OVMSA-2023-0007

ULN >
Oracle Linux Errata repository >
OVMSA-2023-0007

OVMSA-2023-0007 - Unbreakable Enterprise kernel security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2023-04-05

Description

[4.1.12-124.73.2]
- netfilter: nf_tables: fix null deref due to zeroed list head (Florian Westphal) [Orabug: 35181628] {CVE-2023-1095}
- sctp: fail if no bound addresses can be used for a given scope (Marcelo Ricardo Leitner) [Orabug: 35181461] {CVE-2023-1074}
- HID: check empty report_list in hid_validate_values() (Pietro Borrello) [Orabug: 35181168] {CVE-2023-1073}
- media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors (Will Deacon) [Orabug: 35180270] {CVE-2020-0404}

[4.1.12-124.73.1]
- mm/mincore.c: make mincore() more conservative (Jiri Kosina) [Orabug: 35133279] {CVE-2019-5489}
- mm: introduce vma_is_anonymous(vma) helper (Oleg Nesterov) [Orabug: 35133279]
- Revert 'Change mincore() to count 'mapped' pages rather than 'cached' pages' (Linus Torvalds) [Orabug: 35124616]
- ipv6: raw: Deduct extension header length in rawv6_push_pending_frames (Herbert Xu) [Orabug: 35005831] {CVE-2023-0394}

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle VM 3 (x86_64)	kernel-uek-4.1.12-124.73.2.el6uek.src.rpm	347670a1d18fabc0a7b528f5e40b4668	-
	kernel-uek-4.1.12-124.73.2.el6uek.x86_64.rpm	53fcf51c02827ea68bc9aa71abd46260	-
	kernel-uek-firmware-4.1.12-124.73.2.el6uek.noarch.rpm	09b8dbf9cfa187d37097c6e0dc6df772	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691