Lucene search

K
oraclelinuxOracleLinuxELSA-2022-0063
HistoryJan 11, 2022 - 12:00 a.m.

kernel security and bug fix update

2022-01-1100:00:00
linux.oracle.com
34

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

14.2%

[3.10.0-1160.53.1.OL7]

  • Update Oracle Linux certificates (Ilya Okomin)
  • Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)([email protected])
  • Update x509.genkey [Orabug: 24817676]
  • Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
  • Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)
    [3.10.0-1160.53.1]
  • fuse: fix live lock in fuse_iget() (Miklos Szeredi) [1952046]
  • fuse: fix bad inode (Miklos Szeredi) [1952046]
  • GFS2: Truncate address space mapping when deleting an inode (Bob Peterson) [1364234]
  • gfs2: Fix gfs2_testbit to use clone bitmaps (Bob Peterson) [1364234]
  • gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps (Bob Peterson) [1364234]
  • gfs2: Fix oversight in gfs2_ail1_flush (Bob Peterson) [1364234]
  • gfs2: Additional information when gfs2_ail1_flush withdraws (Bob Peterson) [1364234]
  • gfs2: leaf_dealloc needs to allocate one more revoke (Bob Peterson) [1364234]
  • gfs2: allow journal replay to hold sd_log_flush_lock (Bob Peterson) [1364234]
  • gfs2: don’t allow releasepage to free bd still used for revokes (Bob Peterson) [1364234]
  • gfs2: flesh out delayed withdraw for gfs2_log_flush (Bob Peterson) [1364234]
  • gfs2: Do proper error checking for go_sync family of glops functions (Bob Peterson) [1364234]
  • gfs2: drain the ail2 list after io errors (Bob Peterson) [1364234]
  • gfs2: Withdraw in gfs2_ail1_flush if write_cache_pages fails (Bob Peterson) [1364234]
  • gfs2: Do log_flush in gfs2_ail_empty_gl even if ail list is empty (Bob Peterson) [1364234]
  • gfs2: Check for log write errors before telling dlm to unlock (Bob Peterson) [1364234]
  • gfs2: Prepare to withdraw as soon as an IO error occurs in log write (Bob Peterson) [1364234]
  • gfs2: Issue revokes more intelligently (Bob Peterson) [1364234]
  • gfs2: Add verbose option to check_journal_clean (Bob Peterson) [1364234]
  • gfs2: fix infinite loop when checking ail item count before go_inval (Bob Peterson) [1364234]
  • gfs2: Force withdraw to replay journals and wait for it to finish (Bob Peterson) [1364234]
  • gfs2: Allow some glocks to be used during withdraw (Bob Peterson) [1364234]
  • gfs2: move check_journal_clean to util.c for future use (Bob Peterson) [1364234]
  • gfs2: Ignore dlm recovery requests if gfs2 is withdrawn (Bob Peterson) [1364234]
  • gfs2: Only complain the first time an io error occurs in quota or log (Bob Peterson) [1364234]
  • gfs2: log error reform (Bob Peterson) [1364234]
  • gfs2: Rework how rgrp buffer_heads are managed (Bob Peterson) [1364234]
  • gfs2: clear ail1 list when gfs2 withdraws (Bob Peterson) [1364234]
  • gfs2: Introduce concept of a pending withdraw (Bob Peterson) [1364234]
  • gfs2: Return bool from gfs2_assert functions (Bob Peterson) [1364234]
  • gfs2: Turn gfs2_consist into void functions (Bob Peterson) [1364234]
  • gfs2: Remove usused cluster_wide arguments of gfs2_consist functions (Bob Peterson) [1364234]
  • gfs2: Report errors before withdraw (Bob Peterson) [1364234]
  • gfs2: Split gfs2_lm_withdraw into two functions (Bob Peterson) [1364234]
  • gfs2: Fix incorrect variable name (Bob Peterson) [1364234]
  • gfs2: Don’t write log headers after file system withdraw (Bob Peterson) [1364234]
  • gfs2: clean up iopen glock mess in gfs2_create_inode (Bob Peterson) [1364234]
  • gfs2: Close timing window with GLF_INVALIDATE_IN_PROGRESS (Bob Peterson) [1364234]
  • gfs2: fix infinite loop in gfs2_ail1_flush on io error (Bob Peterson) [1364234]
  • gfs2: Introduce function gfs2_withdrawn (Bob Peterson) [1364234]
  • gfs2: replace more printk with calls to fs_info and friends (Bob Peterson) [1364234]
  • gfs2: dump fsid when dumping glock problems (Bob Peterson) [1364234]
  • gfs2: simplify gfs2_freeze by removing case (Bob Peterson) [1364234]
  • gfs2: Rename SDF_SHUTDOWN to SDF_WITHDRAWN (Bob Peterson) [1364234]
  • gfs2: Warn when a journal replay overwrites a rgrp with buffers (Bob Peterson) [1364234]
  • gfs2: log which portion of the journal is replayed (Bob Peterson) [1364234]
  • gfs2: slow the deluge of io error messages (Bob Peterson) [1364234]
  • gfs2: Don’t withdraw under a spin lock (Bob Peterson) [1364234]
  • GFS2: Clear gl_object when deleting an inode in gfs2_delete_inode (Bob Peterson) [1364234]
  • gfs2: Use fs_* functions instead of pr_* function where we can (Bob Peterson) [1364234]
    more consistently (Bob Peterson) [1364234]
    [3.10.0-1160.52.1]
  • acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (David Arcari) [2019588]
  • x86/cpu/amd: Call init_amd_zn() om Family 19h processors too (David Arcari) [2019218]
  • x86/cpu/AMD: Fix erratum 1076 (CPB bit) (David Arcari) [2019218]
  • i40e: Fix the conditional for i40e_vc_validate_vqs_bitmaps (Stefan Assmann) [1977246]
  • i40e: Fix virtchnl_queue_select bitmap validation (Stefan Assmann) [1977246]
    [3.10.0-1160.51.1]
  • mm, fs: Fix do_generic_file_read() error return (Carlos Maiolino) [2020857]
  • perf/core: Fix a memory leak in perf_event_parse_addr_filter() (Michael Petlan) [1901932]
    [3.10.0-1160.50.1]
  • tcp: grow window for OOO packets only for SACK flows (Guillaume Nault) [1990665]
  • scsi: mpt3sas: Fix unlock imbalance (Tomas Henzl) [2006536]
  • pci-hyperv: Fix setting CPU affinity on Azure (Vitaly Kuznetsov) [2019272]
  • media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() (Lucas Zampieri) [1956471] {CVE-2021-42739}

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

14.2%