[ELSA-2021-9459] Unbreakable Enterprise kernel security update
[4.1.12-124.54.6.1]
- fs/namespace.c: fix mountpoint reference counter race (Piotr Krysiuk) [Orabug: 33369433] {CVE-2020-12114} {CVE-2020-12114}
- btrfs: only search for left_info if there is no right_info in try_merge_free_space (Josef Bacik) [Orabug: 33369414] {CVE-2019-19448} {CVE-2019-19448}
- cfg80211: wext: avoid copying malformed SSIDs (Will Deacon) [Orabug: 33369390] {CVE-2019-17133}
- vhost_net: fix possible infinite loop (Jason Wang) [Orabug: 33369374] {CVE-2019-3900} {CVE-2019-3900}
- vhost: introduce vhost_exceeds_weight() (Jason Wang) [Orabug: 33369374] {CVE-2019-3900}
- vhost_net: introduce vhost_exceeds_weight() (Jason Wang) [Orabug: 33369374] {CVE-2019-3900}
- vhost_net: use packet weight for rx handler, too (Paolo Abeni) [Orabug: 33369374] {CVE-2019-3900}
- vhost-net: set packet weight of tx polling to 2 * vq size (haibinzhang) [Orabug: 33369374] {CVE-2019-3900}
- mac80211: extend protection against mixed key and fragment cache attacks (Wen Gong) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24586} {CVE-2020-24587}
- mac80211: do not accept/forward invalid EAPOL frames (Johannes Berg) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147}
- mac80211: prevent attacks on TKIP/WEP as well (Johannes Berg) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147}
- mac80211: check defrag PN against current frame (Johannes Berg) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147}
- mac80211: add fragment cache to sta_info (Johannes Berg) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147}
- mac80211: drop A-MSDUs on old ciphers (Johannes Berg) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24588}
- cfg80211: mitigate A-MSDU aggregation attacks (Mathy Vanhoef) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24588}
- mac80211: properly handle A-MSDUs that start with an RFC 1042 header (Mathy Vanhoef) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147}
- mac80211: prevent mixed key and fragment cache attacks (Mathy Vanhoef) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-24587} {CVE-2020-24586}
- mac80211: assure all fragments are encrypted (Mathy Vanhoef) [Orabug: 33369361] {CVE-2020-24586} {CVE-2020-26139} {CVE-2020-24587} {CVE-2020-24588} {CVE-2020-26139} {CVE-2020-26140} {CVE-2020-26141} {CVE-2020-26142} {CVE-2020-26143} {CVE-2020-26144} {CVE-2020-26145} {CVE-2020-26146} {CVE-2020-26147} {CVE-2020-26147}
- sctp: validate from_addr_param return (Marcelo Ricardo Leitner) [Orabug: 33369303] {CVE-2021-3655}
- virtio_console: Assure used length from device is limited (Xie Yongji) [Orabug: 33369276] {CVE-2021-38160}
- net_sched: cls_route: remove the right filter from hashtable (Cong Wang) [Orabug: 33369231] {CVE-2021-3715}
- HID: make arrays usage and value to be the same (Will McVicker) [Orabug: 33369121] {CVE-2021-0512}
- ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Ts'o) [Orabug: 33369043] {CVE-2021-40490}
- ID
- ELSA-2021-9459
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2021-9459.html
- Published
-
2021-09-22T00:00:00
(3 years ago) - Modified
-
2021-09-22T00:00:00
(3 years ago) - Rights
- Copyright 2021 Oracle, Inc.
- Other Advisories
-
- ALAS-2019-1232
- ALAS-2020-1437
- ALAS-2021-1539
- ALAS2-2019-1232
- ALAS2-2020-1495
- ALAS2-2021-1696
- ALAS2-2021-1704
- ALAS2-2021-1712
- ALSA-2021:1578
- ALSA-2021:4056
