ELSA-2023-12842

ELSA-2023-12842 - Unbreakable Enterprise kernel security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2023-10-03

Description

[4.1.12-124.79.2]
- net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free (valis) [Orabug: 35814273] {CVE-2023-4206}
- net/sched: sch_qfq: account for stab overhead in qfq_enqueue (Pedro Tammela) [Orabug: 35636291] {CVE-2023-3611}
- rds: Fix lack of reentrancy for connection reset with dst addr zero (Hakon Bugge) [Orabug: 35741584] [Orabug: 35818110] {CVE-2023-22024}

[4.1.12-124.79.1]
- xfrm: add NULL check in xfrm_update_ae_params (Lin Ma) [Orabug: 35754509] {CVE-2023-3772}
- net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() (Zixuan Fu) [Orabug: 35732892] {CVE-2023-4459}
- net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() (Zixuan Fu) [Orabug: 35732764] {CVE-2023-4387}
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free (M A Ramdhan) [Orabug: 35636313] {CVE-2023-3776}
- netfilter: nf_tables: prevent OOB access in nft_byteorder_eval (Thadeu Lima de Souza Cascardo) [Orabug: 35609787] {CVE-2023-35001}
- ext4: fix use-after-free in ext4_xattr_set_entry (Baokun Li) [Orabug: 35382025] {CVE-2023-2513}
- ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (Baokun Li) [Orabug: 35382025] {CVE-2023-2513}
- netfilter: nf_tables: stricter validation of element data (Pablo Neira Ayuso) [Orabug: 34362008] {CVE-2022-34918}

Related CVEs

CVE-2022-34918

CVE-2023-2513

CVE-2023-4387

CVE-2023-22024

CVE-2023-3772

CVE-2023-35001

CVE-2023-4206

CVE-2023-3611

CVE-2023-4459

CVE-2023-3776

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 6 (x86_64)	kernel-uek-4.1.12-124.79.2.el6uek.src.rpm	275e5e10959b7cb76d6f6e51a0da89b480eb8f86b9a331311de4f50d3948ff8b	ELSA-2025-20007	ol6_x86_64_UEKR4_ELS
	kernel-uek-4.1.12-124.79.2.el6uek.x86_64.rpm	87f8297571cafc4e678b43b48e10db1131bb4f72c5de7594a6d9f09b2172158b	ELSA-2025-20007	ol6_x86_64_UEKR4_ELS
	kernel-uek-debug-4.1.12-124.79.2.el6uek.x86_64.rpm	641ecba69804eaaa2a216465dc11523a038a9efb61116a8546ec68d6ca703e8b	ELSA-2025-20007	ol6_x86_64_UEKR4_ELS
	kernel-uek-debug-devel-4.1.12-124.79.2.el6uek.x86_64.rpm	69a0884b9da094bc9bac3af7bb65e2a93d65c3967534669a67146abf9b7ef7ba	ELSA-2025-20007	ol6_x86_64_UEKR4_ELS
	kernel-uek-devel-4.1.12-124.79.2.el6uek.x86_64.rpm	1e4c755c3a6e18aea914f274a4c006066d8a0b693ab2dfb1d7bf09abd56ffa80	ELSA-2025-20007	ol6_x86_64_UEKR4_ELS
	kernel-uek-doc-4.1.12-124.79.2.el6uek.noarch.rpm	112e7b74af97ea5375b30983d7ec49a746d8aa8baddd59752a3d8a4f48ae5f23	ELSA-2025-20007	ol6_x86_64_UEKR4_ELS
	kernel-uek-firmware-4.1.12-124.79.2.el6uek.noarch.rpm	90530aa0df92e43a4be502381a3d25e14492162042e04386ad0c76c550488b25	ELSA-2025-20007	ol6_x86_64_UEKR4_ELS
Oracle Linux 7 (x86_64)	kernel-uek-4.1.12-124.79.2.el7uek.src.rpm	de3cdc4d2b154505e9f1ddd21b4750b98bb0592f7d755d97011f856e5950314e	ELSA-2025-20190	ol7_x86_64_UEKR4
	kernel-uek-4.1.12-124.79.2.el7uek.x86_64.rpm	b7f1550878b5b976e47982b0bfa7d44733d057343adbc374b1fc7e32f56ef2f3	ELSA-2025-20190	ol7_x86_64_UEKR4
	kernel-uek-debug-4.1.12-124.79.2.el7uek.x86_64.rpm	d33a4f7a069b963253653040aec6835f0b372f809eec2e34506ca6f75f5af2a6	ELSA-2025-20190	ol7_x86_64_UEKR4
	kernel-uek-debug-devel-4.1.12-124.79.2.el7uek.x86_64.rpm	d5e3c9c9b751fba6efb9c225387c37da0199e4b036519b30cea4fa4b5013036c	ELSA-2025-20190	ol7_x86_64_UEKR4
	kernel-uek-devel-4.1.12-124.79.2.el7uek.x86_64.rpm	a4d6cfe01980bec5db10e65de4f1eb01f70ff255cfa94ba8a29bfb3ce4474510	ELSA-2025-20190	ol7_x86_64_UEKR4
	kernel-uek-doc-4.1.12-124.79.2.el7uek.noarch.rpm	2ade25550474a010a06ab5025894811384ae4f641724e16c14427884faaf42e0	ELSA-2025-20190	ol7_x86_64_UEKR4
	kernel-uek-firmware-4.1.12-124.79.2.el7uek.noarch.rpm	9192e3089bb400d49a0540ac95165af013afa030496bbbc3f38413b814a55c56	ELSA-2025-20007	ol7_x86_64_UEKR4

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team