ELSA-2024-12570
- ULN >
- Oracle Linux Errata repository >
- ELSA-2024-12570
ELSA-2024-12570 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2024-08-05 |
Description
[4.1.12-124.88.3]
- crypto: pcrypt - Fix hungtask for PADATA_RESET (Lu Jialin) [Orabug: 36806710] {CVE-2023-52813}
- usbnet: sanity check for maxpacket (Oliver Neukum) [Orabug: 36806658] {CVE-2021-47495}
- phonet: fix rtm_phonet_notify() skb allocation (Eric Dumazet) [Orabug: 36683487] {CVE-2024-36946}
- wifi: nl80211: don't free NULL coalescing rule (Johannes Berg) [Orabug: 36683466] {CVE-2024-36941}
- bna: ensure the copied buf is NUL terminated (Bui Quang Minh) [Orabug: 36683433] {CVE-2024-36934}
- bna: use memdup_user to copy userspace buffers (Ivan Vecera) [Orabug: 36683433] {CVE-2024-36934}
- new helper: memdup_user_nul() (Al Viro) [Orabug: 36683433] {CVE-2024-36934}
- netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (Ziyang Xuan) [Orabug: 36598047] {CVE-2024-27020}
- netfilter: nf_tables: __nft_expr_type_get() selects specific family type (Pablo Neira Ayuso) [Orabug: 36598047] {CVE-2024-27020}
- net/mlx5e: drop shorter ethernet frames (Manjunath Patil) [Orabug: 36879159] {CVE-2024-41090} {CVE-2024-41091}
[4.1.12-124.88.2]
- net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (Shigeru Yoshida) [Orabug: 36802310] {CVE-2023-52528}
- usbnet/smsc75xx: silence uninitialized variable warning (Dan Carpenter) {CVE-2023-52528}
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (Thadeu Lima de Souza Cascardo) [Orabug: 36685663] {CVE-2023-52880}
- netfilter: nf_tables: disallow anonymous set with timeout flag (Pablo Neira Ayuso) [Orabug: 36530112] {CVE-2024-26642}
- ubi: Check for too small LEB size in VTBL code (Richard Weinberger) [Orabug: 36356637] {CVE-2024-25739}
[4.1.12-124.88.1]
- NFS: LOOKUP_DIRECTORY is also ok with symlinks (Trond Myklebust) [Orabug: 33958156] {CVE-2022-24448}
- NFSv4: Handle case where the lookup of a directory fails (Trond Myklebust) [Orabug: 33958156] {CVE-2022-24448}
Related CVEs
| CVE-2024-36941 |
| CVE-2024-36934 |
| CVE-2024-41091 |
| CVE-2024-26642 |
| CVE-2021-47495 |
| CVE-2024-27020 |
| CVE-2023-52880 |
| CVE-2022-24448 |
| CVE-2024-41090 |
| CVE-2024-25739 |
| CVE-2023-52528 |
| CVE-2023-52813 |
| CVE-2024-36946 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 6 (x86_64) | kernel-uek-4.1.12-124.88.3.el6uek.src.rpm | b6ba78d2da3e22107f91e06ee38f3e4ceabdcfef0d4953954ed751a305fb9b28 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS |
| kernel-uek-4.1.12-124.88.3.el6uek.x86_64.rpm | 09a44fd4119d62d14acfeb1003079bd9a87518d31b2a0dc57a411f05db324359 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| kernel-uek-debug-4.1.12-124.88.3.el6uek.x86_64.rpm | 386dc8ebd666375a31751b0a44f82aa67fa8c6a97812dc978d7ebc77b0ded4c3 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| kernel-uek-debug-devel-4.1.12-124.88.3.el6uek.x86_64.rpm | 853a35d5b12ffc3d2ca96d6d5c352ba5e623b0a778d62c246be2f3951c497c89 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| kernel-uek-devel-4.1.12-124.88.3.el6uek.x86_64.rpm | 7cbeafebd2e1c75bfa7918c0931ca26d695a4c06d67488c3ec96f91517b91cb0 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| kernel-uek-doc-4.1.12-124.88.3.el6uek.noarch.rpm | 3cfdccf8dda285e48dd155db508b6579c89aee256fe881110daec1cdc8521fa7 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| kernel-uek-firmware-4.1.12-124.88.3.el6uek.noarch.rpm | 092bf7c0057c30432480b361d75499eae27886ba4e2d0338f534a34b92fde4a9 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
