Unbreakable Enterprise kernel-container security update

2022-07-1100:00:00

linux.oracle.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

[4.14.35-2047.515.3.el7]

uek-rpm: Enable Pensando EMMC reset controller (Thomas Tai) [Orabug: 34325721]
mfd: pensando_elbasr: Add Pensando Elba System Resource Chip (Brad Larson) [Orabug: 34325721]
dsc-drivers: update drivers for 1.15.9-C-65 (Shannon Nelson) [Orabug: 34325721]
[4.14.35-2047.515.2.el7]
net/rds: Delayed DR_SOCK_CANCEL (Gerd Rausch) [Orabug: 34105319]
[4.14.35-2047.515.1.el7]
sched/rt: Disable RT_RUNTIME_SHARE by default (Daniel Bristot de Oliveira) [Orabug: 34193333]
mstflint_access: Update driver code to v4.20.1-1 from Github (Qing Huang) [Orabug: 34286148]
[4.14.35-2047.515.0.el7]
net: ip: avoid OOM kills with large UDP sends over loopback (Venkat Venkatsubra) [Orabug: 34066209]
rdmaip: Flush ARP cache after address has been cleared (Gerd Rausch) [Orabug: 34285241]
rds: Include congested flag in rds_sock struct. (Rohit Nair) [Orabug: 34261492]
cpu/hotplug: Allow the CPU in CPU_UP_PREPARE state to be brought up again. (Longpeng(Mike)) [Orabug: 34234771]
x86/xen: Allow to retry if cpu_initialize_context() failed. (Boris Ostrovsky) [Orabug: 34234771]
floppy: use a statically allocated error counter (Willy Tarreau) {CVE-2022-1652}
assoc_array: Fix BUG_ON during garbage collect (Stephen Brennan) [Orabug: 34162064]
exec, elf: fix reserve_va_range() sanity check (Anthony Yznaga) [Orabug: 32387887]
exec, elf: use already allocated notes data in reserve_va_range() (Anthony Yznaga) [Orabug: 32387887]
mm: madv_doexec_flag sysctl (Anthony Yznaga) [Orabug: 32387887]
mm: introduce MADV_DOEXEC (Anthony Yznaga) [Orabug: 32387887]
exec, elf: require opt-in for accepting preserved mem (Anthony Yznaga) [Orabug: 32387887]
mm: introduce VM_EXEC_KEEP (Anthony Yznaga) [Orabug: 32387887]
mm: fail exec if stack expansion will overlap another vma (Anthony Yznaga) [Orabug: 32387887]
mm: do not assume only the stack vma exists in setup_arg_pages() (Anthony Yznaga) [Orabug: 32387887]
ELF: when loading PIE binaries check for overlap with existing mappings (Anthony Yznaga) [Orabug: 32387887]
Linux 4.14.280 (Greg Kroah-Hartman)
tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe() (Yang Yingliang)
ping: fix address binding wrt vrf (Nicolas Dichtel)
drm/vmwgfx: Initialize drm_mode_fb_cmd2 (Zack Rusin)
cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp() (Waiman Long)
USB: serial: option: add Fibocom MA510 modem (Sven Schwermer)
USB: serial: option: add Fibocom L610 modem (Sven Schwermer)
USB: serial: qcserial: add support for Sierra Wireless EM7590 (Ethan Yang)
USB: serial: pl2303: add device id for HP LM930 Display (Scott Chen)
usb: cdc-wdm: fix reading stuck on device close (Sergey Ryazanov)
tcp: resalt the secret every 10 seconds (Eric Dumazet)
ASoC: ops: Validate input values in snd_soc_put_volsw_range() (Mark Brown)
ASoC: max98090: Generate notifications on changes for custom control (Mark Brown)
ASoC: max98090: Reject invalid values in custom control put() (Mark Brown)
hwmon: (f71882fg) Fix negative temperature (Ji-Ze Hong (Peter Hong))
net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe() (Taehee Yoo)
net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending (Guangguan Wang)
s390/lcs: fix variable dereferenced before check (Alexandra Winter)
s390/ctcm: fix potential memory leak (Alexandra Winter)
s390/ctcm: fix variable dereferenced before check (Alexandra Winter)
hwmon: (ltq-cputemp) restrict it to SOC_XWAY (Randy Dunlap)
mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection (Johannes Berg)
netlink: do not reset transport header in netlink_recvmsg() (Eric Dumazet)
ipv4: drop dst in multicast routing path (Lokesh Dhoundiyal)
net: Fix features skip in for_each_netdev_feature() (Tariq Toukan)
batman-adv: Don’t skb_split skbuffs with frag_list (Sven Eckelmann)
Linux 4.14.279 (Greg Kroah-Hartman)
VFS: Fix memory leak caused by concurrently mounting fs with subtype (ChenXiaoSong)
ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock (Takashi Iwai)
mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic() (Muchun Song)
mm: hugetlb: fix missing cache flush in copy_huge_page_from_user() (Muchun Song)
mmc: rtsx: add 74 Clocks in power on flow (Ricky WU)
Bluetooth: Fix the creation of hdev->name (Itay Iellin)
can: grcan: only use the NAPI poll budget for RX (Andreas Larsson)
can: grcan: grcan_probe(): fix broken system id check for errata workaround needs (Andreas Larsson)
block: drbd: drbd_nl: Make conversion to ‘enum drbd_ret_code’ explicit (Lee Jones)
MIPS: Use address-of operator on section symbols (Nathan Chancellor)
Linux 4.14.278 (Greg Kroah-Hartman)
PCI: aardvark: Fix reading MSI interrupt number (Pali Rohar)
PCI: aardvark: Clear all MSIs at setup (Pali Rohar)
dm: interlock pending dm_io and dm_wait_for_bios_completion (Mike Snitzer)
dm: fix mempool NULL pointer race when completing IO (Jiazi Li)
net: ipv6: ensure we call ipv6_mc_down() at most once ([email protected])
kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU (Sandipan Das)
net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter() (Eric Dumazet)
btrfs: always log symlinks in full mode (Filipe Manana)
smsc911x: allow using IRQ0 (Sergey Shtylyov)
net: emaclite: Add error handling for of_address_to_resource() (Shravya Kumbham)
hwmon: (adt7470) Fix warning on module removal (Armin Wolf)
NFC: netlink: fix sleep in atomic bug when firmware download timeout (Duoming Zhou)
nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs (Duoming Zhou)
nfc: replace improper check device_is_registered() in netlink related functions (Duoming Zhou)
can: grcan: use ofdev->dev when allocating DMA memory (Daniel Hellstrom)
can: grcan: grcan_close(): fix deadlock (Duoming Zhou)
ASoC: wm8958: Fix change notifications for DSP controls (Mark Brown)
firewire: core: extend card->lock in fw_core_handle_bus_reset (Niels Dossche)
firewire: remove check of list iterator against head past the loop body (Jakob Koschel)
firewire: fix potential uaf in outbound_phy_packet_callback() (Chengfeng Ye)
Revert ‘SUNRPC: attempt AF_LOCAL connect on setup’ (Trond Myklebust)
ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes (Takashi Sakamoto)
parisc: Merge model and model name into one line in /proc/cpuinfo (Helge Deller)
MIPS: Fix CP0 counter erratum detection for R4k CPUs (Maciej W. Rozycki)
tty: n_gsm: fix incorrect UA handling (Daniel Starke)
tty: n_gsm: fix wrong command frame length field encoding (Daniel Starke)
tty: n_gsm: fix wrong command retry handling (Daniel Starke)
tty: n_gsm: fix missing explicit ldisc flush (Daniel Starke)
tty: n_gsm: fix insufficient txframe size (Daniel Starke)
tty: n_gsm: fix malformed counter for out of frame data (Daniel Starke)
tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2 (Daniel Starke)
drivers: net: hippi: Fix deadlock in rr_close() (Duoming Zhou)
cifs: destage any unwritten data to the server before calling copychunk_write (Ronnie Sahlberg)
x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (Mikulas Patocka)
ASoC: wm8731: Disable the regulator when probing fails (Zheyu Ma)
bnx2x: fix napi API usage sequence (Manish Chopra)
net: bcmgenet: hide status block before TX timestamping (Jonathan Lemon)
clk: sunxi: sun9i-mmc: check return value after calling platform_get_resource() (Yang Yingliang)
bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create() (Christophe JAILLET)
tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT (Eric Dumazet)
ip_gre: Make o_seqno start from 0 in native mode (Peilin Ye)
pinctrl: pistachio: fix use of irq_of_parse_and_map() (Lv Ruyi)
sctp: check asoc strreset_chunk in sctp_generate_reconf_event (Xin Long)
mtd: rawnand: Fix return value check of wait_for_completion_timeout (Miaoqian Lin)
ipvs: correctly print the memory size of ip_vs_conn_tab (Pengcheng Yang)
ARM: dts: Fix mmc order for omap3-gta04 (H. Nikolaus Schaller)
ARM: OMAP2+: Fix refcount leak in omap_gic_of_init (Miaoqian Lin)
phy: samsung: exynos5250-sata: fix missing device put in probe error paths (Krzysztof Kozlowski)
phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe (Miaoqian Lin)
ARM: dts: imx6qdl-apalis: Fix sgtl5000 detection issue (Fabio Estevam)
USB: Fix xhci event ring dequeue pointer ERDP update issue (Weitao Wang)
hex2bin: fix access beyond string end (Mikulas Patocka)
hex2bin: make the function hex_to_bin constant-time (Mikulas Patocka)
serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device (Maciej W. Rozycki)
serial: 8250: Also set sticky MCR bits in console restoration (Maciej W. Rozycki)
usb: gadget: configfs: clear deactivation flag in configfs_composite_unbind() (Vijayavardhan Vennapusa)
usb: gadget: uvc: Fix crash when encoding data for usb request (Dan Vacura)
usb: misc: fix improper handling of refcount in uss720_probe() (Hangyu Hua)
iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on() (Zheyu Ma)
iio: dac: ad5446: Fix read_raw not returning set value (Michael Hennerich)
iio: dac: ad5592r: Fix the missing return value. (Zizhuang Deng)
xhci: stop polling roothubs after shutdown (Henry Lin)
USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions (Daniele Palmas)
USB: serial: option: add support for Cinterion MV32-WA/MV32-WB (Slark Xiao)
USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader (Bruno Thomsen)
USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS (Kees Cook)
USB: quirks: add STRING quirk for VCOM device (Oliver Neukum)
USB: quirks: add a Realtek card reader (Oliver Neukum)
usb: mtu3: fix USB 3.0 dual-role-switch from device to host (Macpaul Lin)
lightnvm: disable the subsystem (Greg Kroah-Hartman)
net/sched: cls_u32: fix netns refcount changes in u32_change() (Eric Dumazet)
hamradio: remove needs_free_netdev to avoid UAF (Lin Ma)
hamradio: defer 6pack kfree after unregister_netdev (Lin Ma)
floppy: disable FDRAWCMD by default (Willy Tarreau)
Linux 4.14.277 (Greg Kroah-Hartman)
ax25: Fix UAF bugs in ax25 timers (Duoming Zhou)
ax25: Fix NULL pointer dereferences in ax25 timers (Duoming Zhou)
ax25: fix NPD bug in ax25_disconnect (Duoming Zhou)
ax25: fix UAF bug in ax25_send_control() (Duoming Zhou)
ax25: Fix refcount leaks caused by ax25_cb_del() (Duoming Zhou)
ax25: fix UAF bugs of net_device caused by rebinding operation (Duoming Zhou)
ax25: fix reference count leaks of ax25_dev (Duoming Zhou)
ax25: add refcount in ax25_dev to avoid UAF bugs (Duoming Zhou)
block/compat_ioctl: fix range check in BLKGETSIZE (Khazhismel Kumykov)
staging: ion: Prevent incorrect reference counting behavour (Lee Jones)
ext4: force overhead calculation if the s_overhead_cluster makes no sense (Theodore Ts’o)
ext4: fix overhead calculation to account for the reserved gdt blocks (Theodore Ts’o)
ext4: limit length to bitmap_maxbytes - blocksize in punch_hole (Tadeusz Struk)
ext4: fix symlink file size not match to file content (Ye Bin)
ARC: entry: fix syscall_trace_exit argument (Sergey Matyukevich)
e1000e: Fix possible overflow in LTR decoding (Sasha Neftin)
ASoC: soc-dapm: fix two incorrect uses of list iterator (Xiaomeng Tong)
openvswitch: fix OOB access in reserve_sfa_size() (Paolo Valerio)
powerpc/perf: Fix power9 event alternatives (Athira Rajeev)
dma: at_xdmac: fix a missing check on list iterator (Xiaomeng Tong)
ata: pata_marvell: Check the ‘bmdma_addr’ beforing reading (Zheyu Ma)
stat: fix inconsistency between struct stat and struct compat_stat (Mikulas Patocka)
net: macb: Restart tx only if queue pointer is lagging (Tomas Melin)
drm/msm/mdp5: check the return of kzalloc() (Xiaoke Wang)
brcmfmac: sdio: Fix undefined behavior due to shift overflowing the constant (Borislav Petkov)
cifs: Check the IOCB_DIRECT flag, not O_DIRECT (David Howells)
vxlan: fix error return code in vxlan_fdb_append (Hongbin Wang)
ALSA: usb-audio: Fix undefined behavior due to shift overflowing the constant (Borislav Petkov)
platform/x86: samsung-laptop: Fix an unsigned comparison which can never be negative (Jiapeng Chong)
ARM: vexpress/spc: Avoid negative array index when !SMP (Kees Cook)
netlink: reset network and mac headers in netlink_dump() (Eric Dumazet)
net/packet: fix packet_sock xmit return value checking (Hangbin Liu)
dmaengine: imx-sdma: Fix error checking in sdma_event_remap (Miaoqian Lin)
tcp: Fix potential use-after-free due to double kfree() (Kuniyuki Iwashima)
tcp: fix race condition when creating child sockets from syncookies (Ricardo Dias)
ALSA: usb-audio: Clear MIDI port active flag after draining (Takashi Iwai)
gfs2: assign rgrp glock before compute_bitstructs (Bob Peterson)
can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path (Hangyu Hua)
tracing: Dump stacktrace trigger to the corresponding instance (Daniel Bristot de Oliveira)
tracing: Have traceon and traceoff trigger honor the instance (Steven Rostedt (Google))
mm: page_alloc: fix building error on -Werror=array-compare (Xiongwei Song)
etherdevice: Adjust ether_addr* prototypes to silence -Wstringop-overead (Kees Cook)

OSVersionArchitecturePackageVersionFilename
oracle linux7srckernel-uek-container< 4.14.35-2047.515.3.el7kernel-uek-container-4.14.35-2047.515.3.el7.src.rpm
oracle linux7x86_64kernel-uek-container< 4.14.35-2047.515.3.el7kernel-uek-container-4.14.35-2047.515.3.el7.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	7	src	kernel-uek-container	< 4.14.35-2047.515.3.el7	kernel-uek-container-4.14.35-2047.515.3.el7.src.rpm
oracle linux	7	x86_64	kernel-uek-container	< 4.14.35-2047.515.3.el7	kernel-uek-container-4.14.35-2047.515.3.el7.x86_64.rpm