ELSA-2024-12606
- ULN >
- Oracle Linux Errata repository >
- ELSA-2024-12606
ELSA-2024-12606 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2024-09-02 |
Description
[4.1.12-124.89.4]
- isdn: mISDN: netjet: Fix crash in nj_probe: (Zheyu Ma) [Orabug: 36940405] {CVE-2021-47284}
- tracing: Restructure trace_clock_global() to never block (Steven Rostedt (VMware)) [Orabug: 36940388] {CVE-2021-46939}
- udf: Fix NULL pointer dereference in udf_symlink function (Arturo Giusti) [Orabug: 36806640] {CVE-2021-47353}
- media: pvrusb2: fix use after free on context disconnection (Ricardo B. Marliere) [Orabug: 36802294] {CVE-2023-52445}
- vt: fix memory overlapping when deleting chars in the buffer (Yangxi Xiang) [Orabug: 36802212] {CVE-2022-48627}
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Daniel Starke) [Orabug: 36678070] {CVE-2024-36016}
- netfilter: nftables: exthdr: fix 4-byte stack OOB write (Florian Westphal) [Orabug: 36654631] {CVE-2023-52628}
- dm: call the resume method on internal suspend (Mikulas Patocka) [Orabug: 36544879] {CVE-2024-26880}
- net/bnx2x: Prevent access to a freed page in page_pool (Thinh Tran) [Orabug: 36544783] {CVE-2024-26859}
- x86, relocs: Ignore relocations in .notes section (Kees Cook) [Orabug: 36531115] {CVE-2024-26816}
- netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter (Ryosuke Yasuoka) [Orabug: 36531057] {CVE-2024-26805}
- fbdev: savage: Error out if pixclock equals zero (Fullway Wang) [Orabug: 36530913] {CVE-2024-26778}
- ext4: fix double-free of blocks due to wrong extents moved_len (Baokun Li) [Orabug: 36530519] {CVE-2024-26704}
- sr9800: Add check for usbnet_get_endpoints (Chen Ni) [Orabug: 36530183] {CVE-2024-26651}
- llc: Drop support for ETH_P_TR_802_2. (Kuniyuki Iwashima) [Orabug: 36530047] {CVE-2024-26635}
- netfilter: nf_tables: Reject tables of unsupported family (Phil Sutter) [Orabug: 36192155] {CVE-2023-6040}
[4.1.12-124.89.3]
- wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (Minsuk Kang) [Orabug: 36802321] {CVE-2023-52594}
- batman-adv: Avoid infinite loop trying to resize local TT (Sven Eckelmann) [Orabug: 36643464] {CVE-2024-35982}
- Bluetooth: Fix memory leak in hci_req_sync_complete() (Dmitry Antipov) [Orabug: 36643456] {CVE-2024-35978}
- VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() (Harshit Mogalapalli) [Orabug: 36643323] {CVE-2024-35944}
- fbmon: prevent division by zero in fb_videomode_from_videomode() (Roman Smirnov) [Orabug: 36643194] {CVE-2024-35922}
[4.1.12-124.89.2]
- scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (Wenchao Hao) [Orabug: 36901390] {CVE-2023-52809}
- net: usb: fix memory leak in smsc75xx_bind (Pavel Skripkin) [Orabug: 36802200] {CVE-2021-47171}
- i2c: i801: Don't generate an interrupt on bus reset (Jean Delvare) [Orabug: 36792714] {CVE-2021-47153}
- pid: take a reference when initializing cad_pid (Mark Rutland) [Orabug: 36792687] {CVE-2021-47118}
- drm/vmwgfx: Fix invalid reads in fence signaled events (Zack Rusin) [Orabug: 36691531] {CVE-2024-36960}
- firewire: ohci: mask bus reset interrupts between ISR and bottom half (Adam Goldman) [Orabug: 36683507] {CVE-2024-36950}
- scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (Saurav Kashyap) [Orabug: 36683370] {CVE-2024-36919}
- net: fix out-of-bounds access in ops_init (Thadeu Lima de Souza Cascardo) [Orabug: 36683115] {CVE-2024-36883}
- netfilter: nf_tables: disallow timeout for anonymous sets (Pablo Neira Ayuso) [Orabug: 36654625] {CVE-2023-52620}
- team: fix null-ptr-deref when team device type is changed (Ziyang Xuan) [Orabug: 36654606] {CVE-2023-52574}
[4.1.12-124.89.1]
- tcp: do not accept ACK of bytes we never sent (Eric Dumazet) [Orabug: 36806731] {CVE-2023-52881}
