Unbreakable Enterprise kernel-container security update

2024-08-1200:00:00

linux.oracle.com

loop fix x86/bhi mitigation wifi wilc1000 net/mlx5e ethernet frames uek6 ol8 bluetooth l2cap ipset syntax fix rds/ib ib_rx_total_incs drm/exynos hdmi rds/rdma pci lts trust initial offset io_uring nfs s390 ext4 sparc xsk kdb console handling cpu support 9p ipv6 route ecrdsa kvm aarch32 videodev_lock mxl5xx arm64 dts wifi rtl8xxxu acpi pata_legacy amdgpu lgdt3306a f2fs vsyscall nilfs2 afs mmc core binder sunrpc

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.001

Percentile

43.7%

JSON

[5.4.17-2136.334.6.el7]

loop: Fix a race between loop detach and loop open (Gulam Mohamed) [Orabug: 36197800]
x86/bhi: Do not enable unnecessary BHI mitigation in OCI and Exadata VMs (Alexandre Chartre) [Orabug: 36672495]
x86/bhi: Avoid warning in #DB handler due to BHI mitigation (Alexandre Chartre) [Orabug: 36642472]
wifi: wilc1000: fix ies_len type in connect path (Jozef Hopko)
net/mlx5e: drop shorter ethernet frames (Manjunath Patil) [Orabug: 36879157] {CVE-2024-41090} {CVE-2024-41091}
[5.4.17-2136.334.5.el7]
Fix incorrect syntax in UEK6 OL8 kernel-uek.spec (Sherry Yang) [Orabug: 36847358]
rds/ib: decrement ib_rx_total_incs after releasing associated cache (Arumugam Kolappan) [Orabug: 36722026]
[5.4.17-2136.334.4.el7]
Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (Luiz Augusto von Dentz)
netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Jozsef Kadlecsik)
drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (Marek Szyprowski)
[5.4.17-2136.334.3.el7]
rds/rdma: Send info to userspace, even if connnection is down. (Juan Garcia) [Orabug: 36529562]
pci: add hotplug patch support for SOLIDIGM Aura10 AIC 0x025e:0x0b60 (Alan Adamson) [Orabug: 36762919]
[5.4.17-2136.334.2.el7]
LTS tag: v5.4.278 (Alok Tiwari)
x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (Daniel J Blueman)
io_uring: fail NOP if non-zero op flags is passed in (Ming Lei)
nfs: fix undefined behavior in nfs_block_bits() (Sergey Shtylyov)
s390/ap: Fix crash in AP internal function modify_bitmap() (Harald Freudenberger)
ext4: fix mb_cache_entry’s e_refcnt leak in ext4_xattr_block_cache_find() (Baokun Li)
sparc: move struct termio to asm/termios.h (Mike Gilbert)
xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (Eric Dumazet)
net: fix __dst_negative_advice() race (Eric Dumazet)
kdb: Use format-specifiers rather than memset() for padding in kdb_read() (Daniel Thompson)
kdb: Merge identical case statements in kdb_read() (Daniel Thompson)
kdb: Fix console handling when editing and tab-completing commands (Daniel Thompson)
kdb: Use format-strings rather than ‘\0’ injection in kdb_read() (Daniel Thompson)
kdb: Fix buffer overflow during tab-complete (Daniel Thompson)
sparc64: Fix number of online CPUs (Sam Ravnborg)
intel_th: pci: Add Meteor Lake-S CPU support (Alexander Shishkin)
net/9p: fix uninit-value in p9_client_rpc() (Nikita Zhandarovich)
net/ipv6: Fix route deleting failure when metric equals 0 (xu xin)
crypto: ecrdsa - Fix module auto-load on add_key (Vitaly Chikunov)
KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode (Marc Zyngier)
media: v4l2-core: hold videodev_lock until dev reg, finishes (Hans Verkuil)
media: mxl5xx: Move xpt structures off stack (Nathan Chancellor)
media: mc: mark the media devnode as registered from the, start (Hans Verkuil)
arm64: dts: hi3798cv200: fix the size of GICR (Yang Xiwen)
wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (Bitterblue Smith)
arm64: tegra: Correct Tegra132 I2C alias (Krzysztof Kozlowski)
ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (Christoffer Sandberg)
ata: pata_legacy: make legacy_exit() work again (Sergey Shtylyov)
drm/amdgpu: add error handle to avoid out-of-bounds (Bob Zhou)
media: lgdt3306a: Add a check against null-pointer-def (Zheyu Ma)
f2fs: fix to do sanity check on i_xattr_nid in sanity_check_inode() (Chao Yu)
x86/mm: Remove broken vsyscall emulation code from the page fault code (Linus Torvalds)
nilfs2: fix use-after-free of timer for log writer thread (Ryusuke Konishi)
afs: Don’t cross .backup mountpoint from backup volume (Marc Dionne)
mmc: core: Do not force a retune before RPMB switch (Jorge Ramirez-Ortiz)
binder: fix max_thread type inconsistency (Carlos Llamas)
SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (Chuck Lever)
ALSA: timer: Set lower bound of start tick time (Takashi Iwai)
ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound (Yue Haibing)
spi: stm32: Don’t warn about spurious interrupts (Uwe Kleine-Konig)
kconfig: fix comparison to constant symbols, ‘m’, ‘n’ (Masahiro Yamada)
netfilter: tproxy: bail out if IP has been disabled on the device (Florian Westphal)
net:fec: Add fec_enet_deinit() (Xiaolei Wang)
net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (Parthiban Veerasooran)
smsc95xx: use usbnet->driver_priv (Andre Edich)
smsc95xx: remove redundant function arguments (Andre Edich)
enic: Validate length of nl attributes in enic_set_vf_port (Roded Zats)
dma-buf/sw-sync: don’t enable IRQ from sync_print_obj() (Tetsuo Handa)
net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion (Carolina Jubran)
nvmet: fix ns enable/disable possible hang (Sagi Grimberg)
spi: Don’t mark message DMA mapped when no transfer in it is (Andy Shevchenko)
netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() (Eric Dumazet)
net: fec: avoid lock evasion when reading pps_enable (Wei Fang)
virtio: delete vq in vp_find_vqs_msix() when request_irq() fails (Jiri Pirko)
arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (Jiangfeng Xiao)
openvswitch: Set the skbuff pkt_type for proper pmtud support. (Aaron Conole)
tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). (Kuniyuki Iwashima)
params: lift param_set_uint_minmax to common code (Sagi Grimberg)
ipv6: sr: fix memleak in seg6_hmac_init_algo (Hangbin Liu)
sunrpc: fix NFSACL RPC retry on soft mount (Dan Aloni)
x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y (Masahiro Yamada)
null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (Zhu Yanjun)
media: cec: cec-api: add locking in cec_release() (Hans Verkuil)
media: cec: cec-adap: always cancel work in cec_transmit_msg_fh (Hans Verkuil)
um: Fix the -Wmissing-prototypes warning for __switch_mm (Tiwei Bie)
powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (Shrikanth Hegde)
scsi: qla2xxx: Replace all non-returning strlcpy() with strscpy() (Azeem Shaikh)
media: stk1160: fix bounds checking in stk1160_copy_video() (Dan Carpenter)
um: Add winch to winch_handlers before registering winch IRQ (Roberto Sassu)
um: Fix return value in ubd_init() (Duoming Zhou)
drm/msm/dpu: Always flush the slave INTF on the CTL (Marijn Suijten)
Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (Fenglin Wu)
Input: ims-pcu - fix printf string overflow (Arnd Bergmann)
libsubcmd: Fix parse-options memory leak (Ian Rogers)
serial: sh-sci: protect invalidating RXDMA on shutdown (Wolfram Sang)
f2fs: fix to release node block count in error path of f2fs_new_node_page() (Chao Yu)
extcon: max8997: select IRQ_DOMAIN instead of depending on it (Randy Dunlap)
ppdev: Add an error check in register_device (Huai-Yuan Liu)
ppdev: Remove usage of the deprecated ida_simple_xx() API (Christophe JAILLET)
stm class: Fix a double free in stm_register_device() (Dan Carpenter)
usb: gadget: u_audio: Clear uac pointer when freed. (Chris Wulff)
microblaze: Remove early printk call from cpuinfo-static.c (Michal Simek)
microblaze: Remove gcc flag for non existing early_printk.c file (Michal Simek)
iio: pressure: dps310: support negative temperature values (Thomas Haemmerle)
greybus: arche-ctrl: move device table to its right location (Arnd Bergmann)
serial: max3100: Fix bitwise types (Andy Shevchenko)
serial: max3100: Update uart_driver_registered on driver removal (Andy Shevchenko)
serial: max3100: Lock port->lock when calling uart_handle_cts_change() (Andy Shevchenko)
firmware: dmi-id: add a release callback function (Arnd Bergmann)
dmaengine: idma64: Add check for dma_set_max_seg_size (Chen Ni)
soundwire: cadence: fix invalid PDI offset (Pierre-Louis Bossart)
soundwire: cadence_master: improve PDI allocation (Bard Liao)
soundwire: intel: don’t filter out PDI0/1 (Pierre-Louis Bossart)
soundwire: cadence/intel: simplify PDI/port mapping (Pierre-Louis Bossart)
greybus: lights: check return of get_channel_from_mode (Rui Miguel Silva)
sched/fair: Allow disabling sched_balance_newidle with sched_relax_domain_level (Vitalii Bursov)
af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (Eric Dumazet)
netrom: fix possible dead-lock in nr_rt_ioctl() (Eric Dumazet)
RDMA/IPoIB: Fix format truncation compilation errors (Leon Romanovsky)
selftests/kcmp: remove unused open mode (Edward Liaw)
selftests/kcmp: Make the test output consistent and clear (Gautam Menghani)
SUNRPC: Fix gss_free_in_token_pages() (Chuck Lever)
sunrpc: removed redundant procp check (Aleksandr Aprelkov)
ext4: avoid excessive credit estimate in ext4_tmpfile() (Jan Kara)
x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (Adrian Hunter)
RDMA/hns: Use complete parentheses in macros (Chengchang Tang)
drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (Marek Vasut)
ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (Steven Rostedt)
drm/arm/malidp: fix a possible null pointer dereference (Huai-Yuan Liu)
fbdev: sh7760fb: allow modular build (Randy Dunlap)
platform/x86: wmi: Make two functions static (YueHaibing)
media: radio-shark2: Avoid led_names truncations (Ricardo Ribalda)
media: ngene: Add dvb_ca_en50221_init return value check (Aleksandr Burakov)
fbdev: sisfb: hide unused variables (Arnd Bergmann)
powerpc/fsl-soc: hide unused const variable (Arnd Bergmann)
drm/mediatek: Add 0 size check to mtk_drm_gem_obj (Justin Green)
fbdev: shmobile: fix snprintf truncation (Arnd Bergmann)
mtd: rawnand: hynix: fixed typo (Maxim Korotkov)
drm/amd/display: Fix potential index out of bounds in color transformation function (Srinivasan Shanmugam)
ipv6: sr: fix invalid unregister error path (Hangbin Liu)
ipv6: sr: add missing seg6_local_exit (Hangbin Liu)
net: openvswitch: fix overwriting ct original tuple for ICMPv6 (Ilya Maximets)
net: usb: smsc95xx: stop lying about skb->truesize (Eric Dumazet)
af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (Breno Leitao)
net: ethernet: cortina: Locking fixes (Linus Walleij)
m68k: mac: Fix reboot hang on Mac IIci (Finn Thain)
m68k: Fix spinlock race in kernel thread creation (Michael Schmitz)
net: usb: sr9700: stop lying about skb->truesize (Eric Dumazet)
usb: aqc111: stop lying about skb->truesize (Eric Dumazet)
wifi: mwl8k: initialize cmd->addr[] properly (Dan Carpenter)
scsi: qedf: Ensure the copied buf is NUL terminated (Bui Quang Minh)
scsi: bfa: Ensure the copied buf is NUL terminated (Bui Quang Minh)
HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (Chen Ni)
Revert ‘sh: Handle calling csum_partial with misaligned data’ (Guenter Roeck)
sh: kprobes: Merge arch_copy_kprobe() into arch_prepare_kprobe() (Geert Uytterhoeven)
wifi: ar5523: enable proper endpoint verification (Nikita Zhandarovich)
wifi: carl9170: add a proper sanity check for endpoints (Nikita Zhandarovich)
macintosh/via-macii: Fix ‘BUG: sleeping function called from invalid context’ (Finn Thain)
tcp: avoid premature drops in tcp_add_backlog() (Eric Dumazet)
tcp: fix a signed-integer-overflow bug in tcp_add_backlog() (Lu Wei)
tcp: minor optimization in tcp_add_backlog() (Eric Dumazet)
wifi: ath10k: populate board data for WCN3990 (Dmitry Baryshkov)
wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (Su Hui)
x86/purgatory: Switch to the position-independent small code model (Ard Biesheuvel)
scsi: hpsa: Fix allocation size for Scsi_Host private data (Yuri Karpov)
scsi: libsas: Fix the failure of adding phy with zero-address to port (Xingui Yang)
cpufreq: exit() callback is optional (Viresh Kumar)
cpufreq: Rearrange locking in cpufreq_remove_dev() (Rafael J. Wysocki)
cpufreq: Split cpufreq_offline() (Rafael J. Wysocki)
cpufreq: Reorganize checks in cpufreq_offline() (Rafael J. Wysocki)
ACPI: disable -Wstringop-truncation (Arnd Bergmann)
irqchip/alpine-msi: Fix off-by-one in allocation error path (Zenghui Yu)
scsi: ufs: core: Perform read back after disabling UIC_COMMAND_COMPL (Andrew Halaney)
scsi: ufs: core: Perform read back after disabling interrupts (Andrew Halaney)
scsi: ufs: cdns-pltfrm: Perform read back after writing HCLKDIV (Andrew Halaney)
scsi: ufs: qcom: Perform read back after writing reset bit (Andrew Halaney)
qed: avoid truncating work queue length (Arnd Bergmann)
wifi: ath10k: poll service ready message before failing (Baochen Qiang)
md: fix resync softlockup when bitmap size is less than array size (Yu Kuai)
null_blk: Fix missing mutex_destroy() at module removal (Zhu Yanjun)
jffs2: prevent xattr node from overflowing the eraseblock (Ilya Denisyev)
s390/cio: fix tracepoint subchannel type field (Peter Oberparleiter)
crypto: ccp - drop platform ifdef checks (Arnd Bergmann)
parisc: add missing export of __cmpxchg_u8() (Al Viro)
nilfs2: fix out-of-range warning (Arnd Bergmann)
ecryptfs: Fix buffer size for tag 66 packet (Brian Kubisiak)
firmware: raspberrypi: Use correct device for DMA mappings (Laurent Pinchart)
crypto: bcm - Fix pointer arithmetic (Aleksandr Mishin)
openpromfs: finish conversion to the new mount API (Eric Sandeen)
nvme: find numa distance only if controller has valid numa id (Nilay Shroff)
drm/amdkfd: Flush the process wq before creating a kfd_process (Lancelot SIX)
ASoC: da7219-aad: fix usage of device_get_named_child_node() (Pierre-Louis Bossart)
ASoC: dt-bindings: rt5645: add cbj sleeve gpio property (Derek Fang)
ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (Derek Fang)
drm/amd/display: Set color_mgmt_changed to true on unsuspend (Joshua Ashton)
net: usb: qmi_wwan: add Telit FN920C04 compositions (Daniele Palmas)
wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (Igor Artemiev)
nilfs2: fix potential hang in nilfs_detach_log_writer() (Ryusuke Konishi)
nilfs2: fix unexpected freezing of nilfs_segctor_sync() (Ryusuke Konishi)
net: smc91x: Fix m68k kernel compilation for ColdFire CPU (Thorsten Blum)
ring-buffer: Fix a race between readers and resize checks (Petr Pavlu)
tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Daniel Starke)
[5.4.17-2136.334.1.el7]
rds/rdma: Track rds_message in send, retrans and recv queue (Juan Garcia) [Orabug: 36529583]
xfs: make sure sb_fdblocks is non-negative (Wengang Wang) [Orabug: 36596998]
xfs: fix sb write verify for lazysbcount (Long Li) [Orabug: 36596998]
rds/rdma: Clear rds_info_socket before use (Juan Garcia) [Orabug: 36613125]

OSVersionArchitecturePackageVersionFilename
oracle linux7srckernel-uek-container< 5.4.17-2136.334.6.el7kernel-uek-container-5.4.17-2136.334.6.el7.src.rpm
oracle linux7x86_64kernel-uek-container< 5.4.17-2136.334.6.el7kernel-uek-container-5.4.17-2136.334.6.el7.x86_64.rpm
oracle linux7x86_64kernel-uek-container-debug< 5.4.17-2136.334.6.el7kernel-uek-container-debug-5.4.17-2136.334.6.el7.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	7	src	kernel-uek-container	< 5.4.17-2136.334.6.el7	kernel-uek-container-5.4.17-2136.334.6.el7.src.rpm
oracle linux	7	x86_64	kernel-uek-container	< 5.4.17-2136.334.6.el7	kernel-uek-container-5.4.17-2136.334.6.el7.x86_64.rpm
oracle linux	7	x86_64	kernel-uek-container-debug	< 5.4.17-2136.334.6.el7	kernel-uek-container-debug-5.4.17-2136.334.6.el7.x86_64.rpm