Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2024-12806

Опубликовано: 01 нояб. 2024
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 7

Описание

ELSA-2024-12806: Unbreakable Enterprise kernel security update (IMPORTANT)

[4.1.12-124.91.3]

  • nfs_atomic_open(): prevent parallel nfs_lookup() on a negative hashed (Al Viro) [Orabug: 37006239]

[4.1.12-124.91.2]

  • vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37035560]

[4.1.12-124.91.1]

  • vt_ioctl: fix array_index_nospec in vt_setactivate (Jakob Koschel) [Orabug: 37101899] {CVE-2022-48804}
  • tty: vt_ioctl: fix potential Spectre v1 (Gustavo A. R. Silva) [Orabug: 37101899] {CVE-2022-48804}
  • USB: core: Fix hang in usb_kill_urb by adding memory barriers (Alan Stern) [Orabug: 37101883] {CVE-2022-48760}
  • smb: client: fix OOB in smbCalcSize() (Paulo Alcantara) [Orabug: 36165420] {CVE-2023-6606}

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

kernel-uek

4.1.12-124.91.3.el6uek

kernel-uek-debug

4.1.12-124.91.3.el6uek

kernel-uek-debug-devel

4.1.12-124.91.3.el6uek

kernel-uek-devel

4.1.12-124.91.3.el6uek

kernel-uek-doc

4.1.12-124.91.3.el6uek

kernel-uek-firmware

4.1.12-124.91.3.el6uek

Oracle Linux 7

Oracle Linux x86_64

kernel-uek

4.1.12-124.91.3.el7uek

kernel-uek-debug

4.1.12-124.91.3.el7uek

kernel-uek-debug-devel

4.1.12-124.91.3.el7uek

kernel-uek-devel

4.1.12-124.91.3.el7uek

kernel-uek-doc

4.1.12-124.91.3.el7uek

kernel-uek-firmware

4.1.12-124.91.3.el7uek

Связанные CVE

CVE-2023-6606
CVE-2022-48804
CVE-2022-48760

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2023-6606

CVSS3: 7.1
ubuntu
больше 1 года назад

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

redhat логотип

CVE-2023-6606

CVSS3: 7.1
redhat
больше 1 года назад

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

nvd логотип

CVE-2023-6606

CVSS3: 7.1
nvd
больше 1 года назад

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.

debian логотип

CVE-2023-6606

CVSS3: 7.1
debian
больше 1 года назад

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb ...

github логотип

GHSA-4m6w-vxqg-9rmm

CVSS3: 7.1
github
больше 1 года назад

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.