Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2024-12151)

critical Nessus Plugin ID 190434

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12151 advisory.

[5.4.17-2136.328.3]
- IB/cm: Cancel mad on the DREQ event when the state is MRA_REP_RCVD (Mark Zhang) [Orabug: 36143228]
- KSPLICE: make sure the stack is zeroed. (Gregory Herrero) [Orabug: 36154654]
- sched/fair: Fix tg->load when offlining a CPU (Vincent Guittot) [Orabug: 36185207]
- i2c: core: Fix atomic xfer check for non-preempt config (Benjamin Bara)
- net: Save and restore msg_namelen in sock_sendmsg (Marc Dionne)

[5.4.17-2136.328.2]
- LTS tag: v5.4.266 (Sherry Yang)
- block: Don't invalidate pagecache for invalid falloc modes (Sarthak Kukreti)
- smb: client: fix OOB in smbCalcSize() (Paulo Alcantara)
- usb: fotg210-hcd: delete an incorrect bounds test (Dan Carpenter)
- x86/alternatives: Sync core before enabling interrupts (Thomas Gleixner)
- net: rfkill: gpio: set GPIO direction (Rouven Czerwinski)
- net: 9p: avoid freeing uninit memory in p9pdu_vreadf (Fedor Pchelkin)
- Bluetooth: hci_event: Fix not checking if HCI_OP_INQUIRY has been sent (Luiz Augusto von Dentz)
- USB: serial: option: add Quectel RM500Q R13 firmware support (Reinhard Speyerer)
- USB: serial: option: add Foxconn T99W265 with new baseline (Slark Xiao)
- USB: serial: option: add Quectel EG912Y module support (Alper Ak)
- USB: serial: ftdi_sio: update Actisense PIDs constant names (Mark Glover)
- wifi: cfg80211: fix certs build to not depend on file order (Johannes Berg)
- wifi: cfg80211: Add my certificate (Chen-Yu Tsai)
- iio: adc: ti_am335x_adc: Fix return value check of tiadc_request_dma() (Wadim Egorov)
- iio: common: ms_sensors: ms_sensors_i2c: fix humidity conversion time table (Javier Carrasco)
- scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (Wei Yongjun)
- Input: ipaq-micro-keys - add error handling for devm_kmemdup (Haoran Liu)
- iio: imu: inv_mpu6050: fix an error code problem in inv_mpu6050_read_raw (Su Hui)
- interconnect: Treat xlate() returning NULL node as an error (Mike Tipton)
- btrfs: do not allow non subvolume root targets for snapshot (Josef Bacik)
- smb: client: fix NULL deref in asn1_ber_decoder() (Paulo Alcantara)
- ALSA: hda/hdmi: add force-connect quirk for NUC5CPYB (Kai Vehmanen)
- ALSA: hda/hdmi: Add quirk to force pin connectivity on NUC10 (Kai Vehmanen)
- pinctrl: at91-pio4: use dedicated lock class for IRQ (Alexis Lothore)
- i2c: aspeed: Handle the coalesced stop conditions with the start conditions. (Quan Nguyen)
- afs: Fix overwriting of result of DNS query (David Howells)
- net: check dev->gso_max_size in gso_features_check() (Eric Dumazet)
- net: warn if gso_type isn't set for a GSO SKB (Heiner Kallweit)
- afs: Fix dynamic root lookup DNS check (David Howells)
- afs: Fix the dynamic root's d_delete to always delete unused dentries (David Howells)
- net: check vlan filter feature in vlan_vids_add_by_dev() and vlan_vids_del_by_dev() (Liu Jian)
- net/rose: fix races in rose_kill_by_device() (Eric Dumazet)
- ethernet: atheros: fix a memleak in atl1e_setup_ring_resources (Zhipeng Lu)
- net: sched: ife: fix potential use-after-free (Eric Dumazet)
- net/mlx5e: Correct snprintf truncation handling for fw_version buffer used by representors (Rahul Rameshbabu)
- net/mlx5: Fix fw tracer first block check (Moshe Shemesh)
- net/mlx5: improve some comments (Hu Haowen)
- Revert 'net/mlx5e: fix double free of encap_header' (Vlad Buslov)
- wifi: mac80211: mesh_plink: fix matches_local logic (Johannes Berg)
- s390/vx: fix save/restore of fpu kernel context (Heiko Carstens)
- reset: Fix crash when freeing non-existent optional resets (Geert Uytterhoeven)
- ARM: OMAP2+: Fix null pointer dereference and memory leak in omap_soc_device_init (Kunwu Chan)
- ksmbd: fix wrong name of SMB2_CREATE_ALLOCATION_SIZE (Namjae Jeon)
- ALSA: hda/realtek: Enable headset on Lenovo M90 Gen5 (Bin Li)
- LTS tag: v5.4.265 (Sherry Yang)
- powerpc/ftrace: Fix stack teardown in ftrace_no_trace (Naveen N Rao)
- powerpc/ftrace: Create a dummy stackframe to fix stack unwind (Naveen N Rao)
- mmc: block: Be sure to wait while busy in CQE error recovery (Adrian Hunter)
- ring-buffer: Fix memory leak of free page (Steven Rostedt (Google))
- team: Fix use-after-free when an option instance allocation fails (Florent Revest)
- arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify (James Houghton)
- ext4: prevent the normalized size from exceeding EXT_MAX_BLOCKS (Baokun Li)
- soundwire: stream: fix NULL pointer dereference for multi_link (Krzysztof Kozlowski)
- HID: hid-asus: add const to read-only outgoing usb buffer (Denis Benato)
- net: usb: qmi_wwan: claim interface 4 for ZTE MF290 (Lech Perczak)
- asm-generic: qspinlock: fix queued_spin_value_unlocked() implementation (Linus Torvalds)
- HID: multitouch: Add quirk for HONOR GLO-GXXX touchpad (Aoba K)
- HID: hid-asus: reset the backlight brightness level on resume (Denis Benato)
- HID: add ALWAYS_POLL quirk for Apple kb (Oliver Neukum)
- platform/x86: intel_telemetry: Fix kernel doc descriptions (Andy Shevchenko)
- bcache: avoid NULL checking to c->root in run_cache_set() (Coly Li)
- bcache: add code comments for bch_btree_node_get() and __bch_btree_node_alloc() (Coly Li)
- bcache: avoid oversize memory allocation by small stripe_size (Coly Li)
- blk-throttle: fix lockdep warning of 'cgroup_mutex or RCU read lock required!' (Ming Lei)
- usb: aqc111: check packet for fixup for true limit (Oliver Neukum)
- ALSA: hda/hdmi: add force-connect quirks for ASUSTeK Z170 variants (Kai Vehmanen)
- appletalk: Fix Use-After-Free in atalk_ioctl (Hyunwoo Kim)
- net: stmmac: Handle disabled MDIO busses from devicetree (Andrew Halaney)
- net: stmmac: use dev_err_probe() for reporting mdio bus registration failure (Rasmus Villemoes)
- vsock/virtio: Fix unsigned integer wrap around in virtio_transport_has_space() (Nikolay Kuratov)
- sign-file: Fix incorrect return values check (Yusong Gao)
- net: Remove acked SYN flag from packet in the transmit queue correctly (Dong Chenchen)
- qed: Fix a potential use-after-free in qed_cxt_tables_alloc (Dinghao Liu)
- net/rose: Fix Use-After-Free in rose_ioctl (Hyunwoo Kim)
- atm: Fix Use-After-Free in do_vcc_ioctl (Hyunwoo Kim)
- atm: solos-pci: Fix potential deadlock on &tx_queue_lock (Chengfeng Ye)
- atm: solos-pci: Fix potential deadlock on &cli_queue_lock (Chengfeng Ye)
- qca_spi: Fix reset behavior (Stefan Wahren)
- qca_debug: Fix ethtool -G iface tx behavior (Stefan Wahren)
- qca_debug: Prevent crash on TX ring changes (Stefan Wahren)
- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (Maciej Zenczykowski)
- afs: Fix refcount underflow from error handling race (David Howells)
- LTS tag: v5.4.264 (Sherry Yang)
- devcoredump: Send uevent once devcd is ready (Mukesh Ojha)
- devcoredump : Serialize devcd_del work (Mukesh Ojha)
- smb: client: fix potential NULL deref in parse_dfs_referrals() (Paulo Alcantara)
- cifs: Fix non-availability of dedup breaking generic/304 (David Howells)
- Revert 'btrfs: add dmesg output for first mount and last unmount of a filesystem' (Greg Kroah-Hartman)
- drop_monitor: Require 'CAP_SYS_ADMIN' when joining 'events' group (Ido Schimmel)
- psample: Require 'CAP_NET_ADMIN' when joining 'packets' group (Ido Schimmel)
- genetlink: add CAP_NET_ADMIN test for multicast bind (Ido Schimmel)
- netlink: don't call ->netlink_bind with table lock held (Ido Schimmel)
- io_uring/af_unix: disable sending io_uring over sockets (Pavel Begunkov)
- nilfs2: fix missing error check for sb_set_blocksize call (Ryusuke Konishi)
