[ELSA-2022-9969] Unbreakable Enterprise kernel security update
[4.1.12-124.68.3]
- Orabug: 34733462 (Alok Tiwari)
[4.1.12-124.68.2]
- ptp: fix the race between the release of ptp_clock and cdev (Vladis Dronov) [Orabug: 31350707] {CVE-2020-10690}
- ptp: Fix pass zero to ERR_PTR() in ptp_clock_register (YueHaibing) [Orabug: 31350707]
- chardev: add helper function to register char devs with a struct device (Logan Gunthorpe) [Orabug: 31350707]
- ptp: create 'pins' together with the rest of attributes (Dmitry Torokhov) [Orabug: 31350707]
- ptp: use is_visible method to hide unused attributes (Dmitry Torokhov) [Orabug: 31350707]
- ptp: do not explicitly set drvdata in ptp_clock_register() (Dmitry Torokhov) [Orabug: 31350707]
- xfs: add agf freeblocks verify in xfs_agf_verify (Zheng Bin) [Orabug: 31350923] {CVE-2020-12655}
- netfilter: nf_queue: do not allow packet truncation below transport header offset (Florian Westphal) [Orabug: 34475433] {CVE-2022-36946}
- media: em28xx: initialize refcount before kref_get (Dongliang Mu) [Orabug: 34619522] {CVE-2022-3239}
[4.1.12-124.68.1]
- fs: Avoid premature clearing of capabilities (Jan Kara) [Orabug: 20429825] {CVE-2015-1350}
- fs: Give dentry to inode_change_ok() instead of inode (Jan Kara) [Orabug: 20429825] {CVE-2015-1350}
- nfsd: Disable NFSv2 timestamp workaround for NFSv3+ (Andreas Gruenbacher) [Orabug: 20429825] {CVE-2015-1350}
- fuse: Propagate dentry down to inode_change_ok() (Jan Kara) [Orabug: 20429825] {CVE-2015-1350}
- xfs: Propagate dentry down to inode_change_ok() (Jan Kara) [Orabug: 20429825] {CVE-2015-1350}
- media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic (Daniel Mentz) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: don't copy back the result for certain errors (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha (Daniel Mentz) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: avoid sizeof(type) (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: fix the indentation (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32: Fix timespec conversion (Daniel Mentz) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32: fix missing reserved field copy in put_v4l2_create32 (Tiffany Lin) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32: fix missing length copy in put_v4l2_buffer32 (Tiffany Lin) [Orabug: 28036613] {CVE-2017-13166}
- mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() (Qing Xu) [Orabug: 31350517] {CVE-2020-12654}
- media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() (Dan Carpenter) [Orabug: 33488041] {CVE-2021-42739}
- ID
- ELSA-2022-9969
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2022-9969.html
- Published
-
2022-11-01T00:00:00
(22 months ago) - Modified
-
2022-11-01T00:00:00
(22 months ago) - Rights
- Copyright 2022 Oracle, Inc.
- Other Advisories
-
- ALAS-2022-1636
- ALAS2-2020-1480
- ALAS2-2022-1838
- ALAS2-2022-1852
- ALSA-2020:4431
- ALSA-2022:1988
- ALSA-2022:7683
- ALSA-2022:8267
- ALSA-2023:2951
- DSA-4120-1
- DSA-4187-1
- DSA-4698-1
- DSA-5096-1
- DSA-5207-1
- ELSA-2018-1062
- ELSA-2018-1319
- ELSA-2020-3010
- ELSA-2020-3220
- ELSA-2020-4060
- ELSA-2020-5714
- ELSA-2020-5755
- ELSA-2020-5756
- ELSA-2022-0063
- ELSA-2022-1988
- ELSA-2022-7683
- ELSA-2022-8267
- ELSA-2022-9996
- ELSA-2022-9997
- ELSA-2023-2951
- FEDORA-2020-203ffedeb5
- FEDORA-2020-4336d63533
- FEDORA-2020-5a69decc0c
- FEDORA-2020-c6b9fff7f8
- FEDORA-2020-e47d28bc2b
- FEDORA-2021-7de33b7016
- FEDORA-2021-8364530ebf
- FEDORA-2021-fdef34e26f
- MS:CVE-2020-10690
- MS:CVE-2020-12654
- MS:CVE-2020-12655
- MS:CVE-2021-42739
- MS:CVE-2022-36946
- openSUSE-SU-2020:0801-1
- openSUSE-SU-2021:1477-1
- openSUSE-SU-2021:3641-1
- openSUSE-SU-2021:3675-1
- openSUSE-SU-2021:3876-1
- RHSA-2018:0676
- RHSA-2018:1062
- RHSA-2018:1319
- RHSA-2020:1567
- RHSA-2020:1769
- RHSA-2020:3010
- RHSA-2020:3016
- RHSA-2020:3220
- RHSA-2020:3221
- RHSA-2020:4060
- RHSA-2020:4062
- RHSA-2020:4431
- RHSA-2020:4609
- RHSA-2022:0063
- RHSA-2022:0065
- RHSA-2022:1975
- RHSA-2022:1988
- RHSA-2022:7444
- RHSA-2022:7683
- RHSA-2022:7933
- RHSA-2022:8267
- RHSA-2023:2736
- RHSA-2023:2951
- RLSA-2022:1988
- RLSA-2022:7683
- SSA:2020-163-01
- SSA:2022-237-02
- SUSE-SU-2017:0181-1
- SUSE-SU-2017:0333-1
- SUSE-SU-2017:0437-1
- SUSE-SU-2017:0494-1
- SUSE-SU-2017:1102-1
- SUSE-SU-2017:1247-1
- SUSE-SU-2017:1360-1
- SUSE-SU-2018:0785-1
- SUSE-SU-2018:0786-1
- SUSE-SU-2018:0834-1
- SUSE-SU-2018:0848-1
- SUSE-SU-2018:0986-1
- SUSE-SU-2018:0988-1
- SUSE-SU-2018:0989-1
- SUSE-SU-2018:0990-1
- SUSE-SU-2018:0992-1
- SUSE-SU-2018:0993-1
- SUSE-SU-2018:0994-1
- SUSE-SU-2018:0995-1
- SUSE-SU-2018:0996-1
- SUSE-SU-2018:0997-1
- SUSE-SU-2018:0998-1
- SUSE-SU-2018:0999-1
- SUSE-SU-2018:1000-1
- SUSE-SU-2018:1001-1
- SUSE-SU-2018:1002-1
- SUSE-SU-2018:1003-1
- SUSE-SU-2018:1004-1
- SUSE-SU-2018:1005-1
- SUSE-SU-2018:1006-1
- SUSE-SU-2018:1007-1
- SUSE-SU-2018:1008-1
- SUSE-SU-2018:1009-1
- SUSE-SU-2018:1010-1
- SUSE-SU-2018:1011-1
- SUSE-SU-2018:1012-1
- SUSE-SU-2018:1013-1
- SUSE-SU-2018:1014-1
- SUSE-SU-2018:1015-1
- SUSE-SU-2018:1016-1
- SUSE-SU-2018:1018-1
- SUSE-SU-2018:1019-1
- SUSE-SU-2018:1020-1
- SUSE-SU-2018:1021-1
- SUSE-SU-2018:1022-1
- SUSE-SU-2018:1023-1
- SUSE-SU-2018:1024-1
- SUSE-SU-2018:1025-1
- SUSE-SU-2018:1026-1
- SUSE-SU-2018:1027-1
- SUSE-SU-2018:1028-1
- SUSE-SU-2018:1029-1
- SUSE-SU-2018:1030-1
- SUSE-SU-2018:1031-1
- SUSE-SU-2018:1032-1
- SUSE-SU-2018:1033-1
- SUSE-SU-2018:1034-1
- SUSE-SU-2018:1080-1
- SUSE-SU-2018:1172-1
- SUSE-SU-2018:1309-1
- SUSE-SU-2018:1505-1
- SUSE-SU-2018:1506-1
- SUSE-SU-2018:1509-1
- SUSE-SU-2018:1510-1
- SUSE-SU-2018:1511-1
- SUSE-SU-2018:1512-1
- SUSE-SU-2018:1514-1
- SUSE-SU-2018:1516-1
- SUSE-SU-2018:1517-1
- SUSE-SU-2018:1518-1
- SUSE-SU-2018:1519-1
- SUSE-SU-2018:1520-1
- SUSE-SU-2018:1521-1
- SUSE-SU-2018:1522-1
- SUSE-SU-2018:1524-1
- SUSE-SU-2018:1526-1
- SUSE-SU-2018:1528-1
- SUSE-SU-2018:1529-1
- SUSE-SU-2018:1530-1
- SUSE-SU-2018:1531-1
- SUSE-SU-2018:1532-1
- SUSE-SU-2018:1533-1
- SUSE-SU-2018:1534-1
- SUSE-SU-2018:1535-1
- SUSE-SU-2018:1536-1
- SUSE-SU-2018:1537-1
- SUSE-SU-2018:1538-1
- SUSE-SU-2018:1540-1
- SUSE-SU-2018:1541-1
- SUSE-SU-2018:1543-1
- SUSE-SU-2018:1545-1
- SUSE-SU-2018:1546-1
- SUSE-SU-2018:1548-1
- SUSE-SU-2018:1549-1
- SUSE-SU-2018:1637-1
- SUSE-SU-2018:1639-1
- SUSE-SU-2018:1640-1
- SUSE-SU-2018:1641-1
- SUSE-SU-2018:1642-1
- SUSE-SU-2018:1643-1
- SUSE-SU-2018:1644-1
- SUSE-SU-2018:1645-1
- SUSE-SU-2018:1648-1
- SUSE-SU-2020:1255-1
- SUSE-SU-2020:1275-1
- SUSE-SU-2020:1452-1
- SUSE-SU-2020:1475-1
- SUSE-SU-2020:1486-1
- SUSE-SU-2020:1587-1
- SUSE-SU-2020:1596-1
- SUSE-SU-2020:1597-1
- SUSE-SU-2020:1599-1
- SUSE-SU-2020:1602-1
- SUSE-SU-2020:1603-1
- SUSE-SU-2020:1604-1
- SUSE-SU-2020:1605-1
- SUSE-SU-2020:1663-1
- SUSE-SU-2020:1779-1
- SUSE-SU-2020:2156-1
- SUSE-SU-2020:2478-1
- SUSE-SU-2020:2487-1
- SUSE-SU-2021:3640-1
- SUSE-SU-2021:3641-1
- SUSE-SU-2021:3642-1
- SUSE-SU-2021:3658-1
- SUSE-SU-2021:3675-1
- SUSE-SU-2021:3723-1
- SUSE-SU-2021:3748-1
- SUSE-SU-2021:3754-1
- SUSE-SU-2021:3876-1
- SUSE-SU-2021:3929-1
- SUSE-SU-2021:3935-1
- SUSE-SU-2021:3972-1
- SUSE-SU-2022:0234-1
- SUSE-SU-2022:0237-1
- SUSE-SU-2022:0238-1
- SUSE-SU-2022:0241-1
- SUSE-SU-2022:0242-1
- SUSE-SU-2022:0243-1
- SUSE-SU-2022:0246-1
- SUSE-SU-2022:0254-1
- SUSE-SU-2022:0255-1
- SUSE-SU-2022:0257-1
- SUSE-SU-2022:0263-1
- SUSE-SU-2022:0267-1
- SUSE-SU-2022:0270-1
- SUSE-SU-2022:0291-1
- SUSE-SU-2022:0292-1
- SUSE-SU-2022:0293-1
- SUSE-SU-2022:0295-1
- SUSE-SU-2022:0296-1
- SUSE-SU-2022:0298-1
- SUSE-SU-2022:0325-1
- SUSE-SU-2022:0327-1
- SUSE-SU-2022:0328-1
- SUSE-SU-2022:2719-1
- SUSE-SU-2022:2720-1
- SUSE-SU-2022:2721-1
- SUSE-SU-2022:2723-1
- SUSE-SU-2022:2741-1
- SUSE-SU-2022:2809-1
- SUSE-SU-2022:2827-1
- SUSE-SU-2022:2840-1
- SUSE-SU-2022:2875-1
- SUSE-SU-2022:2875-2
- SUSE-SU-2022:2892-1
- SUSE-SU-2022:2892-2
- SUSE-SU-2022:2910-1
- SUSE-SU-2022:3061-1
- SUSE-SU-2022:3072-1
- SUSE-SU-2022:3108-1
- SUSE-SU-2022:3123-1
- SUSE-SU-2022:3274-1
- SUSE-SU-2022:3288-1
- SUSE-SU-2022:3293-1
- SUSE-SU-2022:3584-1
- SUSE-SU-2022:3585-1
- SUSE-SU-2022:3586-1
- SUSE-SU-2022:3587-1
- SUSE-SU-2022:3599-1
- SUSE-SU-2022:3609-1
- SUSE-SU-2022:3688-1
- SUSE-SU-2022:3693-1
- SUSE-SU-2022:3704-1
- SUSE-SU-2022:3775-1
- SUSE-SU-2022:3779-1
- SUSE-SU-2022:3809-1
- SUSE-SU-2022:3810-1
- SUSE-SU-2022:3844-1
- SUSE-SU-2022:4617-1
- SUSE-SU-2023:0416-1
- USN-3361-1
- USN-4392-1
- USN-4393-1
- USN-4419-1
- USN-4465-1
- USN-4483-1
- USN-4485-1
- USN-4904-1
- USN-5165-1
- USN-5207-1
- USN-5265-1
- USN-5266-1
- USN-5267-1
- USN-5267-3
- USN-5268-1
- USN-5343-1
- USN-5361-1
- USN-5580-1
- USN-5590-1
- USN-5621-1
- USN-5622-1
- USN-5623-1
- USN-5624-1
- USN-5630-1
- USN-5633-1
- USN-5634-1
- USN-5635-1
- USN-5639-1
- USN-5640-1
- USN-5644-1
- USN-5647-1
- USN-5648-1
- USN-5650-1
- USN-5652-1
- USN-5654-1
- USN-5655-1
- USN-5660-1
- USN-5683-1
- USN-5757-1
- USN-5757-2
- USN-5758-1
- USN-5774-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2022-9969 | https://linux.oracle.com/errata/ELSA-2022-9969.html | |
CVE | CVE-2017-13166 | https://linux.oracle.com/cve/CVE-2017-13166.html | |
CVE | CVE-2020-12654 | https://linux.oracle.com/cve/CVE-2020-12654.html | |
CVE | CVE-2020-10690 | https://linux.oracle.com/cve/CVE-2020-10690.html | |
CVE | CVE-2020-12655 | https://linux.oracle.com/cve/CVE-2020-12655.html | |
CVE | CVE-2015-1350 | https://linux.oracle.com/cve/CVE-2015-1350.html | |
CVE | CVE-2022-3239 | https://linux.oracle.com/cve/CVE-2022-3239.html | |
CVE | CVE-2022-36946 | https://linux.oracle.com/cve/CVE-2022-36946.html | |
CVE | CVE-2021-42739 | https://linux.oracle.com/cve/CVE-2021-42739.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux | kernel-uek | < 4.1.12-124.68.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux | kernel-uek | < 4.1.12-124.68.3.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux | kernel-uek-firmware | < 4.1.12-124.68.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux | kernel-uek-firmware | < 4.1.12-124.68.3.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux | kernel-uek-doc | < 4.1.12-124.68.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux | kernel-uek-doc | < 4.1.12-124.68.3.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-devel | < 4.1.12-124.68.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-devel | < 4.1.12-124.68.3.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug | < 4.1.12-124.68.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug | < 4.1.12-124.68.3.el6uek | oraclelinux-6 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux | kernel-uek-debug-devel | < 4.1.12-124.68.3.el7uek | oraclelinux-7 | ||
Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux | kernel-uek-debug-devel | < 4.1.12-124.68.3.el6uek | oraclelinux-6 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |