OVMSA-2023-0007 - Unbreakable Enterprise kernel security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2023-04-05 |
Description
[4.1.12-124.73.2]
- netfilter: nf_tables: fix null deref due to zeroed list head (Florian Westphal) [Orabug: 35181628] {CVE-2023-1095}
- sctp: fail if no bound addresses can be used for a given scope (Marcelo Ricardo Leitner) [Orabug: 35181461] {CVE-2023-1074}
- HID: check empty report_list in hid_validate_values() (Pietro Borrello) [Orabug: 35181168] {CVE-2023-1073}
- media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors (Will Deacon) [Orabug: 35180270] {CVE-2020-0404}
[4.1.12-124.73.1]
- mm/mincore.c: make mincore() more conservative (Jiri Kosina) [Orabug: 35133279] {CVE-2019-5489}
- mm: introduce vma_is_anonymous(vma) helper (Oleg Nesterov) [Orabug: 35133279]
- Revert 'Change mincore() to count 'mapped' pages rather than 'cached' pages' (Linus Torvalds) [Orabug: 35124616]
- ipv6: raw: Deduct extension header length in rawv6_push_pending_frames (Herbert Xu) [Orabug: 35005831] {CVE-2023-0394}
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3 (x86_64) | kernel-uek-4.1.12-124.73.2.el6uek.src.rpm | 11e84c471dd12e271ff0ac294252e86415575c1b3e64ab211a127d16a291d523 | OVMSA-2025-0001 | ovm3_x86_64_ELS |
| kernel-uek-4.1.12-124.73.2.el6uek.x86_64.rpm | 00546e1915bdbed61e997f07ca4a64dc33386fe3015f594ac1ff6066a98c329b | OVMSA-2025-0001 | ovm3_x86_64_ELS |
| kernel-uek-firmware-4.1.12-124.73.2.el6uek.noarch.rpm | 9e8202e1611b40a5756ba819d1bdcc0dbc54ab1ca02224f66535b0b8588c7687 | OVMSA-2025-0001 | ovm3_x86_64_ELS |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