- KVM: s390/mm: Properly reset no-dat (Claudio Imbrenda)
- x86/CPU/AMD: Check vendor in the AMD microcode callback (Borislav Petkov (AMD))
- serial: 8250_omap: Add earlycon support for the AM654 UART controller (Ronald Wahl)
- serial: sc16is7xx: address RX timeout interrupt errata (Daniel Mack)
- ARM: PL011: Fix DMA support (Arnd Bergmann)
- usb: typec: class: fix typec_altmode_put_partner to put plugs (RD Babiera)
- parport: Add support for Brainboxes IX/UC/PX parallel cards (Cameron Williams)
- usb: gadget: f_hid: fix report descriptor allocation (Konstantin Aladyshev)
- mmc: sdhci-sprd: Fix vqmmc not shutting down after the card was pulled (Wenchao Chen)
- mmc: core: add helpers mmc_regulator_enable/disable_vqmmc (Heiner Kallweit)
- gpiolib: sysfs: Fix error handling on failed export (Boerge Struempfel)
- arm64: dts: mediatek: mt8173-evb: Fix regulator-fixed node names (AngeloGioacchino Del Regno)
- arm64: dts: mediatek: mt7622: fix memory node warning check (Eugen Hristev)
- packet: Move reference count in packet_sock to atomic_long_t (Daniel Borkmann)
- tracing: Fix a possible race when disabling buffered events (Petr Pavlu)
- tracing: Fix incomplete locking when disabling buffered events (Petr Pavlu)
- tracing: Always update snapshot buffer size (Steven Rostedt (Google))
- nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage() (Ryusuke Konishi)
- ALSA: pcm: fix out-of-bounds in snd_pcm_state_names (Jason Zhang)
- ARM: dts: imx7: Declare timers compatible with fsl,imx6dl-gpt (Philipp Zabel)
- ARM: dts: imx: make gpt node name generic (Anson Huang)
- ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init (Kunwu Chan)
- scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() (Dinghao Liu)
- tracing: Fix a warning when allocating buffered events fails (Petr Pavlu)
- ASoC: wm_adsp: fix memleak in wm_adsp_buffer_populate (Dinghao Liu)
- hwmon: (acpi_power_meter) Fix 4.29 MW bug (Armin Wolf)
- RDMA/bnxt_re: Correct module description string (Kalesh AP)
- bpf: sockmap, updating the sg structure should also update curr (John Fastabend)
- tcp: do not accept ACK of bytes we never sent (Eric Dumazet)
- netfilter: xt_owner: Fix for unsafe access of sk->sk_socket (Phil Sutter)
- net: hns: fix fake link up on xge port (Yonglong Liu)
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (Shigeru Yoshida)
- arcnet: restoring support for multiple Sohard Arcnet cards (Thomas Reichinger)
- net: arcnet: com20020 fix error handling (Tong Zhang)
- net: arcnet: Fix RESET flag handling (Ahmed S. Darwish)
- hv_netvsc: rndis_filter needs to select NLS (Randy Dunlap)
- ipv6: fix potential NULL deref in fib6_add() (Eric Dumazet)
- of: dynamic: Fix of_reconfig_get_state_change() return value documentation (Luca Ceresoli)
- of: Add missing 'Return' section in kerneldoc comments (Rob Herring)
- of: Fix kerneldoc output formatting (Rob Herring)
- of: base: Fix some formatting issues and provide missing descriptions (Lee Jones)
- of/irq: Make of_msi_map_rid() PCI bus agnostic (Lorenzo Pieralisi)
- of/irq: make of_msi_map_get_device_domain() bus agnostic (Diana Craciun)
- of/iommu: Make of_map_rid() PCI agnostic (Lorenzo Pieralisi)
- ACPI/IORT: Make iort_msi_map_rid() PCI agnostic (Lorenzo Pieralisi)
- ACPI/IORT: Make iort_get_device_domain IRQ domain agnostic (Lorenzo Pieralisi)
- of: base: Add of_get_cpu_state_node() to get idle states for a CPU node (Ulf Hansson)
- drm/amdgpu: correct chunk_ptr to a pointer to chunk. (YuanShang)
- kconfig: fix memory leak from range properties (Masahiro Yamada)
- tg3: Increment tx_dropped in tg3_tso_bug() (Alex Pakhunov)
- tg3: Move the [rt]x_dropped counters to tg3_napi (Alex Pakhunov)
- netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test (Jozsef Kadlecsik)
- LTS tag: v5.4.263 (Sherry Yang)
- mmc: block: Retry commands in CQE error recovery (Adrian Hunter)
- mmc: core: convert comma to semicolon (Zheng Yongjun)
- mmc: cqhci: Fix task clearing in CQE error recovery (Adrian Hunter)
- mmc: cqhci: Warn of halt or task clear failure (Adrian Hunter)
- mmc: cqhci: Increase recovery halt timeout (Adrian Hunter)
- cpufreq: imx6q: Don't disable 792 Mhz OPP unnecessarily (Christoph Niedermaier)
- cpufreq: imx6q: don't warn for disabling a non-existing frequency (Christoph Niedermaier)
- scsi: qla2xxx: Fix system crash due to bad pointer access (Quinn Tran)
- scsi: qla2xxx: Use scsi_cmd_to_rq() instead of scsi_cmnd.request (Bart Van Assche)
- scsi: core: Introduce the scsi_cmd_to_rq() function (Bart Van Assche)
- ima: detect changes to the backing overlay file (Mimi Zohar)
- ovl: skip overlayfs superblocks at global sync (Konstantin Khlebnikov)
- ima: annotate iint mutex to avoid lockdep false positive warnings (Amir Goldstein)
- fbdev: stifb: Make the STI next font pointer a 32-bit signed offset (Helge Deller)
- mtd: cfi_cmdset_0001: Byte swap OTP info (Linus Walleij)
- mtd: cfi_cmdset_0001: Support the absence of protection registers (Jean-Philippe Brucker)
- s390/cmma: fix detection of DAT pages (Heiko Carstens)
- s390/mm: fix phys vs virt confusion in mark_kernel_pXd() functions family (Alexander Gordeev)
- smb3: fix touch -h of symlink (Steve French)
- net: ravb: Start TX queues after HW initialization succeeded (Claudiu Beznea)
- net: ravb: Use pm_runtime_resume_and_get() (Claudiu Beznea)
- ravb: Fix races between ravb_tx_timeout_work() and net related ops (Yoshihiro Shimoda)
- net: stmmac: xgmac: Disable FPE MMC interrupts (Furong Xu)
- ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet (Zhengchao Shao)
- Input: xpad - add HyperX Clutch Gladiate Support (Max Nguyen)
- btrfs: make error messages more clear when getting a chunk map (Filipe Manana)
- btrfs: send: ensure send_fd is writable (Jann Horn)
- btrfs: fix off-by-one when checking chunk map includes logical address (Filipe Manana)
- btrfs: add dmesg output for first mount and last unmount of a filesystem (Qu Wenruo)
- powerpc: Don't clobber f0/vs0 during fp|altivec register save (Timothy Pearson)
- bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (Markus Weippert)
- dm verity: don't perform FEC for failed readahead IO (Wu Bo)
- dm-verity: align struct dm_verity_fec_io properly (Mikulas Patocka)
- ALSA: hda/realtek: Add supported ALC257 for ChromeOS (Kailang Yang)
- ALSA: hda/realtek: Headset Mic VREF to 100% (Kailang Yang)
- ALSA: hda: Disable power-save on KONTRON SinglePC (Takashi Iwai)
- mmc: block: Do not lose cache flush during CQE error recovery (Adrian Hunter)
- firewire: core: fix possible memory leak in create_units() (Yang Yingliang)
- pinctrl: avoid reload of p state in list iteration (Maria Yu)
- io_uring: fix off-by one bvec index (Keith Busch)
- USB: dwc3: qcom: fix wakeup after probe deferral (Johan Hovold)
- USB: dwc3: qcom: fix resource leaks on probe deferral (Johan Hovold)
- usb: dwc3: set the dma max_seg_size (Ricardo Ribalda)
- USB: dwc2: write HCINT with INTMASK applied (Oliver Neukum)
- USB: serial: option: don't claim interface 4 for ZTE MF290 (Lech Perczak)
- USB: serial: option: fix FM101R-GL defines (Puliang Lu)
- USB: serial: option: add Fibocom L7xx modules (Victor Fragoso)
- bcache: prevent potential division by zero error (Rand Deeb)
- bcache: check return value from btree_node_alloc_replacement() (Coly Li)
- dm-delay: fix a race between delay_presuspend and delay_bio (Mikulas Patocka)
- hv_netvsc: Mark VF as slave before exposing it to user-mode (Long Li)
- hv_netvsc: Fix race of register_netdevice_notifier and VF register (Haiyang Zhang)
- USB: serial: option: add Luat Air72*U series products (Asuna Yang)
- s390/dasd: protect device queue against concurrent access (Jan Hoppner)
- bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in btree_gc_coalesce() (Coly Li)
- ACPI: resource: Skip IRQ override on ASUS ExpertBook B1402CVA (Hans de Goede)
- ext4: make sure allocate pending entry not fail (Zhang Yi)
- ext4: fix slab-use-after-free in ext4_es_insert_extent() (Baokun Li)
- ext4: using nofail preallocation in ext4_es_insert_extent() (Baokun Li)
- ext4: using nofail preallocation in ext4_es_insert_delayed_block() (Baokun Li)
- ext4: using nofail preallocation in ext4_es_remove_extent() (Baokun Li)
- ext4: use pre-allocated es in __es_remove_extent() (Baokun Li)
- ext4: use pre-allocated es in __es_insert_extent() (Baokun Li)
- ext4: factor out __es_alloc_extent() and __es_free_extent() (Baokun Li)
- ext4: add a new helper to check if es must be kept (Baokun Li)
- MIPS: KVM: Fix a build warning about variable set but not used (Huacai Chen)
- nvmet: nul-terminate the NQNs passed in the connect command (Christoph Hellwig)
- nvmet: remove unnecessary ctrl parameter (Chaitanya Kulkarni)
- afs: Fix file locking on R/O volumes to operate in local mode (David Howells)
- afs: Return ENOENT if no cell DNS record can be found (David Howells)
- net: axienet: Fix check for partial TX checksum (Samuel Holland)
- amd-xgbe: propagate the correct speed and duplex status (Raju Rangoju)
- amd-xgbe: handle the corner-case during tx completion (Raju Rangoju)
- amd-xgbe: handle corner-case during sfp hotplug (Raju Rangoju)
- arm/xen: fix xen_vcpu_info allocation alignment (Stefano Stabellini)
- net: usb: ax88179_178a: fix failed operations during ax88179_reset (Jose Ignacio Tornos Martinez)
- ipv4: Correct/silence an endian warning in __ip_do_redirect (Kunwu Chan)
- HID: fix HID device resource race between HID core and debugging support (Charles Yi)
- HID: core: store the unique system identifier in hid_device (Benjamin Tissoires)
- drm/rockchip: vop: Fix color for RGB888/BGR888 format on VOP full (Jonas Karlman)
- ata: pata_isapnp: Add missing error check for devm_ioport_map() (Chen Ni)
- drm/panel: simple: Fix Innolux G101ICE-L01 timings (Marek Vasut)
- drm/panel: simple: Fix Innolux G101ICE-L01 bus flags (Marek Vasut)
- afs: Make error on cell lookup failure consistent with OpenAFS (David Howells)
- PCI: keystone: Drop __init from ks_pcie_add_pcie_{ep,port}() (Nathan Chancellor)
- RDMA/irdma: Prevent zero-length STAG registration (Christopher Bednarz)
- driver core: Release all resources during unbind before updating device links (Saravana Kannan)
- LTS tag: v5.4.262 (Sherry Yang)
- netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush (for 5.4) (Pablo Neira Ayuso)
- netfilter: nf_tables: disable toggling dormant table state more than once (Pablo Neira Ayuso)
- netfilter: nf_tables: fix table flag updates (Pablo Neira Ayuso)
- netfilter: nftables: update table flags from the commit phase (Pablo Neira Ayuso)
- netfilter: nf_tables: double hook unregistration in netns path (Pablo Neira Ayuso)
- netfilter: nf_tables: unregister flowtable hooks on netns exit (Pablo Neira Ayuso)
- netfilter: nf_tables: fix memleak when more than 255 elements expired (Pablo Neira Ayuso)
- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (Pablo Neira Ayuso)
- netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (Pablo Neira Ayuso)
- netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction (Pablo Neira Ayuso)
- netfilter: nf_tables: defer gc run if previous batch is still pending (Florian Westphal)
- netfilter: nf_tables: use correct lock to protect gc_list (Pablo Neira Ayuso)
- netfilter: nf_tables: GC transaction race with abort path (Pablo Neira Ayuso)
- netfilter: nf_tables: GC transaction race with netns dismantle (Pablo Neira Ayuso)
- netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path (Pablo Neira Ayuso)
- netfilter: nf_tables: remove busy mark and gc batch API (Pablo Neira Ayuso)
- netfilter: nft_set_hash: mark set element as dead when deleting from packet path (Pablo Neira Ayuso)
- netfilter: nf_tables: adapt set backend to use GC transaction API (Pablo Neira Ayuso)
- netfilter: nf_tables: GC transaction API to avoid race with control plane (Pablo Neira Ayuso)
- netfilter: nf_tables: don't skip expired elements during walk (Florian Westphal)
- netfilter: nft_set_rbtree: fix overlap expiration walk (Florian Westphal)
- netfilter: nft_set_rbtree: fix null deref on element insertion (Florian Westphal)
- netfilter: nft_set_rbtree: Switch to node list walk for overlap detection (Pablo Neira Ayuso)
- netfilter: nf_tables: drop map element references from preparation phase (Pablo Neira Ayuso)
- netfilter: nftables: rename set element data activation/deactivation functions (Pablo Neira Ayuso)
- netfilter: nf_tables: pass context to nft_set_destroy() (Pablo Neira Ayuso)
- drm/amdgpu: fix error handling in amdgpu_bo_list_get() (Christian Konig)
- ext4: remove gdb backup copy for meta bg in setup_new_flex_group_blocks (Kemeng Shi)
- ext4: correct the start block of counting reserved clusters (Zhang Yi)
- ext4: correct return value of ext4_convert_meta_bg (Kemeng Shi)
- ext4: correct offset of gdb backup in non meta_bg group to update_backups (Kemeng Shi)
- ext4: apply umask if ACL support is disabled (Max Kellermann)
- Revert 'net: r8169: Disable multicast filter for RTL8168H and RTL8107E' (Heiner Kallweit)
- nfsd: fix file memleak on client_opens_release (Mahmoud Adam)
- media: venus: hfi: add checks to handle capabilities from firmware (Vikash Garodia)
- media: venus: hfi: fix the check to handle session buffer requirement (Vikash Garodia)
- media: venus: hfi_parser: Add check to keep the number of codecs within range (Vikash Garodia)
- media: sharp: fix sharp encoding (Sean Young)
- media: lirc: drop trailing space from scancode transmit (Sean Young)
- i2c: i801: fix potential race in i801_block_transaction_byte_by_byte (Heiner Kallweit)
- net: dsa: lan9303: consequently nested-lock physical MDIO (Alexander Sverdlin)
- Revert ncsi: Propagate carrier gain/loss events to the NCSI controller (Johnathan Mantey)
- Bluetooth: btusb: Add 0bda:b85b for Fn-Link RTL8852BE (Guan Wentao)
- Bluetooth: btusb: Add RTW8852BE device 13d3:3570 to device tables (Masum Reza)
- bluetooth: Add device 13d3:3571 to device tables (Larry Finger)
- bluetooth: Add device 0bda:887b to device tables (Larry Finger)
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0cb8:0xc559 (Artem Lukyanov)
- Bluetooth: btusb: add Realtek 8822CE to usb_device_id table (Joseph Hwang)
- Bluetooth: btusb: Add flag to define wideband speech capability (Alain Michaud)
- tty: serial: meson: fix hard LOCKUP on crtscts mode (Pavel Krasavin)
- serial: meson: Use platform_get_irq() to get the interrupt (Lad Prabhakar)
- tty: serial: meson: retrieve port FIFO size from DT (Neil Armstrong)
- serial: meson: remove redundant initialization of variable id (Colin Ian King)
- ALSA: hda/realtek - Enable internal speaker of ASUS K6500ZC (Chandradeep Dey)
- ALSA: info: Fix potential deadlock at disconnection (Takashi Iwai)
- parisc/pgtable: Do not drop upper 5 address bits of physical address (Helge Deller)
- parisc: Prevent booting 64-bit kernels on PA1.x machines (Helge Deller)
- i3c: master: cdns: Fix reading status register (Joshua Yeong)
- mm/cma: use nth_page() in place of direct struct page manipulation (Zi Yan)
- dmaengine: stm32-mdma: correct desc prep when channel running (Alain Volmat)
- mcb: fix error handling for different scenarios when parsing (Sanjuan Garcia, Jorge)
- i2c: core: Run atomic i2c xfer when !preemptible (Benjamin Bara)
- kernel/reboot: emergency_restart: Set correct system_state (Benjamin Bara)
- quota: explicitly forbid quota files from being encrypted (Eric Biggers)
- jbd2: fix potential data lost in recovering journal raced with synchronizing fs bdev (Zhihao Cheng)
- btrfs: don't arbitrarily slow down delalloc if we're committing (Josef Bacik)
- PM: hibernate: Clean up sync_read handling in snapshot_write_next() (Brian Geffon)
- PM: hibernate: Use __get_safe_page() rather than touching the list (Brian Geffon)
- mmc: vub300: fix an error code (Dan Carpenter)
- clk: qcom: ipq8074: drop the CLK_SET_RATE_PARENT flag from PLL clocks (Kathiravan Thirumoorthy)
- parisc/pdc: Add width field to struct pdc_model (Helge Deller)
- PCI: keystone: Don't discard .probe() callback (Uwe Kleine-Konig)
- PCI: keystone: Don't discard .remove() callback (Uwe Kleine-Konig)
- genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (Herve Codina)
- mmc: meson-gx: Remove setting of CMD_CFG_ERROR (Rong Chen)
- ACPI: resource: Do IRQ override on TongFang GMxXGxx (Werner Sembach)
- PCI/sysfs: Protect driver's D3cold preference from user space (Lukas Wunner)
- hvc/xen: fix error path in xen_hvc_init() to always register frontend driver (David Woodhouse)
- audit: don't WARN_ON_ONCE(!current->mm) in audit_exe_compare() (Paul Moore)
- audit: don't take task_lock() in audit_exe_compare() code path (Paul Moore)
- KVM: x86: Ignore MSR_AMD64_TW_CFG access (Maciej S. Szmigiero)
- KVM: x86: hyper-v: Don't auto-enable stimer on write from user-space (Nicolas Saenz Julienne)
- x86/cpu/hygon: Fix the CPU topology evaluation for real (Pu Wen)
- scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (Chandrakanth patil)
- bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (Shung-Hsi Yu)
- randstruct: Fix gcc-plugin performance mode to stay in group (Kees Cook)
- media: venus: hfi: add checks to perform sanity on queue pointers (Vikash Garodia)
- cifs: spnego: add ';' in HOST_KEY_LEN (Anastasia Belova)
- tools/power/turbostat: Fix a knl bug (Zhang Rui)
- macvlan: Don't propagate promisc change to lower dev in passthru (Vlad Buslov)
- net/mlx5e: Check return value of snprintf writing to fw_version buffer for representors (Rahul Rameshbabu)
- net/mlx5e: fix double free of encap_header (Dust Li)
- net: stmmac: fix rx budget limit check (Baruch Siach)
- net: stmmac: Rework stmmac_rx() (Jose Abreu)
- netfilter: nf_conntrack_bridge: initialize err to 0 (Linkui Xiao)
- net: ethernet: cortina: Fix MTU max setting (Linus Walleij)
- net: ethernet: cortina: Handle large frames (Linus Walleij)
- net: ethernet: cortina: Fix max RX frame define (Linus Walleij)
- bonding: stop the device in bond_setup_by_slave() (Eric Dumazet)
- ptp: annotate data-race around q->head and q->tail (Eric Dumazet)
- xen/events: fix delayed eoi list handling (Juergen Gross)
- ppp: limit MRU to 64K (Willem de Bruijn)
- tipc: Fix kernel-infoleak due to uninitialized TLV value (Shigeru Yoshida)
- net: hns3: fix variable may not initialized problem in hns3_init_mac_addr() (Yonglong Liu)
- tty: Fix uninit-value access in ppp_sync_receive() (Shigeru Yoshida)
- ipvlan: add ipvlan_route_v6_outbound() helper (Eric Dumazet)
- NFSv4.1: fix SP4_MACH_CRED protection for pnfs IO (Olga Kornievskaia)
- wifi: iwlwifi: Use FW rate for non-data frames (Miri Korenblit)
- pwm: Fix double shift bug (Dan Carpenter)
- ASoC: ti: omap-mcbsp: Fix runtime PM underflow warnings (Tony Lindgren)
- kgdb: Flush console before entering kgdb on panic (Douglas Anderson)
- drm/amd/display: Avoid NULL dereference of timing generator (Wayne Lin)
- media: cobalt: Use FIELD_GET() to extract Link Width (Ilpo Jarvinen)
- gfs2: ignore negated quota changes (Bob Peterson)
- media: vivid: avoid ...

Please note that the description has been truncated due to length. Please refer to vendor advisory for the full description.

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://linux.oracle.com/errata/ELSA-2024-12151.html

Plugin Details

Severity: Critical

ID: 190434

File Name: oraclelinux_ELSA-2024-12151.nasl

Version: 1.2

Type: local

Agent: unix

Published: 2/12/2024

Updated: 9/9/2025

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2022-29900

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2023-25775

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:python-perf, p-cpe:/a:oracle:linux:kernel-uek-doc, p-cpe:/a:oracle:linux:kernel-uek-debug, cpe:/o:oracle:linux:7, cpe:/o:oracle:linux:8, p-cpe:/a:oracle:linux:kernel-uek-devel, p-cpe:/a:oracle:linux:kernel-uek-tools, p-cpe:/a:oracle:linux:kernel-uek-tools-libs, p-cpe:/a:oracle:linux:kernel-uek, p-cpe:/a:oracle:linux:perf, p-cpe:/a:oracle:linux:kernel-uek-debug-devel, cpe:/o:oracle:linux:8:9:baseos_patch

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/OracleLinux

Exploit Ease: No known exploits are available

Patch Publication Date: 2/12/2024

Vulnerability Publication Date: 7/12/2022

Reference Information

CVE: CVE-2022-29900, CVE-2022-29901, CVE-2023-25775, CVE-2023-4244, CVE-2023-45863