Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2022-9260

Опубликовано: 05 апр. 2022
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELSA-2022-9260: Unbreakable Enterprise kernel security update (IMPORTANT)

[4.1.12-124.61.2]

  • exec, elf: ignore invalid note data (Anthony Yznaga) [Orabug: 34023956]

[4.1.12-124.61.1]

  • drm/i915: Flush TLBs before releasing backing store (Tvrtko Ursulin) [Orabug: 33835812] {CVE-2022-0330}
  • drm/i915: Reduce locking in execlist command submission (Chris Wilson) [Orabug: 33835812] {CVE-2022-0330}
  • ipv4: make exception cache less predictible (Eric Dumazet) [Orabug: 33894531] {CVE-2021-20322}
  • route: also update fnhe_genid when updating a route cache (Xin Long) [Orabug: 33894531] {CVE-2021-20322}
  • ipv4: avoid using shared IP generator for connected sockets (Eric Dumazet) [Orabug: 33917058] {CVE-2020-36516}
  • sctp: add vtag check in sctp_sf_violation (Xin Long) [Orabug: 33924717] {CVE-2021-3772}
  • sctp: use init_tag from inithdr for ABORT chunk (Xin Long) [Orabug: 33924717] {CVE-2021-3772}
  • sr9700: sanity check for packet length (Oliver Neukum) [Orabug: 33962995] {CVE-2022-26966}

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

4.1.12-124.61.2.el6uek

kernel-uek-debug

4.1.12-124.61.2.el6uek

kernel-uek-debug-devel

4.1.12-124.61.2.el6uek

kernel-uek-devel

4.1.12-124.61.2.el6uek

kernel-uek-doc

4.1.12-124.61.2.el6uek

kernel-uek-firmware

4.1.12-124.61.2.el6uek

Oracle Linux 7

Oracle Linux x86_64

kernel-uek

4.1.12-124.61.2.el7uek

kernel-uek-debug

4.1.12-124.61.2.el7uek

kernel-uek-debug-devel

4.1.12-124.61.2.el7uek

kernel-uek-devel

4.1.12-124.61.2.el7uek

kernel-uek-doc

4.1.12-124.61.2.el7uek

kernel-uek-firmware

4.1.12-124.61.2.el7uek

Связанные CVE

CVE-2021-20322
CVE-2021-3772
CVE-2022-26966
CVE-2020-36516
CVE-2022-0330

Ссылки на источники

Связанные уязвимости

suse-cvrf логотип

SUSE-SU-2021:3848-1

suse-cvrf
больше 3 лет назад

Security update for the Linux Kernel

ubuntu логотип

CVE-2021-20322

CVSS3: 7.4
ubuntu
больше 3 лет назад

A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.

redhat логотип

CVE-2021-20322

CVSS3: 7.4
redhat
почти 4 года назад

A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.

nvd логотип

CVE-2021-20322

CVSS3: 7.4
nvd
больше 3 лет назад

A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.

debian логотип

CVE-2021-20322

CVSS3: 7.4
debian
больше 3 лет назад

A flaw in the processing of received ICMP errors (ICMP fragment needed ...