Описание
ELSA-2025-1266: kernel security update (IMPORTANT)
[4.18.0-553.40.1_10.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
[4.18.0-553.40.1_10]
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (Desnes Nunes) [RHEL-69571] {CVE-2024-53104}
[4.18.0-553.39.1_10]
- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher) [RHEL-73915]
[4.18.0-553.38.1_10]
- net: usb: lan78xx: add Allied Telesis AT29M2-AF (Jose Ignacio Tornos Martinez) [RHEL-70891]
- s390/pci: Allow allocation of more than 1 MSI interrupt (Mete Durlu) [RHEL-74385]
- s390/pci: Refactor arch_setup_msi_irqs() (Mete Durlu) [RHEL-74385]
- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (Mete Durlu) [RHEL-71451]
- s390/pci: Ignore RID for isolated VFs (Mete Durlu) [RHEL-71451]
- s390/pci: Use topology ID for multi-function devices (Mete Durlu) [RHEL-71451]
- s390/pci: Sort PCI functions prior to creating virtual busses (Mete Durlu) [RHEL-71451]
- s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (Mete Durlu) [RHEL-74387]
- s390/pci: Handle PCI error codes other than 0x3a (Mete Durlu) [RHEL-74383]
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
kernel-tools-libs-devel
4.18.0-553.40.1.el8_10
bpftool
4.18.0-553.40.1.el8_10
kernel-cross-headers
4.18.0-553.40.1.el8_10
kernel-headers
4.18.0-553.40.1.el8_10
kernel-tools
4.18.0-553.40.1.el8_10
kernel-tools-libs
4.18.0-553.40.1.el8_10
perf
4.18.0-553.40.1.el8_10
python3-perf
4.18.0-553.40.1.el8_10
Oracle Linux x86_64
kernel-tools-libs-devel
4.18.0-553.40.1.el8_10
bpftool
4.18.0-553.40.1.el8_10
kernel
4.18.0-553.40.1.el8_10
kernel-abi-stablelists
4.18.0-553.40.1.el8_10
kernel-core
4.18.0-553.40.1.el8_10
kernel-cross-headers
4.18.0-553.40.1.el8_10
kernel-debug
4.18.0-553.40.1.el8_10
kernel-debug-core
4.18.0-553.40.1.el8_10
kernel-debug-devel
4.18.0-553.40.1.el8_10
kernel-debug-modules
4.18.0-553.40.1.el8_10
kernel-debug-modules-extra
4.18.0-553.40.1.el8_10
kernel-devel
4.18.0-553.40.1.el8_10
kernel-doc
4.18.0-553.40.1.el8_10
kernel-headers
4.18.0-553.40.1.el8_10
kernel-modules
4.18.0-553.40.1.el8_10
kernel-modules-extra
4.18.0-553.40.1.el8_10
kernel-tools
4.18.0-553.40.1.el8_10
kernel-tools-libs
4.18.0-553.40.1.el8_10
perf
4.18.0-553.40.1.el8_10
python3-perf
4.18.0-553.40.1.el8_10
Связанные CVE
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming.
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming.
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming.
In the Linux kernel, the following vulnerability has been resolved: m ...
Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP4)