Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2023-12826

Опубликовано: 22 сент. 2023
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2023-12826: Unbreakable Enterprise kernel security update (IMPORTANT)

[4.14.35-2047.529.3.2]

  • netfilter: xt_sctp: validate the flag_info count (Wander Lairson Costa) [Orabug: 35824309]
  • netfilter: xt_u32: validate user space input (Wander Lairson Costa) [Orabug: 35824309]
  • netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c (Kyle Zeng) [Orabug: 35824309] {CVE-2023-42753}

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

kernel-uek

4.14.35-2047.529.3.2.el7uek

kernel-uek-debug

4.14.35-2047.529.3.2.el7uek

kernel-uek-debug-devel

4.14.35-2047.529.3.2.el7uek

kernel-uek-devel

4.14.35-2047.529.3.2.el7uek

kernel-uek-headers

4.14.35-2047.529.3.2.el7uek

kernel-uek-tools

4.14.35-2047.529.3.2.el7uek

kernel-uek-tools-libs

4.14.35-2047.529.3.2.el7uek

kernel-uek-tools-libs-devel

4.14.35-2047.529.3.2.el7uek

perf

4.14.35-2047.529.3.2.el7uek

python-perf

4.14.35-2047.529.3.2.el7uek

Oracle Linux x86_64

kernel-uek

4.14.35-2047.529.3.2.el7uek

kernel-uek-debug

4.14.35-2047.529.3.2.el7uek

kernel-uek-debug-devel

4.14.35-2047.529.3.2.el7uek

kernel-uek-devel

4.14.35-2047.529.3.2.el7uek

kernel-uek-doc

4.14.35-2047.529.3.2.el7uek

kernel-uek-tools

4.14.35-2047.529.3.2.el7uek

Связанные CVE

CVE-2023-42753

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2023-42753

CVSS3: 7
ubuntu
больше 1 года назад

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.

redhat логотип

CVE-2023-42753

CVSS3: 7
redhat
больше 1 года назад

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.

nvd логотип

CVE-2023-42753

CVSS3: 7
nvd
больше 1 года назад

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.

msrc логотип

CVE-2023-42753

CVSS3: 7.8
msrc
больше 1 года назад

Описание отсутствует

debian логотип

CVE-2023-42753

CVSS3: 7
debian
больше 1 года назад

An array indexing vulnerability was found in the netfilter subsystem o ...