[ELSA-2023-12109] Unbreakable Enterprise kernel security update
[4.1.12-124.71.3]
- USB: core: Prevent nested device-reset calls (Alan Stern) [Orabug: 34951641] {CVE-2022-4662}
- Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM (Luiz Augusto von Dentz) [Orabug: 34833307] {CVE-2022-42896} {CVE-2022-42896}
- Bluetooth: L2CAP: Introduce proper defines for PSM ranges (Johan Hedberg) [Orabug: 34833307]
- ext4: fix data corruption caused by overlapping unaligned and aligned IO (Lukas Czerner) [Orabug: 34190035]
[4.1.12-124.71.2]
- scsi: qla2xxx: Fix use after free in eh_abort path (Quinn Tran) [Orabug: 34970763]
- check-kabi provides exception on broken symbols (Alok Tiwari) [Orabug: 34742865]
- KABI validation broken on UEK4 for symbols change (Alok Tiwari) [Orabug: 34742865]
- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu (Maxim Mikityanskiy) [Orabug: 34719829] {CVE-2022-3564}
- Bluetooth: remove unneeded variable in l2cap_stream_rx (Prasanna Karthik) [Orabug: 34719829] {CVE-2022-3564}
[4.1.12-124.71.1]
- Bluetooth: L2CAP: Fix attempting to access uninitialized memory (Luiz Augusto von Dentz) [Orabug: 34951662] {CVE-2022-42895} {CVE-2022-42895}
- wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() (Dokyung Song) [Orabug: 34951546] {CVE-2022-3628}
- tcp/udp: Fix memory leak in ipv6_renew_options(). (Kuniyuki Iwashima) [Orabug: 34719347] {CVE-2022-3524}
- ID
- ELSA-2023-12109
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2023-12109.html
- Published
-
2023-02-07T00:00:00
(19 months ago) - Modified
-
2023-02-07T00:00:00
(19 months ago) - Rights
- Copyright 2023 Oracle, Inc.
- Other Advisories
-
-
ALAS-2022-1645
-
ALAS-2023-1707
-
ALAS2-2022-1888
-
ALAS2-2022-1903
-
ALSA-2023:0951
-
ALSA-2023:2458
-
ALSA-2023:2951
-
ALSA-2023:4517
-
ALSA-2023:7077
-
ELSA-2023-0951
-
ELSA-2023-12008
-
ELSA-2023-12009
-
ELSA-2023-12017
-
ELSA-2023-12018
-
ELSA-2023-12117
-
ELSA-2023-12118
-
ELSA-2023-12119
-
ELSA-2023-12121
-
ELSA-2023-2458
-
ELSA-2023-2951
-
ELSA-2023-4151
-
ELSA-2023-4517
-
ELSA-2023-6583
-
ELSA-2023-7077
-
ELSA-2024-1249
-
MS:CVE-2022-4662
-
RHSA-2023:0951
-
RHSA-2023:0979
-
RHSA-2023:1008
-
RHSA-2023:2148
-
RHSA-2023:2458
-
RHSA-2023:2736
-
RHSA-2023:2951
-
RHSA-2023:4150
-
RHSA-2023:4151
-
RHSA-2023:4215
-
RHSA-2023:4517
-
RHSA-2023:4531
-
RHSA-2023:4541
-
RHSA-2023:6901
-
RHSA-2023:7077
-
RHSA-2024:1249
-
RHSA-2024:1323
-
RHSA-2024:1332
-
RLSA-2023:4517
-
SSA:2022-333-01
-
SUSE-SU-2022:3897-1
-
SUSE-SU-2022:3929-1
-
SUSE-SU-2022:3930-1
-
SUSE-SU-2022:3998-1
-
SUSE-SU-2022:4053-1
-
SUSE-SU-2022:4072-1
-
SUSE-SU-2022:4272-1
-
SUSE-SU-2022:4273-1
-
SUSE-SU-2022:4503-1
-
SUSE-SU-2022:4504-1
-
SUSE-SU-2022:4505-1
-
SUSE-SU-2022:4561-1
-
SUSE-SU-2022:4566-1
-
SUSE-SU-2022:4573-1
-
SUSE-SU-2022:4574-1
-
SUSE-SU-2022:4585-1
-
SUSE-SU-2022:4589-1
-
SUSE-SU-2022:4611-1
-
SUSE-SU-2022:4613-1
-
SUSE-SU-2022:4614-1
-
SUSE-SU-2022:4615-1
-
SUSE-SU-2022:4616-1
-
SUSE-SU-2022:4617-1
-
SUSE-SU-2023:0134-1
-
SUSE-SU-2023:0145-1
-
SUSE-SU-2023:0146-1
-
SUSE-SU-2023:0147-1
-
SUSE-SU-2023:0148-1
-
SUSE-SU-2023:0149-1
-
SUSE-SU-2023:0152-1
-
SUSE-SU-2023:0406-1
-
SUSE-SU-2023:0407-1
-
SUSE-SU-2023:0410-1
-
SUSE-SU-2023:0416-1
-
SUSE-SU-2023:0420-1
-
SUSE-SU-2023:0519-1
-
SUSE-SU-2023:0522-1
-
SUSE-SU-2023:0525-1
-
SUSE-SU-2023:0528-1
-
SUSE-SU-2023:0547-1
-
SUSE-SU-2023:0552-1
-
SUSE-SU-2023:0553-1
-
SUSE-SU-2023:0560-1
-
SUSE-SU-2023:0562-1
-
SUSE-SU-2023:0578-1
-
SUSE-SU-2023:0591-1
-
SUSE-SU-2023:0618-1
-
SUSE-SU-2023:0634-1
-
SUSE-SU-2023:0637-1
-
USN-5754-1
-
USN-5754-2
-
USN-5755-1
-
USN-5755-2
-
USN-5756-1
-
USN-5756-2
-
USN-5756-3
-
USN-5757-1
-
USN-5757-2
-
USN-5758-1
-
USN-5773-1
-
USN-5774-1
-
USN-5779-1
-
USN-5780-1
-
USN-5783-1
-
USN-5789-1
-
USN-5794-1
-
USN-5802-1
-
USN-5803-1
-
USN-5804-1
-
USN-5804-2
-
USN-5808-1
-
USN-5809-1
-
USN-5813-1
-
USN-5814-1
-
USN-5829-1
-
USN-5830-1
-
USN-5831-1
-
USN-5832-1
-
USN-5850-1
-
USN-5851-1
-
USN-5853-1
-
USN-5858-1
-
USN-5859-1
-
USN-5860-1
-
USN-5861-1
-
USN-5863-1
-
USN-5874-1
-
USN-5875-1
-
USN-5876-1
-
USN-5877-1
-
USN-5878-1
-
USN-5879-1
-
USN-5883-1
-
USN-5884-1
-
USN-5909-1
-
USN-5914-1
-
USN-5918-1
-
USN-5919-1
-
USN-5920-1
-
USN-5924-1
-
USN-5925-1
-
USN-5926-1
-
USN-5927-1
-
USN-5975-1
-
USN-5976-1
-
USN-6001-1
-
USN-6007-1
-
USN-6013-1
-
USN-6014-1
-
USN-6071-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2023-12109 |
|
|
| CVE | CVE-2022-3628 |
|
|
| CVE | CVE-2022-3524 |
|
|
| CVE | CVE-2022-42896 |
|
|
| CVE | CVE-2022-42895 |
|
|
| CVE | CVE-2022-4662 |
|
|
| CVE | CVE-2022-3564 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux |
 kernel-uek
|
< 4.1.12-124.71.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux |
kernel-uek
|
< 4.1.12-124.71.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-124.71.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-124.71.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-124.71.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-124.71.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-124.71.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-124.71.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-124.71.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-124.71.3.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-124.71.3.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-124.71.3.el6uek | oraclelinux-6 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |