[ELSA-2024-12606] Unbreakable Enterprise kernel security update
[4.1.12-124.89.4]
- isdn: mISDN: netjet: Fix crash in nj_probe: (Zheyu Ma) [Orabug: 36940405] {CVE-2021-47284}
- tracing: Restructure trace_clock_global() to never block (Steven Rostedt (VMware)) [Orabug: 36940388] {CVE-2021-46939}
- udf: Fix NULL pointer dereference in udf_symlink function (Arturo Giusti) [Orabug: 36806640] {CVE-2021-47353}
- media: pvrusb2: fix use after free on context disconnection (Ricardo B. Marliere) [Orabug: 36802294] {CVE-2023-52445}
- vt: fix memory overlapping when deleting chars in the buffer (Yangxi Xiang) [Orabug: 36802212] {CVE-2022-48627}
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Daniel Starke) [Orabug: 36678070] {CVE-2024-36016}
- netfilter: nftables: exthdr: fix 4-byte stack OOB write (Florian Westphal) [Orabug: 36654631] {CVE-2023-52628}
- dm: call the resume method on internal suspend (Mikulas Patocka) [Orabug: 36544879] {CVE-2024-26880}
- net/bnx2x: Prevent access to a freed page in page_pool (Thinh Tran) [Orabug: 36544783] {CVE-2024-26859}
- x86, relocs: Ignore relocations in .notes section (Kees Cook) [Orabug: 36531115] {CVE-2024-26816}
- netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter (Ryosuke Yasuoka) [Orabug: 36531057] {CVE-2024-26805}
- fbdev: savage: Error out if pixclock equals zero (Fullway Wang) [Orabug: 36530913] {CVE-2024-26778}
- ext4: fix double-free of blocks due to wrong extents moved_len (Baokun Li) [Orabug: 36530519] {CVE-2024-26704}
- sr9800: Add check for usbnet_get_endpoints (Chen Ni) [Orabug: 36530183] {CVE-2024-26651}
- llc: Drop support for ETH_P_TR_802_2. (Kuniyuki Iwashima) [Orabug: 36530047] {CVE-2024-26635}
- netfilter: nf_tables: Reject tables of unsupported family (Phil Sutter) [Orabug: 36192155] {CVE-2023-6040}
[4.1.12-124.89.3]
- wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (Minsuk Kang) [Orabug: 36802321] {CVE-2023-52594}
- batman-adv: Avoid infinite loop trying to resize local TT (Sven Eckelmann) [Orabug: 36643464] {CVE-2024-35982}
- Bluetooth: Fix memory leak in hci_req_sync_complete() (Dmitry Antipov) [Orabug: 36643456] {CVE-2024-35978}
- VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() (Harshit Mogalapalli) [Orabug: 36643323] {CVE-2024-35944}
- fbmon: prevent division by zero in fb_videomode_from_videomode() (Roman Smirnov) [Orabug: 36643194] {CVE-2024-35922}
[4.1.12-124.89.2]
- scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (Wenchao Hao) [Orabug: 36901390] {CVE-2023-52809}
- net: usb: fix memory leak in smsc75xx_bind (Pavel Skripkin) [Orabug: 36802200] {CVE-2021-47171}
- i2c: i801: Don't generate an interrupt on bus reset (Jean Delvare) [Orabug: 36792714] {CVE-2021-47153}
