[ELSA-2022-9969] Unbreakable Enterprise kernel security update
[4.1.12-124.68.3]
- Orabug: 34733462 (Alok Tiwari)
[4.1.12-124.68.2]
- ptp: fix the race between the release of ptp_clock and cdev (Vladis Dronov) [Orabug: 31350707] {CVE-2020-10690}
- ptp: Fix pass zero to ERR_PTR() in ptp_clock_register (YueHaibing) [Orabug: 31350707]
- chardev: add helper function to register char devs with a struct device (Logan Gunthorpe) [Orabug: 31350707]
- ptp: create 'pins' together with the rest of attributes (Dmitry Torokhov) [Orabug: 31350707]
- ptp: use is_visible method to hide unused attributes (Dmitry Torokhov) [Orabug: 31350707]
- ptp: do not explicitly set drvdata in ptp_clock_register() (Dmitry Torokhov) [Orabug: 31350707]
- xfs: add agf freeblocks verify in xfs_agf_verify (Zheng Bin) [Orabug: 31350923] {CVE-2020-12655}
- netfilter: nf_queue: do not allow packet truncation below transport header offset (Florian Westphal) [Orabug: 34475433] {CVE-2022-36946}
- media: em28xx: initialize refcount before kref_get (Dongliang Mu) [Orabug: 34619522] {CVE-2022-3239}
[4.1.12-124.68.1]
- fs: Avoid premature clearing of capabilities (Jan Kara) [Orabug: 20429825] {CVE-2015-1350}
- fs: Give dentry to inode_change_ok() instead of inode (Jan Kara) [Orabug: 20429825] {CVE-2015-1350}
- nfsd: Disable NFSv2 timestamp workaround for NFSv3+ (Andreas Gruenbacher) [Orabug: 20429825] {CVE-2015-1350}
- fuse: Propagate dentry down to inode_change_ok() (Jan Kara) [Orabug: 20429825] {CVE-2015-1350}
- xfs: Propagate dentry down to inode_change_ok() (Jan Kara) [Orabug: 20429825] {CVE-2015-1350}
- media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic (Daniel Mentz) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: don't copy back the result for certain errors (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha (Daniel Mentz) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: avoid sizeof(type) (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: fix the indentation (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32: Fix timespec conversion (Daniel Mentz) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32: fix missing reserved field copy in put_v4l2_create32 (Tiffany Lin) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32: fix missing length copy in put_v4l2_buffer32 (Tiffany Lin) [Orabug: 28036613] {CVE-2017-13166}
- mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() (Qing Xu) [Orabug: 31350517] {CVE-2020-12654}
- media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() (Dan Carpenter) [Orabug: 33488041] {CVE-2021-42739}
- ID
- ELSA-2022-9969
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2022-9969.html
- Published
-
2022-11-01T00:00:00
(22 months ago) - Modified
-
2022-11-01T00:00:00
(22 months ago) - Rights
- Copyright 2022 Oracle, Inc.
- Other Advisories
-
-
ALAS-2022-1636
-
ALAS2-2020-1480
-
ALAS2-2022-1838
-
ALAS2-2022-1852
-
ALSA-2020:4431
-
ALSA-2022:1988
-
ALSA-2022:7683
-
ALSA-2022:8267
-
ALSA-2023:2951
-
DSA-4120-1
-
DSA-4187-1
-
DSA-4698-1
-
DSA-5096-1
-
DSA-5207-1
-
ELSA-2018-1062
-
ELSA-2018-1319
-
ELSA-2020-3010
-
ELSA-2020-3220
-
ELSA-2020-4060
-
ELSA-2020-5714
-
ELSA-2020-5755
-
ELSA-2020-5756
-
ELSA-2022-0063
-
ELSA-2022-1988
-
ELSA-2022-7683
-
ELSA-2022-8267
-
ELSA-2022-9996
-
ELSA-2022-9997
-
ELSA-2023-2951
-
FEDORA-2020-203ffedeb5
-
FEDORA-2020-4336d63533
-
FEDORA-2020-5a69decc0c
-
FEDORA-2020-c6b9fff7f8
-
FEDORA-2020-e47d28bc2b
-
FEDORA-2021-7de33b7016
-
FEDORA-2021-8364530ebf
-
FEDORA-2021-fdef34e26f
-
MS:CVE-2020-10690
-
MS:CVE-2020-12654
-
MS:CVE-2020-12655
-
MS:CVE-2021-42739
-
MS:CVE-2022-36946
-
openSUSE-SU-2020:0801-1
-
openSUSE-SU-2021:1477-1
-
openSUSE-SU-2021:3641-1
-
openSUSE-SU-2021:3675-1
-
openSUSE-SU-2021:3876-1
-
RHSA-2018:0676
-
RHSA-2018:1062
-
RHSA-2018:1319
-
RHSA-2020:1567
-
RHSA-2020:1769
-
RHSA-2020:3010
-
RHSA-2020:3016
-
RHSA-2020:3220
-
RHSA-2020:3221
-
RHSA-2020:4060
-
RHSA-2020:4062
-
RHSA-2020:4431
-
RHSA-2020:4609
-
RHSA-2022:0063
-
RHSA-2022:0065
-
RHSA-2022:1975
-
RHSA-2022:1988
-
RHSA-2022:7444
-
RHSA-2022:7683
-
RHSA-2022:7933
-
RHSA-2022:8267
-
RHSA-2023:2736
-
RHSA-2023:2951
-
RLSA-2022:1988
-
RLSA-2022:7683
-
SSA:2020-163-01
-
SSA:2022-237-02
-
SUSE-SU-2017:0181-1
-
SUSE-SU-2017:0333-1
-
SUSE-SU-2017:0437-1
-
SUSE-SU-2017:0494-1
-
SUSE-SU-2017:1102-1
-
SUSE-SU-2017:1247-1
-
SUSE-SU-2017:1360-1
-
SUSE-SU-2018:0785-1
-
SUSE-SU-2018:0786-1
-
SUSE-SU-2018:0834-1
-
SUSE-SU-2018:0848-1
-
SUSE-SU-2018:0986-1
-
SUSE-SU-2018:0988-1
-
SUSE-SU-2018:0989-1
-
SUSE-SU-2018:0990-1
-
SUSE-SU-2018:0992-1
-
SUSE-SU-2018:0993-1
-
SUSE-SU-2018:0994-1
-
SUSE-SU-2018:0995-1
-
SUSE-SU-2018:0996-1
-
SUSE-SU-2018:0997-1
-
SUSE-SU-2018:0998-1
-
SUSE-SU-2018:0999-1
-
SUSE-SU-2018:1000-1
-
SUSE-SU-2018:1001-1
-
SUSE-SU-2018:1002-1
-
SUSE-SU-2018:1003-1
-
SUSE-SU-2018:1004-1
-
SUSE-SU-2018:1005-1
-
SUSE-SU-2018:1006-1
-
SUSE-SU-2018:1007-1
-
SUSE-SU-2018:1008-1
-
SUSE-SU-2018:1009-1
-
SUSE-SU-2018:1010-1
-
SUSE-SU-2018:1011-1
-
SUSE-SU-2018:1012-1
-
SUSE-SU-2018:1013-1
-
SUSE-SU-2018:1014-1
-
SUSE-SU-2018:1015-1
-
SUSE-SU-2018:1016-1
-
SUSE-SU-2018:1018-1
-
SUSE-SU-2018:1019-1
-
SUSE-SU-2018:1020-1
-
SUSE-SU-2018:1021-1
-
SUSE-SU-2018:1022-1
-
SUSE-SU-2018:1023-1
-
SUSE-SU-2018:1024-1
-
SUSE-SU-2018:1025-1
-
SUSE-SU-2018:1026-1
-
SUSE-SU-2018:1027-1
-
SUSE-SU-2018:1028-1
-
SUSE-SU-2018:1029-1
-
SUSE-SU-2018:1030-1
-
SUSE-SU-2018:1031-1
-
SUSE-SU-2018:1032-1
-
SUSE-SU-2018:1033-1
-
SUSE-SU-2018:1034-1
-
SUSE-SU-2018:1080-1
-
SUSE-SU-2018:1172-1
-
SUSE-SU-2018:1309-1
-
SUSE-SU-2018:1505-1
-
SUSE-SU-2018:1506-1
-
SUSE-SU-2018:1509-1
-
SUSE-SU-2018:1510-1
-
SUSE-SU-2018:1511-1
-
SUSE-SU-2018:1512-1
-
SUSE-SU-2018:1514-1
-
SUSE-SU-2018:1516-1
-
SUSE-SU-2018:1517-1
-
SUSE-SU-2018:1518-1
-
SUSE-SU-2018:1519-1
-
SUSE-SU-2018:1520-1
-
SUSE-SU-2018:1521-1
-
SUSE-SU-2018:1522-1
-
SUSE-SU-2018:1524-1
-
SUSE-SU-2018:1526-1
-
SUSE-SU-2018:1528-1
-
SUSE-SU-2018:1529-1
-
SUSE-SU-2018:1530-1
-
SUSE-SU-2018:1531-1
-
SUSE-SU-2018:1532-1
-
SUSE-SU-2018:1533-1
-
SUSE-SU-2018:1534-1
-
SUSE-SU-2018:1535-1
-
SUSE-SU-2018:1536-1
-
SUSE-SU-2018:1537-1
-
SUSE-SU-2018:1538-1
-
SUSE-SU-2018:1540-1
-
SUSE-SU-2018:1541-1
-
SUSE-SU-2018:1543-1
-
SUSE-SU-2018:1545-1
-
SUSE-SU-2018:1546-1
-
SUSE-SU-2018:1548-1
-
SUSE-SU-2018:1549-1
-
SUSE-SU-2018:1637-1
-
SUSE-SU-2018:1639-1
-
SUSE-SU-2018:1640-1
-
SUSE-SU-2018:1641-1
-
SUSE-SU-2018:1642-1
-
SUSE-SU-2018:1643-1
-
SUSE-SU-2018:1644-1
-
SUSE-SU-2018:1645-1
-
SUSE-SU-2018:1648-1
-
SUSE-SU-2020:1255-1
-
SUSE-SU-2020:1275-1
-
SUSE-SU-2020:1452-1
-
SUSE-SU-2020:1475-1
-
SUSE-SU-2020:1486-1
-
SUSE-SU-2020:1587-1
-
SUSE-SU-2020:1596-1
-
SUSE-SU-2020:1597-1
-
SUSE-SU-2020:1599-1
-
SUSE-SU-2020:1602-1
-
SUSE-SU-2020:1603-1
-
SUSE-SU-2020:1604-1
-
SUSE-SU-2020:1605-1
-
SUSE-SU-2020:1663-1
-
SUSE-SU-2020:1779-1
-
SUSE-SU-2020:2156-1
-
SUSE-SU-2020:2478-1
-
SUSE-SU-2020:2487-1
-
SUSE-SU-2021:3640-1
-
SUSE-SU-2021:3641-1
-
SUSE-SU-2021:3642-1
-
SUSE-SU-2021:3658-1
-
SUSE-SU-2021:3675-1
-
SUSE-SU-2021:3723-1
-
SUSE-SU-2021:3748-1
-
SUSE-SU-2021:3754-1
-
SUSE-SU-2021:3876-1
-
SUSE-SU-2021:3929-1
-
SUSE-SU-2021:3935-1
-
SUSE-SU-2021:3972-1
-
SUSE-SU-2022:0234-1
-
SUSE-SU-2022:0237-1
-
SUSE-SU-2022:0238-1
-
SUSE-SU-2022:0241-1
-
SUSE-SU-2022:0242-1
-
SUSE-SU-2022:0243-1
-
SUSE-SU-2022:0246-1
-
SUSE-SU-2022:0254-1
-
SUSE-SU-2022:0255-1
-
SUSE-SU-2022:0257-1
-
SUSE-SU-2022:0263-1
-
SUSE-SU-2022:0267-1
-
SUSE-SU-2022:0270-1
-
SUSE-SU-2022:0291-1
-
SUSE-SU-2022:0292-1
-
SUSE-SU-2022:0293-1
-
SUSE-SU-2022:0295-1
-
SUSE-SU-2022:0296-1
-
SUSE-SU-2022:0298-1
-
SUSE-SU-2022:0325-1
-
SUSE-SU-2022:0327-1
-
SUSE-SU-2022:0328-1
-
SUSE-SU-2022:2719-1
-
SUSE-SU-2022:2720-1
-
SUSE-SU-2022:2721-1
-
SUSE-SU-2022:2723-1
-
SUSE-SU-2022:2741-1
-
SUSE-SU-2022:2809-1
-
SUSE-SU-2022:2827-1
-
SUSE-SU-2022:2840-1
-
SUSE-SU-2022:2875-1
-
SUSE-SU-2022:2875-2
-
SUSE-SU-2022:2892-1
-
SUSE-SU-2022:2892-2
-
SUSE-SU-2022:2910-1
-
SUSE-SU-2022:3061-1
-
SUSE-SU-2022:3072-1
-
SUSE-SU-2022:3108-1
-
SUSE-SU-2022:3123-1
-
SUSE-SU-2022:3274-1
-
SUSE-SU-2022:3288-1
-
SUSE-SU-2022:3293-1
-
SUSE-SU-2022:3584-1
-
SUSE-SU-2022:3585-1
-
SUSE-SU-2022:3586-1
-
SUSE-SU-2022:3587-1
-
SUSE-SU-2022:3599-1
-
SUSE-SU-2022:3609-1
-
SUSE-SU-2022:3688-1
-
SUSE-SU-2022:3693-1
-
SUSE-SU-2022:3704-1
-
SUSE-SU-2022:3775-1
-
SUSE-SU-2022:3779-1
-
SUSE-SU-2022:3809-1
-
SUSE-SU-2022:3810-1
-
SUSE-SU-2022:3844-1
-
SUSE-SU-2022:4617-1
-
SUSE-SU-2023:0416-1
-
USN-3361-1
-
USN-4392-1
-
USN-4393-1
-
USN-4419-1
-
USN-4465-1
-
USN-4483-1
-
USN-4485-1
-
USN-4904-1
-
USN-5165-1
-
USN-5207-1
-
USN-5265-1
-
USN-5266-1
-
USN-5267-1
-
USN-5267-3
-
USN-5268-1
-
USN-5343-1
-
USN-5361-1
-
USN-5580-1
-
USN-5590-1
-
USN-5621-1
-
USN-5622-1
-
USN-5623-1
-
USN-5624-1
-
USN-5630-1
-
USN-5633-1
-
USN-5634-1
-
USN-5635-1
-
USN-5639-1
-
USN-5640-1
-
USN-5644-1
-
USN-5647-1
-
USN-5648-1
-
USN-5650-1
-
USN-5652-1
-
USN-5654-1
-
USN-5655-1
-
USN-5660-1
-
USN-5683-1
-
USN-5757-1
-
USN-5757-2
-
USN-5758-1
-
USN-5774-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2022-9969 |
|
|
| CVE | CVE-2017-13166 |
|
|
| CVE | CVE-2020-12654 |
|
|
| CVE | CVE-2020-10690 |
|
|
| CVE | CVE-2020-12655 |
|
|
| CVE | CVE-2015-1350 |
|
|
| CVE | CVE-2022-3239 |
|
|
| CVE | CVE-2022-36946 |
|
|
| CVE | CVE-2021-42739 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux |
 kernel-uek
|
< 4.1.12-124.68.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux |
kernel-uek
|
< 4.1.12-124.68.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-124.68.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-124.68.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-124.68.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-124.68.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-124.68.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-124.68.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-124.68.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-124.68.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-124.68.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-124.68.3.el6uek | oraclelinux-6 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |