OVMSA-2023-0001 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2023-01-04 |
Description
[4.1.12-124.70.2]
- proc: proc_skip_spaces() shouldn't think it is working on C strings (Linus Torvalds) [Orabug: 34882781] {CVE-2022-4378}
- proc: avoid integer type confusion in get_proc_long (Linus Torvalds) [Orabug: 34882781] {CVE-2022-4378}
- netfilter: nf_conntrack_irc: Fix forged IP logic (David Leadbeater) [Orabug: 34872056] {CVE-2022-2663}
- r8152: Rate limit overflow messages (Andrew Gaul) [Orabug: 34719940] {CVE-2022-3594}
- HID: roccat: Fix use-after-free in roccat_read() (Hyunwoo Kim) [Orabug: 34670789] {CVE-2022-41850}
[4.1.12-124.70.1]
- usb: mon: make mmapped memory read only (Tadeusz Struk) [Orabug: 34820828] {CVE-2022-43750}
- sch_sfb: Also store skb len before calling child enqueue (Toke Hoiland-Jorgensen) [Orabug: 34731314] {CVE-2022-3586}
- sch_sfb: Don't assume the skb is still around after enqueueing to child (Toke Hoiland-Jorgensen) [Orabug: 34731314] {CVE-2022-3586}
- sch_sfb: keep backlog updated with qlen (WANG Cong) [Orabug: 34731314]
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3 (x86_64) | kernel-uek-4.1.12-124.70.2.el6uek.src.rpm | 63bbd3eba97ad8808ca61a142e5740c8a6127c508dab29423bc2140633a46d14 | OVMSA-2025-0001 | ovm3_x86_64_ELS |
| kernel-uek-4.1.12-124.70.2.el6uek.x86_64.rpm | 2c4404ba23f844b99dbff3e2d73ac22143249d5dab1b4d32f1148047082e6d95 | OVMSA-2025-0001 | ovm3_x86_64_ELS |
| kernel-uek-firmware-4.1.12-124.70.2.el6uek.noarch.rpm | c7559925f0ac5b6513f3379f9e5f8f79982bef20804c58bf8e35b89f9f1f7909 | OVMSA-2025-0001 | ovm3_x86_64_ELS |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
