Описание
ELSA-2025-20019: Unbreakable Enterprise kernel security update (IMPORTANT)
[5.4.17-2136.339.5]
- tracing/kprobes: Skip symbol counting logic for module symbols in create_local_trace_kprobe() (Nikolay Kuratov)
- vhost_scsi: log write descriptors (Dongli Zhang) [Orabug: 37393533]
- vhost-scsi: protect vq->log_base with vq->mutex (Dongli Zhang) [Orabug: 37393533]
[5.4.17-2136.339.4]
- RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (Kashyap Desai)
- Revert 'mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K' (Aurelien Jarno)
- mm: revert 'mm: shmem: fix data-race in shmem_getattr()' (Andrew Morton)
- net/ipv6: release expired exception dst cached in socket (Jiri Wiesner)
- Revert 'unicode: Don't special case ignorable code points' (Linus Torvalds)
- powerpc/vdso: Flag VDSO64 entry points as functions (Christophe Leroy)
- Revert 'usb: gadget: composite: fix OS descriptors w_value logic' (Michal Vrastil)
[5.4.17-2136.339.3]
- Revert 'ocfs2: fix the la space leak when unmounting an ocfs2 volume' (Sherry Yang) [Orabug: 37364531]
- rds: recv_payload_bad_checksum was not 0 after running rds-stress on UEK6 (William Kucharski) [Orabug: 37265127]
- rds: If RDS Checksums are enabled for RDMA RDS operations, the extension headers will overflow causing incorrect operation (William Kucharski) [Orabug: 37265125]
- rds: rds_message_alloc() needlessly zeroes m_used_sgs (William Kucharski) [Orabug: 37265123]
- rds: tracepoint in rds_receive_csum_err() prints pointless information (William Kucharski) [Orabug: 37265121]
- rds: rds_inc_init() should initialize the inc->i_conn_path field (William Kucharski) [Orabug: 37265117]
- rds: Race condition in adding RDS payload checksum extension header may result in RDS header corruption (William Kucharski) [Orabug: 37265115]
- md/raid10: fix task hung in raid10d (Li Nan) [Orabug: 37126683]
- md/raid10: factor out code from wait_barrier() to stop_waiting_barrier() (Yu Kuai) [Orabug: 37126683]
- md/raid10: avoid deadlock on recovery. (Vitaly Mayatskikh) [Orabug: 37126683]
[5.4.17-2136.339.2]
- arm64/cpu_errata: Spectre-BHB mitigation for AMPERE1 expects a loop of 11 iterations. (Miguel Luis) [Orabug: 37027863]
[5.4.17-2136.339.1]
- net/rds: report pending-messages count in RDS_INQ response (Devesh Sharma) [Orabug: 35596047] [Orabug: 35316633]
- net/rds: Introduce RDS-INQ feature to RDS protocol (Devesh Sharma) [Orabug: 35316632] [Orabug: 37109336]
- net/rds: Supporting SIOCOUTQ to read pending sends (Devesh Sharma) [Orabug: 34460809] [Orabug: 37072814]
- mm/memory-failure: pass the folio and the page to collect_procs() (Matthew Wilcox (Oracle)) [Orabug: 37270264]
- KVM: x86: Stop compiling vmenter.S with OBJECT_FILES_NON_STANDARD (Sean Christopherson) [Orabug: 37273706]
- KVM: SVM: Create a stack frame in __svm_vcpu_run() for unwinding (Sean Christopherson) [Orabug: 37273706]
- objtool: Default ignore INT3 for unreachable (Peter Zijlstra) [Orabug: 37273706] {CVE-2022-29901}
- x86/spec_ctrl: AMD AutoIBRS cannot be dynamically enabled or disabled (Alexandre Chartre) [Orabug: 37310552]
- x86/msr: Add functions to set/clear the bit of an MSR on all cpus (Alexandre Chartre) [Orabug: 37310552]
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
kernel-uek
5.4.17-2136.339.5.el8uek
kernel-uek-debug
5.4.17-2136.339.5.el8uek
kernel-uek-debug-devel
5.4.17-2136.339.5.el8uek
kernel-uek-devel
5.4.17-2136.339.5.el8uek
kernel-uek-doc
5.4.17-2136.339.5.el8uek
Oracle Linux x86_64
kernel-uek
5.4.17-2136.339.5.el8uek
kernel-uek-container
5.4.17-2136.339.5.el8uek
kernel-uek-container-debug
5.4.17-2136.339.5.el8uek
kernel-uek-debug
5.4.17-2136.339.5.el8uek
kernel-uek-debug-devel
5.4.17-2136.339.5.el8uek
kernel-uek-devel
5.4.17-2136.339.5.el8uek
kernel-uek-doc
5.4.17-2136.339.5.el8uek
Oracle Linux 7
Oracle Linux aarch64
kernel-uek
5.4.17-2136.339.5.el7uek
kernel-uek-debug
5.4.17-2136.339.5.el7uek
kernel-uek-debug-devel
5.4.17-2136.339.5.el7uek
kernel-uek-devel
5.4.17-2136.339.5.el7uek
kernel-uek-doc
5.4.17-2136.339.5.el7uek
kernel-uek-tools
5.4.17-2136.339.5.el7uek
kernel-uek-tools-libs
5.4.17-2136.339.5.el7uek
perf
5.4.17-2136.339.5.el7uek
python-perf
5.4.17-2136.339.5.el7uek
Oracle Linux x86_64
kernel-uek
5.4.17-2136.339.5.el7uek
kernel-uek-container
5.4.17-2136.339.5.el7uek
kernel-uek-container-debug
5.4.17-2136.339.5.el7uek
kernel-uek-debug
5.4.17-2136.339.5.el7uek
kernel-uek-debug-devel
5.4.17-2136.339.5.el7uek
kernel-uek-devel
5.4.17-2136.339.5.el7uek
kernel-uek-doc
5.4.17-2136.339.5.el7uek
kernel-uek-tools
5.4.17-2136.339.5.el7uek
Связанные CVE
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in ip6_negative_advice() when this function is executed for an expired IPv6 route located in the exception table. There are several conditions that must be fulfilled for the leak to occur: * an ICMPv6 packet indicating a change of the MTU for the path is received, resulting in an exception dst being created * a TCP connection that uses the exception dst for routing packets must start timing out so that TCP begins retransmissions * after the exception dst expires, the FIB6 garbage collector must not run before TCP executes ip6_negative_advice() for the expired exception dst When TCP executes ip6_negative_advice() for an exception dst that has expired and if no other socket holds a reference to the exception dst, the refcount of the exception dst is 2, which corresponds to the increment made by dst_init() and the increment made by the T...
In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in ip6_negative_advice() when this function is executed for an expired IPv6 route located in the exception table. There are several conditions that must be fulfilled for the leak to occur: * an ICMPv6 packet indicating a change of the MTU for the path is received, resulting in an exception dst being created * a TCP connection that uses the exception dst for routing packets must start timing out so that TCP begins retransmissions * after the exception dst expires, the FIB6 garbage collector must not run before TCP executes ip6_negative_advice() for the expired exception dst When TCP executes ip6_negative_advice() for an exception dst that has expired and if no other socket holds a reference to the exception dst, the refcount of the exception dst is 2, which corresponds to the increment made by dst_init() and the increment made by the TCP ...
In the Linux kernel, the following vulnerability has been resolved: net/ipv6: release expired exception dst cached in socket Dst objects get leaked in ip6_negative_advice() when this function is executed for an expired IPv6 route located in the exception table. There are several conditions that must be fulfilled for the leak to occur: * an ICMPv6 packet indicating a change of the MTU for the path is received, resulting in an exception dst being created * a TCP connection that uses the exception dst for routing packets must start timing out so that TCP begins retransmissions * after the exception dst expires, the FIB6 garbage collector must not run before TCP executes ip6_negative_advice() for the expired exception dst When TCP executes ip6_negative_advice() for an exception dst that has expired and if no other socket holds a reference to the exception dst, the refcount of the exception dst is 2, which corresponds to the increment made by dst_init() and the increment made by th
In the Linux kernel, the following vulnerability has been resolved: n ...
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.