ELSA-2023-12109

ULN >
Oracle Linux Errata repository >
ELSA-2023-12109

ELSA-2023-12109 - Unbreakable Enterprise kernel security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2023-02-07

Description

[4.1.12-124.71.3]
- USB: core: Prevent nested device-reset calls (Alan Stern) [Orabug: 34951641] {CVE-2022-4662}
- Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM (Luiz Augusto von Dentz) [Orabug: 34833307] {CVE-2022-42896} {CVE-2022-42896}
- Bluetooth: L2CAP: Introduce proper defines for PSM ranges (Johan Hedberg) [Orabug: 34833307]
- ext4: fix data corruption caused by overlapping unaligned and aligned IO (Lukas Czerner) [Orabug: 34190035]

[4.1.12-124.71.2]
- scsi: qla2xxx: Fix use after free in eh_abort path (Quinn Tran) [Orabug: 34970763]
- check-kabi provides exception on broken symbols (Alok Tiwari) [Orabug: 34742865]
- KABI validation broken on UEK4 for symbols change (Alok Tiwari) [Orabug: 34742865]
- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu (Maxim Mikityanskiy) [Orabug: 34719829] {CVE-2022-3564}
- Bluetooth: remove unneeded variable in l2cap_stream_rx (Prasanna Karthik) [Orabug: 34719829] {CVE-2022-3564}

[4.1.12-124.71.1]
- Bluetooth: L2CAP: Fix attempting to access uninitialized memory (Luiz Augusto von Dentz) [Orabug: 34951662] {CVE-2022-42895} {CVE-2022-42895}
- wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() (Dokyung Song) [Orabug: 34951546] {CVE-2022-3628}
- tcp/udp: Fix memory leak in ipv6_renew_options(). (Kuniyuki Iwashima) [Orabug: 34719347] {CVE-2022-3524}

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 6 (x86_64)	kernel-uek-4.1.12-124.71.3.el6uek.src.rpm	3b82d77653fb327a56c6b0f80d694cbe	-
	kernel-uek-4.1.12-124.71.3.el6uek.x86_64.rpm	4fb73a9472c530940d440e325b5aa928	-
	kernel-uek-debug-4.1.12-124.71.3.el6uek.x86_64.rpm	10de7ddaa42061b3303134d0ac6a44ad	-
	kernel-uek-debug-devel-4.1.12-124.71.3.el6uek.x86_64.rpm	68e20b2357ddce47c520d4544eadfd4c	-
	kernel-uek-devel-4.1.12-124.71.3.el6uek.x86_64.rpm	462b6044c93777b61345413103423126	-
	kernel-uek-doc-4.1.12-124.71.3.el6uek.noarch.rpm	47140720d6cc4db67c6a8860838ef8ec	-
	kernel-uek-firmware-4.1.12-124.71.3.el6uek.noarch.rpm	49167a4fff055e86fa8f9fa0c676e90e	-

Oracle Linux 7 (x86_64)	kernel-uek-4.1.12-124.71.3.el7uek.src.rpm	53c12ae2dd4840101360077045a51928	-
	kernel-uek-4.1.12-124.71.3.el7uek.x86_64.rpm	cabe8852e4fee74eca7096e551e25ca8	-
	kernel-uek-debug-4.1.12-124.71.3.el7uek.x86_64.rpm	c0c99133b6a23ebe4b44728c4c55092a	-
	kernel-uek-debug-devel-4.1.12-124.71.3.el7uek.x86_64.rpm	f2f38bab9d97e7d7d217e822f28f3e68	-
	kernel-uek-devel-4.1.12-124.71.3.el7uek.x86_64.rpm	2b92d12e59b2cabde21bf3382dd3f850	-
	kernel-uek-doc-4.1.12-124.71.3.el7uek.noarch.rpm	51d2a83c37d47d488fe02251e86b9311	-
	kernel-uek-firmware-4.1.12-124.71.3.el7uek.noarch.rpm	53e92da6cfd7d7ca46859c7d954bb3c4	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691