- ALSA-2021:4356
- ASA-202107-48
- ASA-202107-49
- ASB-A-173843328
- ASB-A-197154735
- CISCO-SA-WIFI-FAF-22EPCEWU
- DSA-4497-1
- DSA-4698-1
- DSA-4699-1
- DSA-4978-1
- ELSA-2019-2029
- ELSA-2019-3517
- ELSA-2019-3836
- ELSA-2020-0374
- ELSA-2020-0790
- ELSA-2020-5845
- ELSA-2020-5913
- ELSA-2021-1578
- ELSA-2021-3438
- ELSA-2021-4056
- ELSA-2021-4356
- ELSA-2021-9404
- ELSA-2021-9406
- ELSA-2021-9452
- ELSA-2021-9453
- ELSA-2021-9458
- ELSA-2021-9460
- ELSA-2021-9474
- ELSA-2021-9475
- ELSA-2021-9485
- ELSA-2021-9488
- FEDORA-2019-021c968423
- FEDORA-2019-057d691fd4
- FEDORA-2019-124a241044
- FEDORA-2019-15e141c6a7
- FEDORA-2019-1689d3fe07
- FEDORA-2019-41e28660ae
- FEDORA-2019-48b34fc991
- FEDORA-2019-4c91a2f76e
- FEDORA-2019-5b76e711b3
- FEDORA-2019-640f8d8dd1
- FEDORA-2019-6817686c4d
- FEDORA-2019-69c132b061
- FEDORA-2019-6bda4c81f4
- FEDORA-2019-6c3d89b3d0
- FEDORA-2019-7a3fc17778
- FEDORA-2019-7aecfe1c4b
- FEDORA-2019-7ec378191e
- FEDORA-2019-8169b57f28
- FEDORA-2019-8219efa9f6
- FEDORA-2019-83858fc57b
- FEDORA-2019-87d807d7cb
- FEDORA-2019-8846a1a5a2
- FEDORA-2019-914542e05c
- FEDORA-2019-97380355ae
- FEDORA-2019-9d3fe6fd5b
- FEDORA-2019-a570a92d5a
- FEDORA-2019-a6cd583a8d
- FEDORA-2019-a95015e60f
- FEDORA-2019-b318b2c6f3
- FEDORA-2019-c03eda3cc6
- FEDORA-2019-c36afa818c
- FEDORA-2019-e3010166bd
- FEDORA-2019-e37c348348
- FEDORA-2019-e6bf55e821
- FEDORA-2019-f40bd7826f
- FEDORA-2020-2a5cdd665c
- FEDORA-2020-c2d89d14d0
- FEDORA-2020-fe00e12580
- FEDORA-2021-4ca1b080bb
- FEDORA-2021-60f1d2eba1
- FREEBSD:8D20BD48-A4F3-11EC-90DE-1C697AA5A594
- MS:CVE-2020-24587
- MS:CVE-2020-24588
- MS:CVE-2020-26144
- MS:CVE-2021-40490
- openSUSE-SU-2019:2392-1
- openSUSE-SU-2019:2444-1
- openSUSE-SU-2020:0801-1
- openSUSE-SU-2021:0843-1
- openSUSE-SU-2021:0947-1
- openSUSE-SU-2021:1271-1
- openSUSE-SU-2021:1357-1
- openSUSE-SU-2021:1365-1
- openSUSE-SU-2021:1477-1
- openSUSE-SU-2021:1975-1
- openSUSE-SU-2021:1977-1
- openSUSE-SU-2021:2305-1
- openSUSE-SU-2021:2352-1
- openSUSE-SU-2021:2427-1
- openSUSE-SU-2021:3179-1
- openSUSE-SU-2021:3205-1
- openSUSE-SU-2021:3338-1
- openSUSE-SU-2021:3387-1
- openSUSE-SU-2021:3447-1
- openSUSE-SU-2021:3641-1
- openSUSE-SU-2021:3675-1
- openSUSE-SU-2021:3876-1
- RHSA-2019:2029
- RHSA-2019:2043
- RHSA-2019:3309
- RHSA-2019:3517
- RHSA-2019:3836
- RHSA-2020:0374
- RHSA-2020:0375
- RHSA-2020:0790
- RHSA-2020:4431
- RHSA-2020:4609
- RHSA-2021:1578
- RHSA-2021:1739
- RHSA-2021:3438
- RHSA-2021:3439
- RHSA-2021:3441
- RHSA-2021:4056
- RHSA-2021:4088
- RHSA-2021:4122
- RHSA-2021:4140
- RHSA-2021:4356
- RLSA-2021:4088
- SSA:2019-311-01
- SSA:2020-295-01
- SSA:2021-202-01
- SSA:2022-031-01
- SUSE-SU-2019:2821-1
- SUSE-SU-2019:2829-1
- SUSE-SU-2019:2859-1
- SUSE-SU-2019:2864-1
- SUSE-SU-2019:2879-1
- SUSE-SU-2019:2946-1
- SUSE-SU-2019:2947-1
- SUSE-SU-2019:2949-1
- SUSE-SU-2019:2951-1
- SUSE-SU-2019:2952-1
- SUSE-SU-2019:2953-1
- SUSE-SU-2019:2984-1
- SUSE-SU-2019:3237-1
- SUSE-SU-2019:3294-1
- SUSE-SU-2019:3295-1
- SUSE-SU-2020:0093-1
- SUSE-SU-2020:0183-1
- SUSE-SU-2020:1587-1
- SUSE-SU-2020:1596-1
- SUSE-SU-2020:1597-1
- SUSE-SU-2020:1599-1
- SUSE-SU-2020:1602-1
- SUSE-SU-2020:1603-1
- SUSE-SU-2020:1604-1
- SUSE-SU-2020:1605-1
- SUSE-SU-2020:1663-1
- SUSE-SU-2020:2156-1
- SUSE-SU-2020:2478-1
- SUSE-SU-2020:2487-1
- SUSE-SU-2021:1887-1
- SUSE-SU-2021:1888-1
- SUSE-SU-2021:1889-1
- SUSE-SU-2021:1890-1
- SUSE-SU-2021:1891-1
- SUSE-SU-2021:1899-1
- SUSE-SU-2021:1912-1
- SUSE-SU-2021:1913-1
- SUSE-SU-2021:1975-1
- SUSE-SU-2021:1977-1
- SUSE-SU-2021:2208-1
- SUSE-SU-2021:2303-1
- SUSE-SU-2021:2305-1
- SUSE-SU-2021:2321-1
- SUSE-SU-2021:2324-1
- SUSE-SU-2021:2325-1
- SUSE-SU-2021:2332-1
- SUSE-SU-2021:2344-1
- SUSE-SU-2021:2349-1
- SUSE-SU-2021:2352-1
- SUSE-SU-2021:2361-1
- SUSE-SU-2021:2367-1
- SUSE-SU-2021:2368-1
- SUSE-SU-2021:2372-1
- SUSE-SU-2021:2377-1
- SUSE-SU-2021:2387-1
- SUSE-SU-2021:2406-1
- SUSE-SU-2021:2421-1
- SUSE-SU-2021:2422-1
- SUSE-SU-2021:2426-1
- SUSE-SU-2021:2427-1
- SUSE-SU-2021:2433-1
- SUSE-SU-2021:2451-1
- SUSE-SU-2021:2453-1
- SUSE-SU-2021:3177-1
- SUSE-SU-2021:3178-1
- SUSE-SU-2021:3179-1
- SUSE-SU-2021:3192-1
- SUSE-SU-2021:3205-1
- SUSE-SU-2021:3205-2
- SUSE-SU-2021:3206-1
- SUSE-SU-2021:3207-1
- SUSE-SU-2021:3217-1
- SUSE-SU-2021:3337-1
- SUSE-SU-2021:3338-1
- SUSE-SU-2021:3339-1
- SUSE-SU-2021:3360-1
- SUSE-SU-2021:3371-1
- SUSE-SU-2021:3374-1
- SUSE-SU-2021:3386-1
- SUSE-SU-2021:3387-1
- SUSE-SU-2021:3388-1
- SUSE-SU-2021:3389-1
- SUSE-SU-2021:3401-1
- SUSE-SU-2021:3415-1
- SUSE-SU-2021:3440-1
- SUSE-SU-2021:3443-1
- SUSE-SU-2021:3447-1
- SUSE-SU-2021:3459-1
- SUSE-SU-2021:3640-1
- SUSE-SU-2021:3641-1
- SUSE-SU-2021:3642-1
- SUSE-SU-2021:3658-1
- SUSE-SU-2021:3675-1
- SUSE-SU-2021:3723-1
- SUSE-SU-2021:3748-1
- SUSE-SU-2021:3754-1
- SUSE-SU-2021:3876-1
- SUSE-SU-2021:3929-1
- SUSE-SU-2021:3935-1
- SUSE-SU-2021:3969-1
- SUSE-SU-2021:3972-1
- SUSE-SU-2022:3263-1
- SUSE-SU-2022:3294-1
- SUSE-SU-2023:0394-1
- SUSE-SU-2023:0416-1
- SUSE-SU-2023:0433-1
- SUSE-SU-2023:0488-1
- SUSE-SU-2023:2809-1
- USN-4114-1
- USN-4115-1
- USN-4116-1
- USN-4117-1
- USN-4118-1
- USN-4208-1
- USN-4210-1
- USN-4211-1
- USN-4211-2
- USN-4226-1
- USN-4387-1
- USN-4388-1
- USN-4389-1
- USN-4390-1
- USN-4391-1
- USN-4392-1
- USN-4578-1
- USN-4997-1
- USN-4997-2
- USN-4999-1
- USN-5000-1
- USN-5000-2
- USN-5001-1
- USN-5018-1
- USN-5073-1
- USN-5073-2
- USN-5073-3
- USN-5091-1
- USN-5091-2
- USN-5092-1
- USN-5092-2
- USN-5096-1
- USN-5106-1
- USN-5113-1
- USN-5114-1
- USN-5115-1
- USN-5116-1
- USN-5116-2
- USN-5120-1
- USN-5136-1
- USN-5139-1
- USN-5161-1
- USN-5162-1
- USN-5163-1
- USN-5299-1
- USN-5343-1
- USN-5361-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux | kernel-uek | < 4.1.12-124.54.6.1.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux | kernel-uek | < 4.1.12-124.54.6.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux | kernel-uek-firmware | < 4.1.12-124.54.6.1.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux | kernel-uek-firmware | < 4.1.12-124.54.6.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux | kernel-uek-doc | < 4.1.12-124.54.6.1.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux | kernel-uek-doc | < 4.1.12-124.54.6.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-devel | < 4.1.12-124.54.6.1.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-devel | < 4.1.12-124.54.6.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug | < 4.1.12-124.54.6.1.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug | < 4.1.12-124.54.6.1.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug-devel | < 4.1.12-124.54.6.1.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug-devel | < 4.1.12-124.54.6.1.el6uek | oraclelinux-6 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |