Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2022-9557

Опубликовано: 05 июл. 2022
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELSA-2022-9557: Unbreakable Enterprise kernel security update (IMPORTANT)

[4.1.12-124.64.1]

  • iscsi-target: Fix the issue with shutdown_session removal (Gulam Mohamed) [Orabug: 29661566]
  • scsi: target: fix hang when multiple threads try to destroy the same iscsi session (Gulam Mohamed) [Orabug: 29661566]
  • scsi: target: remove boilerplate code (Gulam Mohamed) [Orabug: 29661566]
  • iscsi-target: remove usage of ->shutdown_session (Gulam Mohamed) [Orabug: 29661566]
  • Drop the left-over iscsi-target hack (Gulam Mohamed) [Orabug: 29661566]
  • can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path (Hangyu Hua) [Orabug: 34048290] {CVE-2022-28388}
  • can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path (Hangyu Hua) [Orabug: 34048329] {CVE-2022-28390}
  • floppy: use a statically allocated error counter (Willy Tarreau) [Orabug: 34218641] {CVE-2022-1652}

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

4.1.12-124.64.1.el6uek

kernel-uek-debug

4.1.12-124.64.1.el6uek

kernel-uek-debug-devel

4.1.12-124.64.1.el6uek

kernel-uek-devel

4.1.12-124.64.1.el6uek

kernel-uek-doc

4.1.12-124.64.1.el6uek

kernel-uek-firmware

4.1.12-124.64.1.el6uek

Oracle Linux 7

Oracle Linux x86_64

kernel-uek

4.1.12-124.64.1.el7uek

kernel-uek-debug

4.1.12-124.64.1.el7uek

kernel-uek-debug-devel

4.1.12-124.64.1.el7uek

kernel-uek-devel

4.1.12-124.64.1.el7uek

kernel-uek-doc

4.1.12-124.64.1.el7uek

kernel-uek-firmware

4.1.12-124.64.1.el7uek

Связанные CVE

CVE-2022-1652
CVE-2022-28388
CVE-2022-28390

Ссылки на источники

Связанные уязвимости

suse-cvrf логотип

SUSE-SU-2022:2082-1

suse-cvrf
около 3 лет назад

Security update for the Linux Kernel

suse-cvrf логотип

SUSE-SU-2022:2077-1

suse-cvrf
около 3 лет назад

Security update for the Linux Kernel

ubuntu логотип

CVE-2022-1652

CVSS3: 7.8
ubuntu
около 3 лет назад

Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.

redhat логотип

CVE-2022-1652

CVSS3: 7.8
redhat
около 3 лет назад

Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.

nvd логотип

CVE-2022-1652

CVSS3: 7.8
nvd
около 3 лет назад

Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.