Описание
ELSA-2025-8246: kernel security update (MODERATE)
[4.18.0-553.54.1_10.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
[4.18.0-553.54.1_10]
- ice: fix stats being updated by way too large values (CKI Backport Bot) [RHEL-70834]
- wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (CKI Backport Bot) [RHEL-54802] {CVE-2024-43842}
- sched/rt: Fix race in push_rt_task (Phil Auld) [RHEL-84963]
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
kernel-tools-libs-devel
4.18.0-553.54.1.el8_10
bpftool
4.18.0-553.54.1.el8_10
kernel-cross-headers
4.18.0-553.54.1.el8_10
kernel-headers
4.18.0-553.54.1.el8_10
kernel-tools
4.18.0-553.54.1.el8_10
kernel-tools-libs
4.18.0-553.54.1.el8_10
perf
4.18.0-553.54.1.el8_10
python3-perf
4.18.0-553.54.1.el8_10
Oracle Linux x86_64
kernel-tools-libs-devel
4.18.0-553.54.1.el8_10
bpftool
4.18.0-553.54.1.el8_10
kernel
4.18.0-553.54.1.el8_10
kernel-abi-stablelists
4.18.0-553.54.1.el8_10
kernel-core
4.18.0-553.54.1.el8_10
kernel-cross-headers
4.18.0-553.54.1.el8_10
kernel-debug
4.18.0-553.54.1.el8_10
kernel-debug-core
4.18.0-553.54.1.el8_10
kernel-debug-devel
4.18.0-553.54.1.el8_10
kernel-debug-modules
4.18.0-553.54.1.el8_10
kernel-debug-modules-extra
4.18.0-553.54.1.el8_10
kernel-devel
4.18.0-553.54.1.el8_10
kernel-doc
4.18.0-553.54.1.el8_10
kernel-headers
4.18.0-553.54.1.el8_10
kernel-modules
4.18.0-553.54.1.el8_10
kernel-modules-extra
4.18.0-553.54.1.el8_10
kernel-tools
4.18.0-553.54.1.el8_10
kernel-tools-libs
4.18.0-553.54.1.el8_10
perf
4.18.0-553.54.1.el8_10
python3-perf
4.18.0-553.54.1.el8_10
Связанные CVE
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() In rtw89_sta_info_get_iter() 'status->he_gi' is compared to array size. But then 'rate->he_gi' is used as array index instead of 'status->he_gi'. This can lead to go beyond array boundaries in case of 'rate->he_gi' is not equal to 'status->he_gi' and is bigger than array size. Looks like "copy-paste" mistake. Fix this mistake by replacing 'rate->he_gi' with 'status->he_gi'. Found by Linux Verification Center (linuxtesting.org) with SVACE.
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() In rtw89_sta_info_get_iter() 'status->he_gi' is compared to array size. But then 'rate->he_gi' is used as array index instead of 'status->he_gi'. This can lead to go beyond array boundaries in case of 'rate->he_gi' is not equal to 'status->he_gi' and is bigger than array size. Looks like "copy-paste" mistake. Fix this mistake by replacing 'rate->he_gi' with 'status->he_gi'. Found by Linux Verification Center (linuxtesting.org) with SVACE.
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() In rtw89_sta_info_get_iter() 'status->he_gi' is compared to array size. But then 'rate->he_gi' is used as array index instead of 'status->he_gi'. This can lead to go beyond array boundaries in case of 'rate->he_gi' is not equal to 'status->he_gi' and is bigger than array size. Looks like "copy-paste" mistake. Fix this mistake by replacing 'rate->he_gi' with 'status->he_gi'. Found by Linux Verification Center (linuxtesting.org) with SVACE.
In the Linux kernel, the following vulnerability has been resolved: w ...
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() In rtw89_sta_info_get_iter() 'status->he_gi' is compared to array size. But then 'rate->he_gi' is used as array index instead of 'status->he_gi'. This can lead to go beyond array boundaries in case of 'rate->he_gi' is not equal to 'status->he_gi' and is bigger than array size. Looks like "copy-paste" mistake. Fix this mistake by replacing 'rate->he_gi' with 'status->he_gi'. Found by Linux Verification Center (linuxtesting.org) with SVACE.