Опубликовано: 03 янв. 2023
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7
Описание
ELSA-2022-10108: Unbreakable Enterprise kernel security update (IMPORTANT)
[4.1.12-124.70.2]
- proc: proc_skip_spaces() shouldn't think it is working on C strings (Linus Torvalds) [Orabug: 34882781] {CVE-2022-4378}
- proc: avoid integer type confusion in get_proc_long (Linus Torvalds) [Orabug: 34882781] {CVE-2022-4378}
- netfilter: nf_conntrack_irc: Fix forged IP logic (David Leadbeater) [Orabug: 34872056] {CVE-2022-2663}
- r8152: Rate limit overflow messages (Andrew Gaul) [Orabug: 34719940] {CVE-2022-3594}
- HID: roccat: Fix use-after-free in roccat_read() (Hyunwoo Kim) [Orabug: 34670789] {CVE-2022-41850}
[4.1.12-124.70.1]
- usb: mon: make mmapped memory read only (Tadeusz Struk) [Orabug: 34820828] {CVE-2022-43750}
- sch_sfb: Also store skb len before calling child enqueue (Toke Hoiland-Jorgensen) [Orabug: 34731314] {CVE-2022-3586}
- sch_sfb: Don't assume the skb is still around after enqueueing to child (Toke Hoiland-Jorgensen) [Orabug: 34731314] {CVE-2022-3586}
- sch_sfb: keep backlog updated with qlen (WANG Cong) [Orabug: 34731314]
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
4.1.12-124.70.2.el6uek
kernel-uek-debug
4.1.12-124.70.2.el6uek
kernel-uek-debug-devel
4.1.12-124.70.2.el6uek
kernel-uek-devel
4.1.12-124.70.2.el6uek
kernel-uek-doc
4.1.12-124.70.2.el6uek
kernel-uek-firmware
4.1.12-124.70.2.el6uek
Oracle Linux 7
Oracle Linux x86_64
kernel-uek
4.1.12-124.70.2.el7uek
kernel-uek-debug
4.1.12-124.70.2.el7uek
kernel-uek-debug-devel
4.1.12-124.70.2.el7uek
kernel-uek-devel
4.1.12-124.70.2.el7uek
kernel-uek-doc
4.1.12-124.70.2.el7uek
kernel-uek-firmware
4.1.12-124.70.2.el7uek
