[ELSA-2023-12842] Unbreakable Enterprise kernel security update
Severity
Important
Affected Packages
12
CVEs
10
[4.1.12-124.79.2]
- net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free (valis) [Orabug: 35814273] {CVE-2023-4206}
- net/sched: sch_qfq: account for stab overhead in qfq_enqueue (Pedro Tammela) [Orabug: 35636291] {CVE-2023-3611}
- rds: Fix lack of reentrancy for connection reset with dst addr zero (Hakon Bugge) [Orabug: 35741584] [Orabug: 35818110] {CVE-2023-22024}
[4.1.12-124.79.1]
- xfrm: add NULL check in xfrm_update_ae_params (Lin Ma) [Orabug: 35754509] {CVE-2023-3772}
- net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() (Zixuan Fu) [Orabug: 35732892] {CVE-2023-4459}
- net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() (Zixuan Fu) [Orabug: 35732764] {CVE-2023-4387}
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free (M A Ramdhan) [Orabug: 35636313] {CVE-2023-3776}
- netfilter: nf_tables: prevent OOB access in nft_byteorder_eval (Thadeu Lima de Souza Cascardo) [Orabug: 35609787] {CVE-2023-35001}
- ext4: fix use-after-free in ext4_xattr_set_entry (Baokun Li) [Orabug: 35382025] {CVE-2023-2513}
- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (Baokun Li) [Orabug: 35382025] {CVE-2023-2513}
- netfilter: nf_tables: stricter validation of element data (Pablo Neira Ayuso) [Orabug: 34362008] {CVE-2022-34918}
- ID
- ELSA-2023-12842
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2023-12842.html
- Published
-
2023-10-03T00:00:00
(11 months ago) - Modified
-
2023-10-03T00:00:00
(11 months ago) - Rights
- Copyright 2023 Oracle, Inc.
- Other Advisories
-
-
ALAS-2022-1591
-
ALAS-2023-1744
-
ALAS-2023-1773
-
ALAS-2023-1783
-
ALAS-2023-1792
-
ALAS-2023-1827
-
ALAS-2023-1838
-
ALAS2-2022-1798
-
ALAS2-2023-2035
-
ALAS2-2023-2100
-
ALAS2-2023-2130
-
ALAS2-2023-2179
-
ALAS2-2023-2264
-
ALAS2-2023-2268
-
ALSA-2022:6610
-
ALSA-2023:5069
-
ALSA-2023:5244
-
ALSA-2023:7077
-
DSA-5191-1
-
DSA-5453-1
-
DSA-5480-1
-
DSA-5492-1
-
ELSA-2022-6610
-
ELSA-2022-9827
-
ELSA-2022-9830
-
ELSA-2023-12588
-
ELSA-2023-12590
-
ELSA-2023-12591
-
ELSA-2023-12798
-
ELSA-2023-12799
-
ELSA-2023-12800
-
ELSA-2023-12801
-
ELSA-2023-12802
-
ELSA-2023-12803
-
ELSA-2023-12858
-
ELSA-2023-12874
-
ELSA-2023-12875
-
ELSA-2023-12910
-
ELSA-2023-12911
-
ELSA-2023-5069
-
ELSA-2023-5244
-
ELSA-2023-5622
-
ELSA-2023-6583
-
ELSA-2023-7077
-
ELSA-2023-7423
-
ELSA-2024-1831
-
FEDORA-2023-3661f028b8
-
FEDORA-2023-e4e985b5dd
-
MS:CVE-2022-34918
-
MS:CVE-2023-2513
-
MS:CVE-2023-3611
-
MS:CVE-2023-3776
-
MS:CVE-2023-4206
-
openSUSE-SU-2022:2549-1
-
RHSA-2022:6582
-
RHSA-2022:6592
-
RHSA-2022:6610
-
RHSA-2023:2148
-
RHSA-2023:2458
-
RHSA-2023:5069
-
RHSA-2023:5091
-
RHSA-2023:5093
-
RHSA-2023:5221
-
RHSA-2023:5244
-
RHSA-2023:5255
-
RHSA-2023:5574
-
RHSA-2023:5621
-
RHSA-2023:5622
-
RHSA-2023:6901
-
RHSA-2023:7077
-
RHSA-2023:7419
-
RHSA-2023:7423
-
RHSA-2023:7424
-
RLSA-2023:5244
-
SSA:2022-237-02
-
SSA:2023-325-01
-
SUSE-SU-2022:2376-1
-
SUSE-SU-2022:2424-1
-
SUSE-SU-2022:2424-2
-
SUSE-SU-2022:2520-1
-
SUSE-SU-2022:2549-1
-
SUSE-SU-2022:2615-1
-
SUSE-SU-2022:2696-1
-
SUSE-SU-2022:2726-1
-
SUSE-SU-2022:2727-1
-
SUSE-SU-2022:2732-1
-
SUSE-SU-2022:2738-1
-
SUSE-SU-2022:2759-1
-
SUSE-SU-2022:2766-1
-
SUSE-SU-2022:2770-1
-
SUSE-SU-2022:2854-1
-
SUSE-SU-2023:2500-1
-
SUSE-SU-2023:2501-1
-
SUSE-SU-2023:2502-1
-
SUSE-SU-2023:2507-1
-
SUSE-SU-2023:2534-1
-
SUSE-SU-2023:2537-1
-
SUSE-SU-2023:2538-1
-
SUSE-SU-2023:2611-1
-
SUSE-SU-2023:2646-1
-
SUSE-SU-2023:2651-1
-
SUSE-SU-2023:2653-1
-
SUSE-SU-2023:2782-1
-
SUSE-SU-2023:2805-1
-
SUSE-SU-2023:2809-1
-
SUSE-SU-2023:2871-1
-
SUSE-SU-2023:3006-1
-
SUSE-SU-2023:3171-1
-
SUSE-SU-2023:3172-1
-
SUSE-SU-2023:3180-1
-
SUSE-SU-2023:3182-1
-
SUSE-SU-2023:3302-1
-
SUSE-SU-2023:3309-1
-
SUSE-SU-2023:3311-1
-
SUSE-SU-2023:3313-1
-
SUSE-SU-2023:3318-1
-
SUSE-SU-2023:3324-1
-
SUSE-SU-2023:3329-1
-
SUSE-SU-2023:3333-1
-
SUSE-SU-2023:3349-1
-
SUSE-SU-2023:3376-1
-
SUSE-SU-2023:3377-1
-
SUSE-SU-2023:3390-1
-
SUSE-SU-2023:3391-1
-
SUSE-SU-2023:3392-1
-
SUSE-SU-2023:3421-1
-
SUSE-SU-2023:3566-1
-
SUSE-SU-2023:3571-1
-
SUSE-SU-2023:3572-1
-
SUSE-SU-2023:3576-1
-
SUSE-SU-2023:3582-1
-
SUSE-SU-2023:3585-1
-
SUSE-SU-2023:3592-1
-
SUSE-SU-2023:3594-1
-
SUSE-SU-2023:3595-1
-
SUSE-SU-2023:3596-1
-
SUSE-SU-2023:3598-1
-
SUSE-SU-2023:3599-1
-
SUSE-SU-2023:3599-2
-
SUSE-SU-2023:3600-1
-
SUSE-SU-2023:3600-2
-
SUSE-SU-2023:3601-1
-
SUSE-SU-2023:3603-1
-
SUSE-SU-2023:3607-1
-
SUSE-SU-2023:3612-1
-
SUSE-SU-2023:3620-1
-
SUSE-SU-2023:3621-1
-
SUSE-SU-2023:3622-1
-
SUSE-SU-2023:3623-1
-
SUSE-SU-2023:3627-1
-
SUSE-SU-2023:3628-1
-
SUSE-SU-2023:3629-1
-
SUSE-SU-2023:3630-1
-
SUSE-SU-2023:3631-1
-
SUSE-SU-2023:3632-1
-
SUSE-SU-2023:3644-1
-
SUSE-SU-2023:3647-1
-
SUSE-SU-2023:3648-1
-
SUSE-SU-2023:3653-1
-
SUSE-SU-2023:3656-1
-
SUSE-SU-2023:3657-1
-
SUSE-SU-2023:3659-1
-
SUSE-SU-2023:3668-1
-
SUSE-SU-2023:3671-1
-
SUSE-SU-2023:3675-1
-
SUSE-SU-2023:3676-1
-
SUSE-SU-2023:3677-1
-
SUSE-SU-2023:3680-1
-
SUSE-SU-2023:3681-1
-
SUSE-SU-2023:3682-1
-
SUSE-SU-2023:3683-1
-
SUSE-SU-2023:3684-1
-
SUSE-SU-2023:3687-1
-
SUSE-SU-2023:3704-1
-
SUSE-SU-2023:3705-1
-
SUSE-SU-2023:3749-1
-
SUSE-SU-2023:3768-1
-
SUSE-SU-2023:3772-1
-
SUSE-SU-2023:3773-1
-
SUSE-SU-2023:3783-1
-
SUSE-SU-2023:3784-1
-
SUSE-SU-2023:3785-1
-
SUSE-SU-2023:3786-1
-
SUSE-SU-2023:3788-1
-
SUSE-SU-2023:3809-1
-
SUSE-SU-2023:3812-1
-
SUSE-SU-2023:3838-1
-
SUSE-SU-2023:3844-1
-
SUSE-SU-2023:3846-1
-
SUSE-SU-2023:3889-1
-
SUSE-SU-2023:3892-1
-
SUSE-SU-2023:3893-1
-
SUSE-SU-2023:3922-1
-
SUSE-SU-2023:3923-1
-
SUSE-SU-2023:3924-1
-
SUSE-SU-2023:3928-1
-
SUSE-SU-2023:3964-1
-
SUSE-SU-2023:3969-1
-
SUSE-SU-2023:3971-1
-
SUSE-SU-2023:3988-1
-
SUSE-SU-2023:4028-1
-
USN-5540-1
-
USN-5544-1
-
USN-5545-1
-
USN-5560-1
-
USN-5560-2
-
USN-5562-1
-
USN-5564-1
-
USN-5566-1
-
USN-5582-1
-
USN-6246-1
-
USN-6247-1
-
USN-6248-1
-
USN-6250-1
-
USN-6251-1
-
USN-6252-1
-
USN-6254-1
-
USN-6255-1
-
USN-6260-1
-
USN-6261-1
-
USN-6285-1
-
USN-6309-1
-
USN-6315-1
-
USN-6317-1
-
USN-6318-1
-
USN-6321-1
-
USN-6324-1
-
USN-6325-1
-
USN-6327-1
-
USN-6328-1
-
USN-6329-1
-
USN-6330-1
-
USN-6331-1
-
USN-6332-1
-
USN-6341-1
-
USN-6342-1
-
USN-6342-2
-
USN-6346-1
-
USN-6348-1
-
USN-6357-1
-
USN-6385-1
-
USN-6388-1
-
USN-6397-1
-
USN-6415-1
-
USN-6439-1
-
USN-6439-2
-
USN-6440-1
-
USN-6440-2
-
USN-6440-3
-
USN-6460-1
-
USN-6462-1
-
USN-6462-2
-
USN-6464-1
-
USN-6465-1
-
USN-6465-2
-
USN-6465-3
-
USN-6466-1
-
USN-6516-1
-
USN-6520-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2023-12842 |
|
|
| CVE | CVE-2022-34918 |
|
|
| CVE | CVE-2023-2513 |
|
|
| CVE | CVE-2023-4387 |
|
|
| CVE | CVE-2023-22024 |
|
|
| CVE | CVE-2023-3772 |
|
|
| CVE | CVE-2023-35001 |
|
|
| CVE | CVE-2023-4206 |
|
|
| CVE | CVE-2023-3611 |
|
|
| CVE | CVE-2023-4459 |
|
|
| CVE | CVE-2023-3776 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux |
 kernel-uek
|
< 4.1.12-124.79.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux |
kernel-uek
|
< 4.1.12-124.79.2.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-124.79.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-124.79.2.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-124.79.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-124.79.2.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-124.79.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-124.79.2.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-124.79.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-124.79.2.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-124.79.2.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-124.79.2.el6uek | oraclelinux-6 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |