Oracle Linux 6268 Published by

A kernel security, bug fix, and enhancement update has been released for Oracle Linux 9.



ELSA-2023-4377 Important: Oracle Linux 9 kernel security, bug fix, and enhancement update


Oracle Linux Security Advisory ELSA-2023-4377

http://linux.oracle.com/errata/ELSA-2023-4377.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-7.0.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-abi-stablelists-5.14.0-284.25.1.0.1.el9_2.noarch.rpm
kernel-core-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-debug-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-debug-core-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-debug-devel-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-debug-devel-matched-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-debug-modules-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-debug-modules-core-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-debug-modules-extra-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-debug-uki-virt-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-devel-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-devel-matched-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-doc-5.14.0-284.25.1.0.1.el9_2.noarch.rpm
kernel-headers-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-modules-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-modules-core-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-modules-extra-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-tools-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-tools-libs-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-uki-virt-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
perf-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
python3-perf-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
rtla-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-cross-headers-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm
kernel-tools-libs-devel-5.14.0-284.25.1.0.1.el9_2.x86_64.rpm

aarch64:
bpftool-7.0.0-284.25.1.0.1.el9_2.aarch64.rpm
kernel-headers-5.14.0-284.25.1.0.1.el9_2.aarch64.rpm
kernel-tools-5.14.0-284.25.1.0.1.el9_2.aarch64.rpm
kernel-tools-libs-5.14.0-284.25.1.0.1.el9_2.aarch64.rpm
perf-5.14.0-284.25.1.0.1.el9_2.aarch64.rpm
python3-perf-5.14.0-284.25.1.0.1.el9_2.aarch64.rpm
kernel-cross-headers-5.14.0-284.25.1.0.1.el9_2.aarch64.rpm
kernel-tools-libs-devel-5.14.0-284.25.1.0.1.el9_2.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-284.25.1.0.1.el9_2.src.rpm

Related CVEs:

CVE-2022-45869
CVE-2023-0458
CVE-2023-1998
CVE-2023-3090
CVE-2023-35788

Description of changes:

[5.14.0-284.25.1.0.1_2]
- Fix KVM: x86/mmu: Fix race condition in direct_page_fault [Orabug: 35673032] {CVE-2022-45869}

[5.14.0-284.25.1_2]
- KVM: x86/mmu: Fix race condition in direct_page_fault
- prlimit: do_prlimit needs to have a speculation check {CVE-2023-0458}
- x86/speculation: Allow enabling STIBP with legacy IBRS {CVE-2023-1998}
- ipvlan: Fix out of bounds caused by unclear skb->cb {CVE-2023-3090}
- net/sched: flower: fix possible OOB write in fl_set_geneve_opt {CVE-2023-35788}