- net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path (Miko Larsson) [Orabug: 36806698] {CVE-2023-52703}
- hwrng: core - Fix page fault dead lock on mmap-ed hwrng (Herbert Xu) [Orabug: 36806668] {CVE-2023-52615}
- mISDN: fix possible use-after-free in HFC_cleanup() (Zou Wei) [Orabug: 36806645] {CVE-2021-47356}
- net: ti: fix UAF in tlan_remove_one (Pavel Skripkin) [Orabug: 36806628] {CVE-2021-47310}
- net: cdc_eem: fix tx fixup skb leak (Linyu Yuan) [Orabug: 36806622] {CVE-2021-47236}
- usb: hub: Guard against accesses to uninitialized BOS descriptors (Ricardo Canuelo) [Orabug: 36802300] {CVE-2023-52477}
- USB: add quirk for devices with broken LPM (Alan Stern) [Orabug: 36802300] {CVE-2023-52477}
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (Yuxuan Hu) [Orabug: 36544991] {CVE-2024-26903}
- Bluetooth: Avoid potential use-after-free in hci_error_reset (Ying Hsu) [Orabug: 36531042] {CVE-2024-26801}
- ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (Baokun Li) [Orabug: 36530881] {CVE-2024-26772}
- inet: read sk->sk_family once in inet_recv_error() (Eric Dumazet) [Orabug: 36530348] {CVE-2024-26679}
- ppp_async: limit MRU to 64K (Eric Dumazet) [Orabug: 36530335] {CVE-2024-26675}
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 6 (x86_64) | kernel-uek-4.1.12-124.89.4.el6uek.src.rpm | 3c2f8a1d9bc907cb8bca0e87758d31977ca5c03142d7e5f5e49975746a6f89dc | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS |
| kernel-uek-4.1.12-124.89.4.el6uek.x86_64.rpm | ab5e4f7b4c7bfd54686098e7e1c0a8f77f5c333163296bb29cd7cb915348a83a | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| kernel-uek-debug-4.1.12-124.89.4.el6uek.x86_64.rpm | a51b3f1791edb783f0d1b039592d333e0efc6885a874fae349a1325dc85acbb2 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| kernel-uek-debug-devel-4.1.12-124.89.4.el6uek.x86_64.rpm | 7e854de2352b17197698344530eb52f3b843a301cc52d7fe6a34cdf7f682dbc7 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| kernel-uek-devel-4.1.12-124.89.4.el6uek.x86_64.rpm | 49d001af03087a1ed5c0cbb5d93a8f0ba63051bbf846cb5215b52cbf03d4273a | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| kernel-uek-doc-4.1.12-124.89.4.el6uek.noarch.rpm | b6d36544cb1b75587e288f3f664a1fbcb09fddfe981168b015af233638a7b7f7 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| kernel-uek-firmware-4.1.12-124.89.4.el6uek.noarch.rpm | d94b355907912f18a3e51fcfd01852e7eef52f71eb5ceccee2960bbd586c3384 | ELSA-2025-20007 | ol6_x86_64_UEKR4_ELS | |
| Oracle Linux 7 (x86_64) | kernel-uek-4.1.12-124.89.4.el7uek.src.rpm | c4bcc3f72f5dc3248c90eddde62be44a7bfcf0a3bb01e24da705948410a4e0d3 | ELSA-2025-20190 | ol7_x86_64_UEKR4 |
| kernel-uek-4.1.12-124.89.4.el7uek.x86_64.rpm | 8dd313ee50027337c75d6a595b4fe2e9fcd438d91928033648a7c7008e93bdb1 | ELSA-2025-20190 | ol7_x86_64_UEKR4 | |
| kernel-uek-debug-4.1.12-124.89.4.el7uek.x86_64.rpm | b9e11f58799dc914c8bf36c3e4cb7aa99ec4ee35c4134c3ed5b54f0af9b4ca4e | ELSA-2025-20190 | ol7_x86_64_UEKR4 | |
| kernel-uek-debug-devel-4.1.12-124.89.4.el7uek.x86_64.rpm | 192f192de53d0b569f53a4314e1b1f47f2b610740af25926a915a4f8d052bc02 | ELSA-2025-20190 | ol7_x86_64_UEKR4 | |
| kernel-uek-devel-4.1.12-124.89.4.el7uek.x86_64.rpm | 8abf0e9bf27a2fd9498296eb030d9529d3fb8656e2e6f7acedfce5bae6a5ce9c | ELSA-2025-20190 | ol7_x86_64_UEKR4 | |
| kernel-uek-doc-4.1.12-124.89.4.el7uek.noarch.rpm | 03556242f0fc4a36ed06557e0e25aa28ce4480637a387a5d557642710c52e154 | ELSA-2025-20190 | ol7_x86_64_UEKR4 | |
| kernel-uek-firmware-4.1.12-124.89.4.el7uek.noarch.rpm | 471bf659dc0cda4037d3ae52c2adbc10406187eb03240b75517c73e160532fcc | ELSA-2025-20007 | ol7_x86_64_UEKR4 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
