El-errata: ELSA-2023-0832 Important: Oracle Linux 8 kernel security and bug fix update
Oracle Linux Security Advisory ELSA-2023-0832
http://linux.oracle.com/errata/ELSA-2023-0832.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
bpftool-4.18.0-425.13.1.el8_7.x86_64.rpm
kernel-4.18.0-425.13.1.el8_7.x86_64.rpm
kernel-abi-stablelists-4.18.0-425.13.1.el8_7.noarch.rpm
kernel-core-4.18.0-425.13.1.el8_7.x86_64.rpm
kernel-cross-headers-4.18.0-425.13.1.el8_7.x86_64.rpm
kernel-debug-4.18.0-425.13.1.el8_7.x86_64.rpm
kernel-debug-core-4.18.0-425.13.1.el8_7.x86_64.rpm
kernel-debug-devel-4.18.0-425.13.1.el8_7.x86_64.rpm
kernel-debug-modules-4.18.0-425.13.1.el8_7.x86_64.rpm
kernel-debug-modules-extra-4.18.0-425.13.1.el8_7.x86_64.rpm
kernel-devel-4.18.0-425.13.1.el8_7.x86_64.rpm
kernel-doc-4.18.0-425.13.1.el8_7.noarch.rpm
kernel-headers-4.18.0-425.13.1.el8_7.x86_64.rpm
kernel-modules-4.18.0-425.13.1.el8_7.x86_64.rpm
kernel-modules-extra-4.18.0-425.13.1.el8_7.x86_64.rpm
kernel-tools-4.18.0-425.13.1.el8_7.x86_64.rpm
kernel-tools-libs-4.18.0-425.13.1.el8_7.x86_64.rpm
perf-4.18.0-425.13.1.el8_7.x86_64.rpm
python3-perf-4.18.0-425.13.1.el8_7.x86_64.rpm
kernel-tools-libs-devel-4.18.0-425.13.1.el8_7.x86_64.rpm
aarch64:
bpftool-4.18.0-425.13.1.el8_7.aarch64.rpm
kernel-cross-headers-4.18.0-425.13.1.el8_7.aarch64.rpm
kernel-headers-4.18.0-425.13.1.el8_7.aarch64.rpm
kernel-tools-4.18.0-425.13.1.el8_7.aarch64.rpm
kernel-tools-libs-4.18.0-425.13.1.el8_7.aarch64.rpm
perf-4.18.0-425.13.1.el8_7.aarch64.rpm
python3-perf-4.18.0-425.13.1.el8_7.aarch64.rpm
kernel-tools-libs-devel-4.18.0-425.13.1.el8_7.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-4.18.0-425.13.1.el8_7.src.rpm
Related CVEs:
CVE-2022-2873
CVE-2022-41222
CVE-2022-43945
Description of changes:
[4.18.0-425.13.1.el8_7.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 lock (Waiman Long) [2153108 2149031]
- rcu: Fix to include first blocked task in stall warning (Waiman Long) [2153108 2149031]
- cgroup: Use cgroup_attach_{lock,unlock}() from cgroup_attach_task_all() (Waiman Long) [2153108 2149031]
- cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() (Waiman Long) [2153108 2149031]
cpus_read_lock() deadlock (Waiman Long) [2153108 2149031]
- cgroup: Elide write-locking threadgroup_rwsem when updating csses on an empty subtree (Waiman Long) [2153108 2149031]
- cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug (Waiman Long) [2153108 2149031]
- cgroup: reduce dependency on cgroup_mutex (Waiman Long) [2153108 2149031]
- sunrpc: Set sk_allocation to GFP_NOFS to avoid using current->task_frag. (Guillaume Nault) [2153230 2089660]
_______________________________________________
A kernel security and bug fix update has been released for Oracle Linux 8.