Описание
ELSA-2023-12323: Unbreakable Enterprise kernel security update (IMPORTANT)
[4.1.12-124.74.2]
- kvm: initialize all of the kvm_debugregs structure before sending it to userspace (Greg Kroah-Hartman) [Orabug: 35250098] {CVE-2023-1513}
- staging: rtl8712: fix use after free bugs (Dan Carpenter) [Orabug: 35212876] {CVE-2022-4095}
- staging: rtl8712: rtl8712_cmd.c: fixed comparison to null (Juliana Rodrigues) [Orabug: 35212876] {CVE-2022-4095}
- wifi: rndis_wlan: Prevent buffer overflow in rndis_query_oid (Szymon Heidrich) [Orabug: 35037715] {CVE-2023-23559}
[4.1.12-124.74.1]
- seq_buf: Fix overflow in seq_buf_putmem_hex() (Yun Zhou) [Orabug: 35217595] {CVE-2023-28772}
- net: mpls: fix stale pointer if allocation fails during device rename (Jakub Kicinski) [Orabug: 35181964] {CVE-2023-26545}
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
kernel-uek
4.1.12-124.74.2.el6uek
kernel-uek-debug
4.1.12-124.74.2.el6uek
kernel-uek-debug-devel
4.1.12-124.74.2.el6uek
kernel-uek-devel
4.1.12-124.74.2.el6uek
kernel-uek-doc
4.1.12-124.74.2.el6uek
kernel-uek-firmware
4.1.12-124.74.2.el6uek
Oracle Linux 7
Oracle Linux x86_64
kernel-uek
4.1.12-124.74.2.el7uek
kernel-uek-debug
4.1.12-124.74.2.el7uek
kernel-uek-debug-devel
4.1.12-124.74.2.el7uek
kernel-uek-devel
4.1.12-124.74.2.el7uek
kernel-uek-doc
4.1.12-124.74.2.el7uek
kernel-uek-firmware
4.1.12-124.74.2.el7uek
Ссылки на источники
Связанные уязвимости
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.
In the Linux kernel before 6.1.13, there is a double free in net/mpls/ ...