Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2022-9667

Опубликовано: 02 авг. 2022
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELSA-2022-9667: Unbreakable Enterprise kernel security update (IMPORTANT)

[4.1.12-124.65.1]

  • cgroup-v1: Require capabilities to set release_agent (Eric W. Biederman) [Orabug: 33825689] {CVE-2022-0492}
  • ocfs2: kill EBUSY from dlmfs_evict_inode (Junxiao Bi) [Orabug: 34091904]
  • ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock (Junxiao Bi via Ocfs2-devel) [Orabug: 34091904]
  • ocfs2: dlmfs: don't clear USER_LOCK_ATTACHED when destroying lock (Junxiao Bi) [Orabug: 34091904]
  • uek: kabi: new kABI symbols by USM and fix kABI files (Saeed Mirzamohammadi) [Orabug: 34233929]
  • netfilter: nf_tables: disallow non-stateful expression in sets earlier (Pablo Neira Ayuso) [Orabug: 34247343] {CVE-2022-32250}
  • netfilter: nf_tables: fix memory leak if expr init fails (Liping Zhang) [Orabug: 34247343]
  • floppy: disable FDRAWCMD by default (Willy Tarreau) [Orabug: 34308428] {CVE-2022-33981}

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

4.1.12-124.65.1.el6uek

kernel-uek-debug

4.1.12-124.65.1.el6uek

kernel-uek-debug-devel

4.1.12-124.65.1.el6uek

kernel-uek-devel

4.1.12-124.65.1.el6uek

kernel-uek-doc

4.1.12-124.65.1.el6uek

kernel-uek-firmware

4.1.12-124.65.1.el6uek

Oracle Linux 7

Oracle Linux x86_64

kernel-uek

4.1.12-124.65.1.el7uek

kernel-uek-debug

4.1.12-124.65.1.el7uek

kernel-uek-debug-devel

4.1.12-124.65.1.el7uek

kernel-uek-devel

4.1.12-124.65.1.el7uek

kernel-uek-doc

4.1.12-124.65.1.el7uek

kernel-uek-firmware

4.1.12-124.65.1.el7uek

Связанные CVE

CVE-2022-33981
CVE-2022-32250
CVE-2022-0492

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2022-33981

CVSS3: 3.3
ubuntu
около 3 лет назад

drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.

redhat логотип

CVE-2022-33981

CVSS3: 3.3
redhat
около 3 лет назад

drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.

nvd логотип

CVE-2022-33981

CVSS3: 3.3
nvd
около 3 лет назад

drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.

msrc логотип

CVE-2022-33981

CVSS3: 3.3
msrc
почти 3 года назад

Описание отсутствует

debian логотип

CVE-2022-33981

CVSS3: 3.3
debian
около 3 лет назад

drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable ...