ELSA-2024-12258

Опубликовано: 01 апр. 2024

Источник: oracle-oval

Платформа: Oracle Linux 6

Платформа: Oracle Linux 7

Описание

ELSA-2024-12258: Unbreakable Enterprise kernel security update (IMPORTANT)

[4.1.12-124.84.2]

netfilter: nf_tables: reject QUEUE/DROP verdict parameters (Florian Westphal) [Orabug: 36251327] {CVE-2024-1086}

[4.1.12-124.84.1]

mm: avoid conflict between MADV_DOEXEC and upstream advice values (Anthony Yznaga) [Orabug: 36334311]
kobject: Fix slab-out-of-bounds in fill_kobj_path() (Wang Hai) [Orabug: 35924076] {CVE-2023-45863}
kobject: Replace strncpy with memcpy (Guenter Roeck) [Orabug: 35924076]
net: xfrm: Fix xfrm_address_filter OOB read (Lin Ma) [Orabug: 35923517] {CVE-2023-39194}
net/xfrm: use kmemdup rather than duplicating its implementation (Andrzej Hajda) [Orabug: 35923517]

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

4.1.12-124.84.2.el6uek

kernel-uek-debug

4.1.12-124.84.2.el6uek

kernel-uek-debug-devel

4.1.12-124.84.2.el6uek

kernel-uek-devel

4.1.12-124.84.2.el6uek

kernel-uek-doc

4.1.12-124.84.2.el6uek

kernel-uek-firmware

4.1.12-124.84.2.el6uek

Oracle Linux 7

Oracle Linux x86_64

kernel-uek

4.1.12-124.84.2.el7uek

kernel-uek-debug

4.1.12-124.84.2.el7uek

kernel-uek-debug-devel

4.1.12-124.84.2.el7uek

kernel-uek-devel

4.1.12-124.84.2.el7uek

kernel-uek-doc

4.1.12-124.84.2.el7uek

kernel-uek-firmware

4.1.12-124.84.2.el7uek

Связанные CVE

CVE-2023-39194

CVE-2023-45863

CVE-2024-1086

Ссылки на источники

Связанные уязвимости

CVE-2023-39194

CVSS3: 3.2

ubuntu

почти 2 года назад

A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.