ELSA-2023-12109

ULN >
Oracle Linux Errata repository >
ELSA-2023-12109

ELSA-2023-12109 - Unbreakable Enterprise kernel security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2023-02-07

Description

[4.1.12-124.71.3]
- USB: core: Prevent nested device-reset calls (Alan Stern) [Orabug: 34951641] {CVE-2022-4662}
- Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM (Luiz Augusto von Dentz) [Orabug: 34833307] {CVE-2022-42896} {CVE-2022-42896}
- Bluetooth: L2CAP: Introduce proper defines for PSM ranges (Johan Hedberg) [Orabug: 34833307]
- ext4: fix data corruption caused by overlapping unaligned and aligned IO (Lukas Czerner) [Orabug: 34190035]

[4.1.12-124.71.2]
- scsi: qla2xxx: Fix use after free in eh_abort path (Quinn Tran) [Orabug: 34970763]
- check-kabi provides exception on broken symbols (Alok Tiwari) [Orabug: 34742865]
- KABI validation broken on UEK4 for symbols change (Alok Tiwari) [Orabug: 34742865]
- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu (Maxim Mikityanskiy) [Orabug: 34719829] {CVE-2022-3564}
- Bluetooth: remove unneeded variable in l2cap_stream_rx (Prasanna Karthik) [Orabug: 34719829] {CVE-2022-3564}

[4.1.12-124.71.1]
- Bluetooth: L2CAP: Fix attempting to access uninitialized memory (Luiz Augusto von Dentz) [Orabug: 34951662] {CVE-2022-42895} {CVE-2022-42895}
- wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() (Dokyung Song) [Orabug: 34951546] {CVE-2022-3628}
- tcp/udp: Fix memory leak in ipv6_renew_options(). (Kuniyuki Iwashima) [Orabug: 34719347] {CVE-2022-3524}

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 6 (x86_64)	kernel-uek-4.1.12-124.71.3.el6uek.src.rpm	0e345d4d173226349855417a5a02ed467471b10f855ccfdef8a664f687b4b9b9	ELSA-2025-20007	ol6_x86_64_UEKR4_ELS
	kernel-uek-4.1.12-124.71.3.el6uek.x86_64.rpm	92d076e65453fbca0b711a8380a9906ed35e78119acf01f31a2652f88bbc2326	ELSA-2025-20007	ol6_x86_64_UEKR4_ELS
	kernel-uek-debug-4.1.12-124.71.3.el6uek.x86_64.rpm	4ae9007cd16a052b6cb41b8346b55646c8ab4cc300f86d29867756a68cda4992	ELSA-2025-20007	ol6_x86_64_UEKR4_ELS
	kernel-uek-debug-devel-4.1.12-124.71.3.el6uek.x86_64.rpm	e5981aff606741b3dbd2607c5c9988a045f2c65615acb63628d559aa0a35d060	ELSA-2025-20007	ol6_x86_64_UEKR4_ELS
	kernel-uek-devel-4.1.12-124.71.3.el6uek.x86_64.rpm	a0a2efabfa50cac29da8c248f8fd7fe927e2014e9070cd996fca9796367b58a8	ELSA-2025-20007	ol6_x86_64_UEKR4_ELS
	kernel-uek-doc-4.1.12-124.71.3.el6uek.noarch.rpm	6365765c9d042a6248b645d34a0a89b80c49fe669ac20d1998f0546c09704ab6	ELSA-2025-20007	ol6_x86_64_UEKR4_ELS
	kernel-uek-firmware-4.1.12-124.71.3.el6uek.noarch.rpm	0f8b8614dac9bee0da6b6d604b1965e02fe529945b63d21acc16762d89cb46d5	ELSA-2025-20007	ol6_x86_64_UEKR4_ELS

Oracle Linux 7 (x86_64)	kernel-uek-4.1.12-124.71.3.el7uek.src.rpm	0e645bd519542228aa1efc6017ab9feb8b65cd83cea89a354a84fa38e5cff5c5	ELSA-2025-20190	ol7_x86_64_UEKR4
	kernel-uek-4.1.12-124.71.3.el7uek.x86_64.rpm	bce24d546261234954b40dfd0132bfcde7ab2b75ba5417836fc217db59cb52ef	ELSA-2025-20190	ol7_x86_64_UEKR4
	kernel-uek-debug-4.1.12-124.71.3.el7uek.x86_64.rpm	711366129bb2413b58ed0abfe23b4a2e018bf2a0c0ac1a7196a44ea1cc6ef6f2	ELSA-2025-20190	ol7_x86_64_UEKR4
	kernel-uek-debug-devel-4.1.12-124.71.3.el7uek.x86_64.rpm	1c17585a4afbb2c70d400a338d3ec76eeeff27d958a1d1b20a1ec727bae61d31	ELSA-2025-20190	ol7_x86_64_UEKR4
	kernel-uek-devel-4.1.12-124.71.3.el7uek.x86_64.rpm	895c15bf53d87dbe231274cb1a533b4a915ba3e4224514d0cd0c64bf970c899b	ELSA-2025-20190	ol7_x86_64_UEKR4
	kernel-uek-doc-4.1.12-124.71.3.el7uek.noarch.rpm	f32b5e3fad673174787e8eaf4939f94686d81483dbd0c9e0bf351218d40ab7b1	ELSA-2025-20190	ol7_x86_64_UEKR4
	kernel-uek-firmware-4.1.12-124.71.3.el7uek.noarch.rpm	ee3a07c322a0752b978dd5497d43cf5ca4d3558003081deecfb2d181e93adf87	ELSA-2025-20007	ol7_x86_64_UEKR4

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691