-libs

5.14.0-503.19.1.el9_5

kernel-uki-virt

5.14.0-503.19.1.el9_5

kernel-uki-virt-addons

5.14.0-503.19.1.el9_5

kernel

5.14.0-503.19.1.el9_5

kernel-debug

5.14.0-503.19.1.el9_5

kernel-debug-core

5.14.0-503.19.1.el9_5

kernel-debug-modules

5.14.0-503.19.1.el9_5

kernel-debug-uki-virt

5.14.0-503.19.1.el9_5

python3-perf

5.14.0-503.19.1.el9_5

kernel-debug-devel

5.14.0-503.19.1.el9_5

kernel-debug-devel-matched

5.14.0-503.19.1.el9_5

kernel-devel

5.14.0-503.19.1.el9_5

kernel-devel-matched

5.14.0-503.19.1.el9_5

kernel-doc

5.14.0-503.19.1.el9_5

kernel-headers

5.14.0-503.19.1.el9_5

perf

5.14.0-503.19.1.el9_5

rtla

5.14.0-503.19.1.el9_5

kernel-cross-headers

5.14.0-503.19.1.el9_5

kernel-tools-libs-devel

5.14.0-503.19.1.el9_5

libperf

5.14.0-503.19.1.el9_5

Связанные CVE

Ссылки на источники

Связанные уязвимости

CVE-2024-50110

CVSS3: 5.5

ubuntu

8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix one more kernel-infoleak in algo dumping During fuzz testing, the following issue was discovered: BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x598/0x2a30 _copy_to_iter+0x598/0x2a30 __skb_datagram_iter+0x168/0x1060 skb_copy_datagram_iter+0x5b/0x220 netlink_recvmsg+0x362/0x1700 sock_recvmsg+0x2dc/0x390 __sys_recvfrom+0x381/0x6d0 __x64_sys_recvfrom+0x130/0x200 x64_sys_call+0x32c8/0x3cc0 do_syscall_64+0xd8/0x1c0 entry_SYSCALL_64_after_hwframe+0x79/0x81 Uninit was stored to memory at: copy_to_user_state_extra+0xcc1/0x1e00 dump_one_state+0x28c/0x5f0 xfrm_state_walk+0x548/0x11e0 xfrm_dump_sa+0x1e0/0x840 netlink_dump+0x943/0x1c40 __netlink_dump_start+0x746/0xdb0 xfrm_user_rcv_msg+0x429/0xc00 netlink_rcv_skb+0x613/0x780 xfrm_netlink_rcv+0x77/0xc0 netlink_unicast+0xe90/0x1280 netlink_sendmsg+0x126d/0x1490 __sock_sendmsg+0x332/0x3d0 ____sys_sendmsg+0x863/0xc30 ___sys_sendmsg+0x285/0x3e0 __x64_sys_sendmsg+0x2d6/...