- pid: take a reference when initializing cad_pid (Mark Rutland) [Orabug: 36792687] {CVE-2021-47118}
- drm/vmwgfx: Fix invalid reads in fence signaled events (Zack Rusin) [Orabug: 36691531] {CVE-2024-36960}
- firewire: ohci: mask bus reset interrupts between ISR and bottom half (Adam Goldman) [Orabug: 36683507] {CVE-2024-36950}
- scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (Saurav Kashyap) [Orabug: 36683370] {CVE-2024-36919}
- net: fix out-of-bounds access in ops_init (Thadeu Lima de Souza Cascardo) [Orabug: 36683115] {CVE-2024-36883}
- netfilter: nf_tables: disallow timeout for anonymous sets (Pablo Neira Ayuso) [Orabug: 36654625] {CVE-2023-52620}
- team: fix null-ptr-deref when team device type is changed (Ziyang Xuan) [Orabug: 36654606] {CVE-2023-52574}
[4.1.12-124.89.1]
- tcp: do not accept ACK of bytes we never sent (Eric Dumazet) [Orabug: 36806731] {CVE-2023-52881}
- net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path (Miko Larsson) [Orabug: 36806698] {CVE-2023-52703}
- hwrng: core - Fix page fault dead lock on mmap-ed hwrng (Herbert Xu) [Orabug: 36806668] {CVE-2023-52615}
- mISDN: fix possible use-after-free in HFC_cleanup() (Zou Wei) [Orabug: 36806645] {CVE-2021-47356}
- net: ti: fix UAF in tlan_remove_one (Pavel Skripkin) [Orabug: 36806628] {CVE-2021-47310}
- net: cdc_eem: fix tx fixup skb leak (Linyu Yuan) [Orabug: 36806622] {CVE-2021-47236}
- usb: hub: Guard against accesses to uninitialized BOS descriptors (Ricardo Canuelo) [Orabug: 36802300] {CVE-2023-52477}
- USB: add quirk for devices with broken LPM (Alan Stern) [Orabug: 36802300] {CVE-2023-52477}
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (Yuxuan Hu) [Orabug: 36544991] {CVE-2024-26903}
- Bluetooth: Avoid potential use-after-free in hci_error_reset (Ying Hsu) [Orabug: 36531042] {CVE-2024-26801}
- ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (Baokun Li) [Orabug: 36530881] {CVE-2024-26772}
- inet: read sk->sk_family once in inet_recv_error() (Eric Dumazet) [Orabug: 36530348] {CVE-2024-26679}
- ppp_async: limit MRU to 64K (Eric Dumazet) [Orabug: 36530335] {CVE-2024-26675}
- ID
- ELSA-2024-12606
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2024-12606.html
- Published
-
2024-09-02T00:00:00
(2 weeks ago) - Modified
-
2024-09-02T00:00:00
(2 weeks ago) - Rights
- Copyright 2024 Oracle, Inc.
- Other Advisories
-
-
ALAS-2024-1899
-
ALAS-2024-1912
-
ALAS-2024-1937
-
ALAS2-2021-1685
-
ALAS2-2023-2328
-
ALAS2-2023-2340
-
ALAS2-2024-2391
-
ALAS2-2024-2443
-
ALAS2-2024-2542
-
ALAS2-2024-2549
-
ALAS2-2024-2581
-
ALAS2-2024-2584
-
ALAS2-2024-2615
-
ALSA-2024:3138
-
ALSA-2024:3618
-
ALSA-2024:4211
-
ALSA-2024:5101
-
DSA-5658-1
-
DSA-5681-1
-
DSA-5703-1
-
DSA-5730-1
-
ELSA-2024-12270
-
ELSA-2024-12581
-
ELSA-2024-12584
-
ELSA-2024-12585
-
ELSA-2024-12610
-
ELSA-2024-12611
-
ELSA-2024-12612
-
ELSA-2024-2394
-
ELSA-2024-3138
-
ELSA-2024-3618
-
ELSA-2024-4211
-
ELSA-2024-4349
-
ELSA-2024-4583
-
ELSA-2024-4928
-
ELSA-2024-5101
-
FEDORA-2024-2fcce4ffb7
-
FEDORA-2024-e95585dfb9
-
RHSA-2024:2950
-
RHSA-2024:3138
-
RHSA-2024:3618
-
RHSA-2024:3627
-
RHSA-2024:4211
-
RHSA-2024:4352
-
RHSA-2024:5101
-
RHSA-2024:5102
-
RLSA-2024:3138
-
RLSA-2024:3618
-
RLSA-2024:4211
-
RLSA-2024:4349
-
RLSA-2024:4583
-
RLSA-2024:4928
-
RLSA-2024:5101
-
SSA:2024-157-01
-
SUSE-SU-2024:0463-1
-
SUSE-SU-2024:0468-1
-
SUSE-SU-2024:0469-1
-
SUSE-SU-2024:0474-1
-
SUSE-SU-2024:0476-1
-
SUSE-SU-2024:0478-1
-
SUSE-SU-2024:0483-1
-
SUSE-SU-2024:0484-1
-
SUSE-SU-2024:0514-1
-
SUSE-SU-2024:0515-1
-
SUSE-SU-2024:0516-1
-
SUSE-SU-2024:0855-1
-
SUSE-SU-2024:0856-1
-
SUSE-SU-2024:0857-1
-
SUSE-SU-2024:0858-1
-
SUSE-SU-2024:0900-1
-
SUSE-SU-2024:0900-2
-
SUSE-SU-2024:0910-1
-
SUSE-SU-2024:0925-1
-
SUSE-SU-2024:0926-1
-
SUSE-SU-2024:0975-1
-
SUSE-SU-2024:0976-1
-
SUSE-SU-2024:0977-1
-
SUSE-SU-2024:1320-1
-
SUSE-SU-2024:1321-1
-
SUSE-SU-2024:1322-1
-
SUSE-SU-2024:1454-1
-
SUSE-SU-2024:1465-1
-
SUSE-SU-2024:1466-1
-
SUSE-SU-2024:1480-1
-
SUSE-SU-2024:1489-1
-
SUSE-SU-2024:1490-1
-
SUSE-SU-2024:1641-1
-
SUSE-SU-2024:1642-1
-
SUSE-SU-2024:1643-1
-
SUSE-SU-2024:1644-1
-
SUSE-SU-2024:1645-1
-
SUSE-SU-2024:1646-1
-
SUSE-SU-2024:1647-1
-
SUSE-SU-2024:1648-1
-
SUSE-SU-2024:1650-1
-
SUSE-SU-2024:1659-1
-
SUSE-SU-2024:1663-1
-
SUSE-SU-2024:1669-1
-
SUSE-SU-2024:1870-1
-
SUSE-SU-2024:1979-1
-
SUSE-SU-2024:1983-1
-
SUSE-SU-2024:2008-1
-
SUSE-SU-2024:2010-1
-
SUSE-SU-2024:2011-1
-
SUSE-SU-2024:2019-1
-
SUSE-SU-2024:2091-1
-
SUSE-SU-2024:2094-1
-
SUSE-SU-2024:2109-1
-
SUSE-SU-2024:2124-1
-
SUSE-SU-2024:2135-1
-
SUSE-SU-2024:2156-1
-
SUSE-SU-2024:2164-1
-
SUSE-SU-2024:2183-1
-
SUSE-SU-2024:2184-1
-
SUSE-SU-2024:2185-1
-
SUSE-SU-2024:2189-1
-
SUSE-SU-2024:2190-1
-
SUSE-SU-2024:2203-1
-
SUSE-SU-2024:2216-1
-
SUSE-SU-2024:2217-1
-
SUSE-SU-2024:2360-1
-
SUSE-SU-2024:2362-1
-
SUSE-SU-2024:2365-1
-
SUSE-SU-2024:2372-1
-
SUSE-SU-2024:2381-1
-
SUSE-SU-2024:2384-1
-
SUSE-SU-2024:2385-1
-
SUSE-SU-2024:2394-1
-
SUSE-SU-2024:2493-1
-
SUSE-SU-2024:2495-1
-
SUSE-SU-2024:2561-1
-
SUSE-SU-2024:2571-1
-
SUSE-SU-2024:2802-1
-
SUSE-SU-2024:2892-1
-
SUSE-SU-2024:2894-1
-
SUSE-SU-2024:2895-1
-
SUSE-SU-2024:2896-1
-
SUSE-SU-2024:2901-1
-
SUSE-SU-2024:2939-1
-
SUSE-SU-2024:2940-1
-
SUSE-SU-2024:2947-1
-
SUSE-SU-2024:2973-1
-
USN-6605-1
-
USN-6605-2
-
USN-6607-1
-
USN-6609-1
-
USN-6609-2
-
USN-6609-3
-
USN-6628-1
-
USN-6628-2
-
USN-6688-1
-
USN-6725-1
-
USN-6725-2
-
USN-6726-1
-
USN-6726-2
-
USN-6726-3
-
USN-6739-1
-
USN-6740-1
-
USN-6765-1
-
USN-6766-1
-
USN-6766-2
-
USN-6766-3
-
USN-6767-1
-
USN-6767-2
-
USN-6774-1
-
USN-6777-1
-
USN-6777-2
-
USN-6777-3
-
USN-6777-4
-
USN-6778-1
-
USN-6795-1
-
USN-6816-1
-
USN-6817-1
-
USN-6817-2
-
USN-6817-3
-
USN-6818-1
-
USN-6818-2
-
USN-6818-3
-
USN-6818-4
-
USN-6819-1
-
USN-6819-2
-
USN-6819-3
-
USN-6819-4
-
USN-6820-1
-
USN-6820-2
-
USN-6821-1
-
USN-6821-2
-
USN-6821-3
-
USN-6821-4
-
USN-6828-1
-
USN-6831-1
-
USN-6865-1
-
USN-6866-1
-
USN-6866-2
-
USN-6866-3
-
USN-6867-1
-
USN-6871-1
-
USN-6878-1
-
USN-6892-1
-
USN-6893-1
-
USN-6893-2
-
USN-6893-3
-
USN-6895-1
-
USN-6895-2
-
USN-6895-3
-
USN-6895-4
-
USN-6896-1
-
USN-6896-2
-
USN-6896-3
-
USN-6896-4
-
USN-6896-5
-
USN-6898-1
-
USN-6898-2
-
USN-6898-3
-
USN-6898-4
-
USN-6900-1
-
USN-6917-1
-
USN-6918-1
-
USN-6919-1
-
USN-6921-1
-
USN-6921-2
-
USN-6923-1
-
USN-6923-2
-
USN-6924-1
-
USN-6924-2
-
USN-6926-1
-
USN-6926-2
-
USN-6926-3
-
USN-6927-1
-
USN-6938-1
-
USN-6949-1
-
USN-6949-2
-
USN-6950-1
-
USN-6950-2
-
USN-6950-3
-
USN-6950-4
-
USN-6951-1
-
USN-6951-2
-
USN-6951-3
-
USN-6951-4
-
USN-6952-1
-
USN-6952-2
-
USN-6953-1
-
USN-6955-1
-
USN-6956-1
-
USN-6957-1
-
USN-6972-1
-
USN-6972-2
-
USN-6972-3
-
USN-6972-4
-
USN-6976-1
-
USN-6979-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-7 | oraclelinux |
 kernel-uek
|
< 4.1.12-124.89.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-6 | oraclelinux |
kernel-uek
|
< 4.1.12-124.89.4.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-7 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-124.89.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-firmware?distro=oraclelinux-6 | oraclelinux |
kernel-uek-firmware
|
< 4.1.12-124.89.4.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-7 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-124.89.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-6 | oraclelinux |
kernel-uek-doc
|
< 4.1.12-124.89.4.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-124.89.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-devel
|
< 4.1.12-124.89.4.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-124.89.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug
|
< 4.1.12-124.89.4.el6uek | oraclelinux-6 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-7 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-124.89.4.el7uek | oraclelinux-7 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-6 | oraclelinux |
kernel-uek-debug-devel
|
< 4.1.12-124.89.4.el6uek | oraclelinux-6 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |