Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELBA-2024-12467

Опубликовано: 28 июн. 2024
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELBA-2024-12467: Unbreakable Enterprise kernel bug fix update (NA)

[4.1.12-124.87.2]

  • net: sched: fix race condition in qdisc_graft() (Eric Dumazet) [Orabug: 35250827] {CVE-2023-0590}

[4.1.12-124.87.1]

  • ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet (Zhengchao Shao) [Orabug: 36654101] {CVE-2023-6932}
  • net: convert ip_mc_list.refcnt from atomic_t to refcount_t (Reshetova, Elena) [Orabug: 36654101]
  • net/sched: sch_hfsc: Ensure inner classes have fsc curve (Budimir Markovic) [Orabug: 35810544] {CVE-2023-4623}
  • tcp: Reduce chance of collisions in inet6_hashfn(). (Stewart Smith) [Orabug: 35754477] {CVE-2023-1206}

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

4.1.12-124.87.2.el6uek

kernel-uek-debug

4.1.12-124.87.2.el6uek

kernel-uek-debug-devel

4.1.12-124.87.2.el6uek

kernel-uek-devel

4.1.12-124.87.2.el6uek

kernel-uek-doc

4.1.12-124.87.2.el6uek

kernel-uek-firmware

4.1.12-124.87.2.el6uek

Oracle Linux 7

Oracle Linux x86_64

kernel-uek

4.1.12-124.87.2.el7uek

kernel-uek-debug

4.1.12-124.87.2.el7uek

kernel-uek-debug-devel

4.1.12-124.87.2.el7uek

kernel-uek-devel

4.1.12-124.87.2.el7uek

kernel-uek-doc

4.1.12-124.87.2.el7uek

kernel-uek-firmware

4.1.12-124.87.2.el7uek

Связанные CVE

CVE-2023-0590
CVE-2023-4623
CVE-2023-6932
CVE-2023-1206

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2023-0590

CVSS3: 4.7
ubuntu
около 2 лет назад

A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.

redhat логотип

CVE-2023-0590

CVSS3: 7
redhat
больше 2 лет назад

A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.

nvd логотип

CVE-2023-0590

CVSS3: 4.7
nvd
около 2 лет назад

A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.

msrc логотип

CVE-2023-0590

CVSS3: 4.7
msrc
около 2 лет назад

Описание отсутствует

debian логотип

CVE-2023-0590

CVSS3: 4.7
debian
около 2 лет назад

A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c ...